urlscan.io logo urlscan.io
SecurityTrails logo

www.sanook.com Open in urlscan Pro
61.91.93.41  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sanook.com/
Effective URL: https://www.sanook.com/
Submission Tags: falconsandbox
Submission: On May 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 89 IPs in 14 countries across 81 domains to perform 327 HTTP transactions. The main IP is 61.91.93.41, located in Bangkok, Thailand and belongs to TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH. The main domain is www.sanook.com. The Cisco Umbrella rank of the primary domain is 69118.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 7th 2022. Valid for: a year.
This is the only time www.sanook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 203.151.133.2 4618 (INET-TH-A...)
1 6 61.91.93.41 7470 (TRUEINTER...)
79 43.152.28.33 139341 (ACE-AS-AP...)
1 2a02:2638:d::2 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
2 203.154.58.217 4618 (INET-TH-A...)
4 61.91.94.165 7470 (TRUEINTER...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.162 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
5 2.18.233.180 16625 (AKAMAI-AS)
1 61.91.93.46 7470 (TRUEINTER...)
1 4 2a02:2638:3::c 44788 (ASN-CRITE...)
2 8 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2001:4860:480... 15169 (GOOGLE)
2 13.32.99.105 16509 (AMAZON-02)
3 23.215.19.214 16625 (AKAMAI-AS)
1 178.250.1.11 44788 (ASN-CRITE...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 119.81.216.16 36351 (SOFTLAYER)
17 2a00:1450:400... 15169 (GOOGLE)
5 185.64.189.112 62713 (AS-PUBMATIC)
6 2a02:2638:3::7 44788 (ASN-CRITE...)
13 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 4 185.64.190.78 62713 (AS-PUBMATIC)
1 1 185.29.132.241 30419 (MEDIAMATH...)
15 185.64.191.210 62713 (AS-PUBMATIC)
1 1 193.0.160.130 54312 (ROCKETFUEL)
8 185.64.190.80 62713 (AS-PUBMATIC)
1 1 178.250.1.9 44788 (ASN-CRITE...)
2 2 213.155.156.183 1299 (TWELVE99 ...)
3 6 185.89.210.20 29990 (ASN-APPNEX)
2 4 52.94.222.140 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
5 5 54.220.255.219 16509 (AMAZON-02)
9 11 142.250.186.66 15169 (GOOGLE)
1 1 185.86.139.93 201081 (SMARTADSE...)
1 1 198.148.27.139 19189 (PULSEPOINT)
2 2 151.101.130.49 54113 (FASTLY)
1 2 63.33.105.75 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 3.215.146.42 14618 (AMAZON-AES)
3 4 37.157.2.229 198622 (ADFORM)
1 2 35.204.74.118 396982 (GOOGLE-CL...)
5 15.197.193.217 16509 (AMAZON-02)
2 2 3.71.149.231 16509 (AMAZON-02)
3 198.47.127.20 62713 (AS-PUBMATIC)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
3 3 3.120.144.155 16509 (AMAZON-02)
2 2 3.121.249.106 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 98.98.134.242 21859 (ZEN-ECN)
2 2.18.232.7 16625 (AKAMAI-AS)
1 77.245.57.78 36057 (WEBAIR-IN...)
1 2602:803:c004... 26667 (RUBICONPR...)
2 35.244.159.8 15169 (GOOGLE)
1 104.18.24.185 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
2 23.37.63.179 16625 (AKAMAI-AS)
1 104.18.11.47 13335 (CLOUDFLAR...)
1 23.32.184.180 16625 (AKAMAI-AS)
1 23 2a00:1450:400... 15169 (GOOGLE)
2 7 185.80.39.216 27381 (CASALE-MEDIA)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 209.54.182.161 16509 (AMAZON-02)
3 3 46.228.164.11 56396 (AMOBEE)
1 2a05:d018:cc3... 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 104.18.10.47 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 4 69.173.144.139 26667 (RUBICONPR...)
3 5 69.173.144.165 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 13.228.87.248 16509 (AMAZON-02)
3 52.222.208.154 16509 (AMAZON-02)
2 35.171.236.105 14618 (AMAZON-AES)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.107.231.31 396982 (GOOGLE-CL...)
3 162.19.138.119 16276 (OVH)
1 108.128.51.215 16509 (AMAZON-02)
5 185.64.190.82 62713 (AS-PUBMATIC)
2 162.19.138.83 16276 (OVH)
1 151.101.194.137 54113 (FASTLY)
1 1 54.156.183.173 14618 (AMAZON-AES)
1 64.95.96.108 32475 (SINGLEHOP...)
1 35.186.193.173 15169 (GOOGLE)
1 1 35.214.153.92 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 195.5.165.20 44968 (IPROM-AS)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 1 141.94.161.158 16276 (OVH)
2 2 141.94.171.216 16276 (OVH)
1 1 52.220.229.2 16509 (AMAZON-02)
4 4 213.19.147.44 3356 (LEVEL3)
1 162.55.120.196 24940 (HETZNER-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.121 42697 (NETIC-AS)
1 1 141.94.171.215 16276 (OVH)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 185.89.211.12 29990 (ASN-APPNEX)
1 1 164.92.213.94 14061 (DIGITALOC...)
1 162.247.243.29 54113 (FASTLY)
327 89
1    203.151.133.2 (Mueang Samut Prakan, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 2.134.151.203.sta.inet.co.th
sanook.com
6    61.91.93.41 (Bangkok, Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-93-41.static.asianet.co.th
www.sanook.com
graph.sanook.com
79    43.152.28.33 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)
s.isanook.com
p3.isanook.com
1    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    203.154.58.217 (Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 203-154-58-217.northern.inet.co.th
lvs2.truehits.in.th
4    61.91.94.165 (Bangkok, Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-94-165.static.asianet.co.th
sal.isanook.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
www.googleadservices.com
3    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    61.91.93.46 (Bangkok, Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-93-46.static.asianet.co.th
sloth-api.sanook.com
4    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
8    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2606:4700::6812:d941 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.izooto.com
3    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    13.32.99.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net
sb.scorecardresearch.com
3    23.215.19.214 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-19-214.deploy.static.akamaitechnologies.com
avd.innity.net
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
4    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    119.81.216.16 (Singapore)

ASN36351 (SOFTLAYER, US)
PTR: 10.d8.5177.ip4.static.sl-reverse.com
avd.innity.com
17    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
5    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
6    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
13    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
3    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com
e2c8d9bc0e74cc2f08f71b7a455426b3.safeframe.googlesyndication.com
4    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
15    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
8    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.155.156.183 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
6    185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
4    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    85.114.159.118 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
5    54.220.255.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-255-219.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
11    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
1    185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    63.33.105.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-105-75.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    3.215.146.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-146-42.compute-1.amazonaws.com
a.audrte.com
4    37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
5    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    2a05:d018:d29:3601:ffc9:867:3ede:5e54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    3.120.144.155 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-144-155.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    3.121.249.106 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-249-106.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
1    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
2    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
1    77.245.57.78 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
rtb-eu.andbeyond.media
1    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
tencentth-d.openx.net
u.openx.net
1    104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
10    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    23.37.63.179 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-63-179.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    23.32.184.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-180.deploy.static.akamaitechnologies.com
acdn.adnxs.com
23    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
cdn.ampproject.org
7    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    2a05:d018:cc3:fe04:65fe:ad5d:6046:af21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
5    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    13.228.87.248 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-87-248.ap-southeast-1.compute.amazonaws.com
prebid.andbeyond.media
3    52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net
c.amazon-adsystem.com
2    35.171.236.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-236-105.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.107.231.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.231.107.34.bc.googleusercontent.com
p.adlooxtracking.com
3    162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
1    108.128.51.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-51-215.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
5    185.64.190.82 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
2    162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    54.156.183.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-183-173.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    64.95.96.108 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    35.214.153.92 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 92.153.214.35.bc.googleusercontent.com
csync.loopme.me
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    141.94.161.158 (France)

ASN16276 (OVH, FR)
PTR: bixel-1.cloudy.ovh
green.erne.co
2    141.94.171.216 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh
pixel-eu.onaudience.com
1    52.220.229.2 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com
cm-supply-web.gammaplatform.com
4    213.19.147.44 (Castricum, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.51.121 (Norresundby, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    141.94.171.215 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh
pixel.onaudience.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
1    164.92.213.94 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
83 isanook.com
s.isanook.com — Cisco Umbrella Rank: 47302
p3.isanook.com — Cisco Umbrella Rank: 148656
sal.isanook.com — Cisco Umbrella Rank: 130186
1 MB
45 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 514
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 506
image6.pubmatic.com — Cisco Umbrella Rank: 746
simage2.pubmatic.com — Cisco Umbrella Rank: 707
image2.pubmatic.com — Cisco Umbrella Rank: 958
image4.pubmatic.com — Cisco Umbrella Rank: 1104
t.pubmatic.com — Cisco Umbrella Rank: 3357
simage4.pubmatic.com — Cisco Umbrella Rank: 1277
281 KB
33 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
stats.g.doubleclick.net — Cisco Umbrella Rank: 91
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205
cm.g.doubleclick.net — Cisco Umbrella Rank: 234
432 KB
31 googlesyndication.com
978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
e2c8d9bc0e74cc2f08f71b7a455426b3.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 143
231 KB
23 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 4217
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2017
adservice.google.com — Cisco Umbrella Rank: 83
59 KB
12 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 491
eus.rubiconproject.com — Cisco Umbrella Rank: 589
token.rubiconproject.com — Cisco Umbrella Rank: 600
pixel.rubiconproject.com — Cisco Umbrella Rank: 352
14 KB
12 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 429
mug.criteo.com — Cisco Umbrella Rank: 2429
bidder.criteo.com — Cisco Umbrella Rank: 733
dis.criteo.com — Cisco Umbrella Rank: 674
10 KB
10 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1052
s.amazon-adsystem.com — Cisco Umbrella Rank: 293
c.amazon-adsystem.com — Cisco Umbrella Rank: 310
66 KB
8 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 525
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575
dsum.casalemedia.com — Cisco Umbrella Rank: 1344
7 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
acdn.adnxs.com — Cisco Umbrella Rank: 611
secure.adnxs.com — Cisco Umbrella Rank: 440
24 KB
8 sanook.com
sanook.com — Cisco Umbrella Rank: 59105
www.sanook.com — Cisco Umbrella Rank: 69118
graph.sanook.com — Cisco Umbrella Rank: 159351
sloth-api.sanook.com — Cisco Umbrella Rank: 196314
dc.sanook.com Failed
39 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 375
110 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
1 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 559
3 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 5171
adservice.google.de — Cisco Umbrella Rank: 7680
1 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1008
id5-sync.com — Cisco Umbrella Rank: 444
19 KB
4 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 301
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 448
2 KB
4 adform.net
dmp.adform.net — Cisco Umbrella Rank: 3177
c1.adform.net — Cisco Umbrella Rank: 585
3 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2202
3 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
183 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 547
2 KB
3 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 18631
pixel.onaudience.com — Cisco Umbrella Rank: 3145
2 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 949
1 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 324
1 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 30569
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 33813
898 B
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 875
id.crwdcntrl.net — Cisco Umbrella Rank: 2607
942 B
3 innity.com
avd.innity.com — Cisco Umbrella Rank: 30477
2 KB
3 innity.net
avd.innity.net — Cisco Umbrella Rank: 42304
13 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
21 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1262
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 817
s.tribalfusion.com — Cisco Umbrella Rank: 2073
1 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1065
802 B
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 726
454 B
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
30 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 385
fonts.googleapis.com — Cisco Umbrella Rank: 50
31 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 671
cdn.indexww.com — Cisco Umbrella Rank: 1563
2 KB
2 openx.net
tencentth-d.openx.net — Cisco Umbrella Rank: 189473
u.openx.net — Cisco Umbrella Rank: 683
468 B
2 andbeyond.media
rtb-eu.andbeyond.media — Cisco Umbrella Rank: 168038
prebid.andbeyond.media — Cisco Umbrella Rank: 21475
709 B
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1435
778 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1106
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 792
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 682
762 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5492
562 B
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 164
3 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
233 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 161
114 KB
2 truehits.in.th
lvs2.truehits.in.th — Cisco Umbrella Rank: 108804
9 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
151 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 266
423 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2301
555 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4136
463 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 2977
382 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6915
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1173
527 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 2961
643 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 23553
412 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2462
308 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6168
279 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1003
225 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5818
369 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1397
283 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 700
944 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 449
9 KB
1 adlooxtracking.com
p.adlooxtracking.com — Cisco Umbrella Rank: 21933
4 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 775
30 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 414
651 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 11978
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1308
181 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 668
187 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3491
104 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 573
705 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 607
700 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1581
524 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 740
589 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 806
793 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 505
736 B
1 izooto.com
cdn.izooto.com — Cisco Umbrella Rank: 16851
1 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 179
2 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1019
47 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 664
40 KB
0 rlcdn.com Failed
api.rlcdn.com Failed
327 81
Domain Requested by
74 s.isanook.com www.sanook.com
18 tpc.googlesyndication.com 1 redirects securepubads.g.doubleclick.net
tpc.googlesyndication.com
978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com
www.sanook.com
cdn.ampproject.org
17 securepubads.g.doubleclick.net www.googletagservices.com
www.sanook.com
securepubads.g.doubleclick.net
15 simage2.pubmatic.com ads.pubmatic.com
www.sanook.com
13 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
www.sanook.com
11 cm.g.doubleclick.net 9 redirects www.sanook.com
10 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.sanook.com
tpc.googlesyndication.com
www.googletagservices.com
8 image2.pubmatic.com ads.pubmatic.com
www.sanook.com
8 www.google.com 2 redirects www.sanook.com
tpc.googlesyndication.com
978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com
6 ib.adnxs.com 3 redirects www.sanook.com
acdn.adnxs.com
6 bidder.criteo.com www.sanook.com
static.criteo.net
5 t.pubmatic.com www.sanook.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 pixel.rubiconproject.com 3 redirects www.sanook.com
5 match.adsrvr.org www.sanook.com
ssum-sec.casalemedia.com
5 match.prod.bidr.io 5 redirects
5 hbopenbid.pubmatic.com www.sanook.com
5 ads.pubmatic.com s.isanook.com
www.sanook.com
ads.pubmatic.com
5 p3.isanook.com www.sanook.com
s.isanook.com
p3.isanook.com
4 token.rubiconproject.com 4 redirects
4 a.audrte.com 3 redirects www.sanook.com
4 aax-eu.amazon-adsystem.com 2 redirects ads.pubmatic.com
www.sanook.com
4 image6.pubmatic.com 2 redirects ads.pubmatic.com
4 www.googletagservices.com s.isanook.com
securepubads.g.doubleclick.net
978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com
4 www.google.de www.sanook.com
4 gum.criteo.com 1 redirects static.criteo.net
www.sanook.com
4 graph.sanook.com s.isanook.com
4 sal.isanook.com www.sanook.com
3 sync.1rx.io 3 redirects
3 id5-sync.com www.sanook.com
3 c.amazon-adsystem.com www.sanook.com
3 ad.turn.com 3 redirects
3 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
3 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
www.sanook.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 x.bidswitch.net 3 redirects
3 c1.adform.net 2 redirects ads.pubmatic.com
3 avd.innity.com avd.innity.net
www.sanook.com
3 avd.innity.net p3.isanook.com
avd.innity.net
www.sanook.com
3 www.google-analytics.com www.googletagmanager.com
www.sanook.com
3 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
www.sanook.com
2 uipglob.semasio.net 1 redirects
2 pixel-eu.onaudience.com 2 redirects
2 lb.eu-1-id5-sync.com www.sanook.com
2 simage4.pubmatic.com ads.pubmatic.com
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev www.sanook.com
2 eus.rubiconproject.com ads.pubmatic.com
eus.rubiconproject.com
2 a.teads.tv www.sanook.com
2 rtb.mfadsrvr.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects www.sanook.com
2 ups.analytics.yahoo.com 2 redirects
2 um.simpli.fi 1 redirects www.sanook.com
2 cr.frontend.weborama.fr 2 redirects
2 sync.crwdcntrl.net 1 redirects www.sanook.com
2 sync-tm.everesttech.net 2 redirects
2 d5p.de17a.com 2 redirects
2 978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 stats.g.doubleclick.net www.googletagmanager.com
www.sanook.com
2 sb.scorecardresearch.com p3.isanook.com
www.sanook.com
2 www.facebook.com www.sanook.com
2 connect.facebook.net www.sanook.com
connect.facebook.net
2 lvs2.truehits.in.th www.sanook.com
2 www.googletagmanager.com www.sanook.com
www.googleoptimize.com
2 www.sanook.com 1 redirects
1 bam.nr-data.net js-agent.newrelic.com
1 match.adsby.bidtheatre.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pixel.onaudience.com 1 redirects
1 mwzeom.zeotap.com
1 matching.truffle.bid ads.pubmatic.com
1 sync.targeting.unrulymedia.com 1 redirects
1 cm-supply-web.gammaplatform.com 1 redirects
1 green.erne.co 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 csync.loopme.me 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 js-agent.newrelic.com www.sanook.com
1 id.crwdcntrl.net www.sanook.com
1 p.adlooxtracking.com www.sanook.com
1 cdn.id5-sync.com www.sanook.com
1 prebid.andbeyond.media www.sanook.com
1 code.jquery.com www.sanook.com
1 fonts.gstatic.com fonts.googleapis.com
1 px.ads.linkedin.com www.sanook.com
1 www.gstatic.com 978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com
1 fonts.googleapis.com 978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 ad4m.at ssum-sec.casalemedia.com
1 d.adroll.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 ajax.googleapis.com securepubads.g.doubleclick.net
1 acdn.adnxs.com ads.pubmatic.com
1 js-sec.indexww.com ads.pubmatic.com
1 e2c8d9bc0e74cc2f08f71b7a455426b3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 u.openx.net ads.pubmatic.com
1 htlb.casalemedia.com www.sanook.com
1 tencentth-d.openx.net www.sanook.com
1 fastlane.rubiconproject.com www.sanook.com
1 rtb-eu.andbeyond.media www.sanook.com
1 pixel-sync.sitescout.com www.sanook.com
1 pubmatic-match.dotomi.com www.sanook.com
1 image4.pubmatic.com www.sanook.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr www.sanook.com
1 bh.contextweb.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 cms.quantserve.com 1 redirects
1 dis.criteo.com 1 redirects
1 p.rfihub.com 1 redirects
1 sync.mathtag.com 1 redirects
1 region1.analytics.google.com www.googletagmanager.com
1 mug.criteo.com www.sanook.com
1 cdn.izooto.com s.isanook.com
1 sloth-api.sanook.com www.sanook.com
1 www.googleadservices.com www.googletagmanager.com
1 www.googleoptimize.com www.googletagmanager.com
1 static.criteo.net www.sanook.com
1 sanook.com 1 redirects
0 dc.sanook.com Failed
0 api.rlcdn.com Failed www.sanook.com
327 129
Subject Issuer Validity Valid
*.sanook.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-07 -
2023-07-08		 a year crt.sh
*.isanook.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-04 -
2023-10-19		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
lvs2.truehits.in.th
Sectigo RSA Domain Validation Secure Server CA		 2023-01-29 -
2024-02-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-20 -
2023-05-21		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-14 -
2024-05-13		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.scorecardresearch.com
Amazon RSA 2048 M02		 2023-03-01 -
2024-01-28		 a year crt.sh
*.innity.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-24 -
2024-02-26		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.innity.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-08 -
2023-12-09		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
teads.tv
R3		 2023-05-11 -
2023-08-09		 3 months crt.sh
*.andbeyond.media
Starfield Secure Certificate Authority - G2		 2023-02-14 -
2024-03-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
p.adlooxtracking.com
GTS CA 1D4		 2023-03-25 -
2023-06-23		 3 months crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-03-01 -
2023-05-30		 3 months crt.sh
truffle.bid
R3		 2023-03-15 -
2023-06-13		 3 months crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-18 -
2023-12-19		 a year crt.sh

This page contains 46 frames:

Primary Page: https://www.sanook.com/
Frame ID: 7A6124A9CDC4D9B27EF6DC1285512D0B
Requests: 186 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 023FE86B2FE619CD011B347C3C389C82
Requests: 1 HTTP requests in this frame

Frame: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Frame ID: E864C76D72A9E055DF926AA12B15FF2B
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Frame ID: 55108EE036FABC2EE827AE3778CEF2A9
Requests: 2 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: D53AEDB60C3D8050675FA56CCF93E97B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: 5FBAC27488475915886C5C5269E53F60
Requests: 17 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: 3243D6AB22E8FEC2A4C6FA7B3FD61633
Requests: 9 HTTP requests in this frame

Frame: https://978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 98CFDE1BFA50F9899122F23B0D6223C1
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstguJS3PW-39HdSJQaaZPi7yImYlKR_ngkwgGY0zf7ZZ-_RDt2azN_sa2DgT0ichiI2r2dOBUu8MulMp-0oJPCptRm9WqFE5c_-9xcmsc2PNDHwdJjLfpzFQBovzC8ZIz3OxBgTGF1sstes61YYqyuk_kRHvg4vRbpRJ1mjYWGhtHW1td0XxZsGY6yeyOqlSGCFBNHhtBjwzwbXUeEwTYhV7JC87acvMblxMQYNAB7bZZLwqoaKeHUpu8tAKU0oiNZ8pbWPudiiUzk-0hEF-GKfhzKH5kts-JzJyLOqphw3_SEbYGygo6Bk_WkLOJmOmiwiKzY9JZCfTlIfmlCDArmS4Lm_exT-CFY_4Y0j7A&sai=AMfl-YQnZsawBm2tVIlQgxE1KAk-Y4NMTU0oF9GxyeYzVuY8uKuwlW0HKUAO2Xs-D_L8jIJ4xjGqGSfF9F3HaD6y4ZqYW1m_URCEWk8W2-M9sTLhsjUf8Pm3MSt2aePrRg&sig=Cg0ArKJSzFhnSUYdLAiAEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 849B5F67CCCA5A752F9165E7EC626FDC
Requests: 12 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ebe16460-e782-4500-a0a6-1dc52db12729&gdpr=0&gdpr_consent=
Frame ID: 2064E8350FA095F037A8E1BA8275126F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336723200229105
Frame ID: 6769F674815F733285C0D443B45322BD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: AD11E1BF229EEA57B1D6FB7E7B627CAC
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7195103447793568274
Frame ID: F6BE0C3AF93731BD908ED26A1A6B951E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4551528029839449851&gdpr=0&gdpr_consent=
Frame ID: FDC122E40D25DFC5932579DC69F8CEEF
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 1C9A2DD34BA570AC696735B135B30D2A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-RkDcKoaDXLiHgYh9hsYcawaDXHiTwwk90g3C_dz
Frame ID: 71753C126E6BEB199F7BAAFE9D59EADC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7233035547097102484&gdpr=0&gdpr_consent=
Frame ID: 27ADF2EB59B9466E36E17A8EE21B586C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGcT07Iwc8AACD0owc2NQ&gdpr=0&gdpr_consent=
Frame ID: 3943869CFC4225EE9FBBDEB7842A37A9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZGDnggAJ_HswGQAn&gdpr=1&gdpr_consent=&_test=ZGDnggAJ_HswGQAn
Frame ID: 4CC70E730A2973241DFE5F333CA6720E
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: DFC1E792649F015A3619B57EAADCE4C6
Requests: 1 HTTP requests in this frame

Frame: https://e2c8d9bc0e74cc2f08f71b7a455426b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 807B9C017A4D978FD3F93CA4C5FEE8CC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C50E39BAD96CCC1A137920528C084BD3
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4253B1ADE7C33207E7D0F9A97C25F9E6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C8BCB3822FF415C29515E88B33E49ACE
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 3F5A830AFB445E9FCEB0327A9A4006FA
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMfD0q_aZ_sFtQBVdsaeTh8nlIDAXlvhv65fKxMzDaiLX8_uIjKgXH1BwNl2VmWUZs5hUC35ZcqBZ0LAsshmzpWP4LPj3v8rNIbNOdnH-GoaKJCm9_Ay3VBWOnmol81A9ysyv9v3h2HiJsbAmDmOFJIs0IAMiX9WQTi3CTCRjiCoOm2cAnMP2chYa5Me35M4JaZW74Eqy4Xj5Wmn3FpNouKgV2yffXH9U10itU92OH0MS9Vna44swvYPnZxeAa9527tFDKK1X2fjs7TbkZBhaCu3U4nrHBce5AOFXWsTnaelms7XPRPfmLLW5WTTTWi7oUmtQUueRdpQ&sai=AMfl-YQ-YTPF_TN3t51o3-C2i8jeBQOjmhS3gEwy4q2d3d02NW-9jvaiXRZvtvBcGjkdX1mtWHzGWVhj_mSdEoBdfZbryyIMUFkuz-j3aQpWx3worTju0xGgb6YY56RuP5g&sig=Cg0ArKJSzGhXn8WH2C1oEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: BF5CE16DF5392AE998040DE7F08A0AB8
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0F2D7C686B6C34CC4276AD8EBCB15E66
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 58F45988B947EA372FCA645D4DD12092
Requests: 2 HTTP requests in this frame

Frame: https://978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 21FE24F95F17FF63C2684C34379DA38B
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Frame ID: 66B2B31905817682533A11E21137704A
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js
Frame ID: AC9ED3A755C547423F6233BE2374E179
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6A0AE58EDDF527DF4DE438D77C92574A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4E2BA37A97C474FC81B8AAC323CC058C
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&gdpr=0&gdpr_consent=
Frame ID: DEF10114716FD0A597FFFF5FBDC95C8D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HdRmrrutWZ5sztA1d4BNLlD_Csc&gdpr=0&gdpr_consent=
Frame ID: 30CC8A4587E115C30B5B4373D3FD37E2
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 6110B32573C0BDD90041B396BD0A45A8
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 0A6D55B70F752323EFFF19BECB965562
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: D3602B9480AC44A4BA293715343F18D5
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 8559307EE255140B30DDE2C2953CE25A
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 079B8DC4DECB3CFFE8C98A5EF958271A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&gdpr=0&gdpr_consent=
Frame ID: DF11E87C3C1BB5750A0B1C379DB5BDB4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uroLIz3lVSjXXnUnhQTQShbT&gdpr=0&gdpr_consent=
Frame ID: 9D5F682282C1EC6E310D65DA3CE758C8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=dpr108v17znp
Frame ID: 7DC3CCDA349654991C7854B0D7F4203F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a34f3279-45dd-464c-b825-f3016de0e65f-003
Frame ID: F3C4E0475457E6079EE97D96D50C090A
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: A7E812C7BFA60FE377D81136470EC579
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:122A398EB59E41789AAE032E0A7F286A&gdpr=0&gdpr_consent=
Frame ID: CC13DEA014B0DA9ADDD2699DBDF00BC9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

sanook.com รวมข่าว ดูดวง หวย ผลบอล เพลง Joox เกม

Page URL History Show full URLs

  1. http://sanook.com/ HTTP 301
    http://www.sanook.com/ HTTP 302
    https://www.sanook.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.izooto\.\w+
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

327
Requests

90 %
HTTPS

32 %
IPv6

81
Domains

129
Subdomains

89
IPs

14
Countries

3423 kB
Transfer

10981 kB
Size

120
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sanook.com/ HTTP 301
    http://www.sanook.com/ HTTP 302
    https://www.sanook.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=139786315&cv=11&fst=1684072320410&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&auid=375541212.1684072320&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=gedgZN6FAZrI7_UP9OGsuAM&sscte=1&crd=&eitems=ChEI8I2CowYQ772jjZzHiIOQARIdAJupAyqqBcBpa0Q9t98CIjJbmgVio1Oi3GZEBFU&pscrd=EkxDaEFJOEkyQ293WVFnYVdvMHRqdTVMMEdFaVVBNjlqUmNIeTB3cFRURXlxV2pqYTZXWTNVUEZ6bk9oaEVkNzA5Q2JMRTg5QUpsUnJnGlhDaEVJOEkyQ293WVFfTmVnM3JuYW9xdWxBUkl0QUh5cy1NLTY5V0QwN2htSzBJRVdtd3N1cXdPbW5WOC12X0RNSTNWNi03XzBfSExNZW9BbUtuYjVkbWZT HTTP 302
  • https://www.google.com/pagead/1p-conversion/1007499765/?random=139786315&cv=11&fst=1684072320410&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&auid=375541212.1684072320&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOEkyQ293WVFnYVdvMHRqdTVMMEdFaVVBNjlqUmNIeTB3cFRURXlxV2pqYTZXWTNVUEZ6bk9oaEVkNzA5Q2JMRTg5QUpsUnJnGlhDaEVJOEkyQ293WVFfTmVnM3JuYW9xdWxBUkl0QUh5cy1NLTY5V0QwN2htSzBJRVdtd3N1cXdPbW5WOC12X0RNSTNWNi03XzBfSExNZW9BbUtuYjVkbWZT&is_vtc=1&ocp_id=gedgZN6FAZrI7_UP9OGsuAM&cid=CAQSKQBygQiDG_m2lhO7HwALRyLnymg2j2vUtYU_MXb4xdds4SLaA2lJQPbk&eitems=ChEI8I2CowYQ772jjZzHiIOQARIdAJupAypKNgxMewjlDcQmY-it-gmXUxhl3mDlM2Y&random=2539240228 HTTP 302
  • https://www.google.de/pagead/1p-conversion/1007499765/?random=139786315&cv=11&fst=1684072320410&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&auid=375541212.1684072320&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOEkyQ293WVFnYVdvMHRqdTVMMEdFaVVBNjlqUmNIeTB3cFRURXlxV2pqYTZXWTNVUEZ6bk9oaEVkNzA5Q2JMRTg5QUpsUnJnGlhDaEVJOEkyQ293WVFfTmVnM3JuYW9xdWxBUkl0QUh5cy1NLTY5V0QwN2htSzBJRVdtd3N1cXdPbW5WOC12X0RNSTNWNi03XzBfSExNZW9BbUtuYjVkbWZT&is_vtc=1&ocp_id=gedgZN6FAZrI7_UP9OGsuAM&cid=CAQSKQBygQiDG_m2lhO7HwALRyLnymg2j2vUtYU_MXb4xdds4SLaA2lJQPbk&eitems=ChEI8I2CowYQ772jjZzHiIOQARIdAJupAypKNgxMewjlDcQmY-it-gmXUxhl3mDlM2Y&random=2539240228&ipr=y
Request Chain 95
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=sanook.com&sn=ChromeSyncframe&so=0&topUrl=www.sanook.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=ozb7uXxLK1BQbmIwVzl4VnJFSHhLR3VTVFVXWUE0bWYrWmt4bTJuQnJuUEFpNXpyM3NudjFOYXFKOThucFQ5a29VZDZFc296RlNyRDBKTW51WXhkOFg2b2hrYlQ3eVU5Mkh0WWF3L1ZhVmhFUzBwaU84Y1BYZnQrNzVhdmVtdlI5S2kvVGZqLzF6QUxnOENuN1pReTJTbXJFcHN2MlNIdGNMU2o1NUY0UEY2S09ORjBCWGRJdGtHS0pSeFpRM2JDL1FCVXRvWk1JaUtrTnJxcDhBN2pTZWFkQVFWVUpndE5FcFBKd3NzTjg3REswemVGd2Q4dnBpem95Z0QxY2IreVNGYURKaVo4dXc5enBHYXZ4a3lQSjFQOXBuZz09fA&cppv=2
Request Chain 131
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ebe16460-e782-4500-a0a6-1dc52db12729&gdpr=0&gdpr_consent=
Request Chain 132
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336723200229105
Request Chain 133
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 134
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7195103447793568274
Request Chain 135
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4551528029839449851&gdpr=0&gdpr_consent=
Request Chain 136
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 137
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-RkDcKoaDXLiHgYh9hsYcawaDXHiTwwk90g3C_dz
Request Chain 138
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7233035547097102484&gdpr=0&gdpr_consent=
Request Chain 139
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHY1QwN0l3YzhBQUNEMG93YzJOUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGcT07Iwc8AACD0owc2NQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=1954334274752897082&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGcT07Iwc8AACD0owc2NQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1954334274752897082%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1954334274752897082&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAGcT07Iwc8AACD0owc2NQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGcT07Iwc8AACD0owc2NQ&gdpr=0&gdpr_consent=
Request Chain 140
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZGDnggAJ_HswGQAn HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZGDnggAJ_HswGQAn&gdpr=1&gdpr_consent=&_test=ZGDnggAJ_HswGQAn
Request Chain 141
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=L2mYpY5KRb68e5c_f64E0Q%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 143
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1497351764 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1
Request Chain 144
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YjZmU3E3eWdQeGtRYi1IbC15RUUxMzRGUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=635146453989379027&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 145
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkY2OTk4QTUtOEU0QS00NUJFLUJDN0ItOTczRjdGQUUwNEQx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 146
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKr9RxTP49JSxGQlzTMDb9k&google_cver=1
Request Chain 148
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=635146453989379027
Request Chain 150
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-das34jtE2uXfVEEIFSsKosrwcgHMqTk-~A&gdpr=0
Request Chain 152
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=8ea390d7-5e0f-448f-80ea-cfc3a71c1f86&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=8ea390d7-5e0f-448f-80ea-cfc3a71c1f86&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=b632df4a-991d-40ea-b8f8-7c1eb6668028&ssp=pubmatic&gdpr=0 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8ea390d7-5e0f-448f-80ea-cfc3a71c1f86&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 187
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 198
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZGDngheklNpeOZ1CXrFjugAADUYAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECYSnWcxRwCaJPf_WyU3cwo&google_cver=1
Request Chain 199
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZGDngheklNpeOZ1CXrFjugAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOGvKiYL9w76lT6XCxyeHPA&google_cver=1
Request Chain 200
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3341713350281898955
Request Chain 201
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4551528029839449851
Request Chain 223
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
  • https://tpc.googlesyndication.com/simgad/624907996767536446
Request Chain 224
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhOSDZHQ1UtMjEtSU5YSA==&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAQgcQmGETL-Uszd5WGNabg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhOSDZHQ1UtMjEtSU5YSA==&google_push=
Request Chain 225
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/i6tX2nPBro-VEQNB7dzqCcn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ObLar2BE2oL8e5Qj_Rlm86rDTxk6afi6BaiV2Q--~A
Request Chain 226
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=9iTicMgjRlad297ZJvGx3A&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=9iTicMgjRlad297ZJvGx3A
Request Chain 239
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzlkMDkxY2Q5N2Y5NDgzYjkyYjIzNzAxZDFkNDVmZTI4YmQwYWQzNA&us_privacy=1---
Request Chain 240
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=PYWBKdurQfqNo8D1B29ERA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=PYWBKdurQfqNo8D1B29ERA
Request Chain 241
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJ2Ac4Cx37uS421aiFfFeeU&google_cver=1
Request Chain 242
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHNH6GCU-21-INXH&us_privacy=1---
Request Chain 248
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 296
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HdRmrrutWZ5sztA1d4BNLlD_Csc&gdpr=0&gdpr_consent=
Request Chain 299
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 300
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 302
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&gdpr=0&gdpr_consent=
Request Chain 303
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=58c22e6ebd7d8b17/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DuroLIz3lVSjXXnUnhQTQShbT%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DuroLIz3lVSjXXnUnhQTQShbT%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uroLIz3lVSjXXnUnhQTQShbT&gdpr=0&gdpr_consent=
Request Chain 304
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=dpr108v17znp
Request Chain 305
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1684072325178 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=7289596952 HTTP 302
  • https://sync.1rx.io/usersync/turn/3341713350281898955?dspret=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a34f3279-45dd-464c-b825-f3016de0e65f-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-a34f3279-45dd-464c-b825-f3016de0e65f-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a34f3279-45dd-464c-b825-f3016de0e65f-003
Request Chain 307
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:122A398EB59E41789AAE032E0A7F286A&gdpr=0&gdpr_consent=
Request Chain 309
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 310
  • https://pixel.onaudience.com/?partner=214&mapped=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 311
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4551528029839449851
Request Chain 312
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3341713350281898955&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 313
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:9bf02d42-fbaa-40eb-96a0-196677d028ea&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

327 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.sanook.com/
Redirect Chain
  • http://sanook.com/
  • http://www.sanook.com/
  • https://www.sanook.com/
269 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.93.41 Bangkok, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-41.static.asianet.co.th
Software
nginx /
Resource Hash
dbfed29103e9686ce4cec6e9703ac6208581c8311fae17556ae6cce51bdb36ea
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
public, s-maxage=15, max-age=5, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 14 May 2023 13:51:59 GMT
Proxy-Cache-Status
HIT
SN-Cache-Status
HIT
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Transfer-Encoding
chunked
Vary
Accept-Encoding User-Agent
X-Cache-Status
MISS
X-Ua-Device
desktop
X-Ua-Exp
notset
X-Ua-Key
cover_display
X-Ua-Type
human

Redirect headers

Connection
keep-alive
Content-Length
151
Content-Type
text/html
Date
Sun, 14 May 2023 13:51:59 GMT
Location
https://www.sanook.com/
Proxy-Cache-Status
STALE
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Vary
User-Agent, Accept-Encoding
X-Cache-Status
MISS
pubmatic_desktop.1.0.0.js
s.isanook.com/sh/0/js/ 		1 KB
742 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 04 May 2023 16:05:46 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 16 May 2018 08:30:09 GMT
server
Lego Server
age
0
etag
W/"5afbec11-43f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17219272960652914036
accept-ranges
bytes
content-length
550
expires
Sat, 03 Jun 2023 16:05:46 GMT
publishertag.js
static.criteo.net/js/ld/ 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-1e357"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 15 May 2023 13:52:00 GMT
beacon.v1.js
p3.isanook.com/sh/0/js/ 		375 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/sh/0/js/beacon.v1.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:00 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 28 Nov 2013 06:56:15 GMT
server
Lego Server
etag
"5296e90f-177"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9498290736140758272
accept-ranges
bytes
content-length
266
bc1a5e788a33746f4adc.css
s.isanook.com/sr/0/_next/static/css/ 		42 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/css/bc1a5e788a33746f4adc.css
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
63f76efdf34dcee17d568b373f3b6616322a133cf8299dec72a3f9e74789e363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 02 May 2023 07:31:19 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Tue, 02 May 2023 04:19:29 GMT
server
Lego Server
age
0
etag
W/"64508f51-a6ad"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17621084472271684697
accept-ranges
bytes
content-length
8901
expires
Thu, 01 Jun 2023 07:31:19 GMT
webpack-a784bbed8e35519e83f2.js
s.isanook.com/sr/0/_next/static/chunks/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/webpack-a784bbed8e35519e83f2.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
6d5ebc4be33dc468d3f5c59aa8ca1edc7c3c979191ce83138678daefc239a5b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:02:30 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
7870
server
Lego Server
age
0
etag
W/"645b4ddf-1ebe"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
15131718452049262337
accept-ranges
bytes
content-length
4077
expires
Fri, 09 Jun 2023 08:02:30 GMT
framework-bccd505f411f10b308c7.js
s.isanook.com/sr/0/_next/static/chunks/ 		147 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/framework-bccd505f411f10b308c7.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
e16941500a7e562826092aa4e31a907a0c6e9354e4c843391cd3fdec33602bb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 20:33:23 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
150360
server
Lego Server
age
1999396
etag
W/"642d31b2-24b58"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
18160774275264160998
accept-ranges
bytes
content-length
45781
expires
Fri, 05 May 2023 16:39:49 GMT
main-bcf4d111f618a82e6a4e.js
s.isanook.com/sr/0/_next/static/chunks/ 		75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/main-bcf4d111f618a82e6a4e.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
1c4ab2f8971959b6a8e4375092eacd41007a97c2078e14af4dd43fdfea43bb6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 03 May 2023 00:59:10 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Tue, 02 May 2023 07:43:28 GMT
server
Lego Server
age
55894
etag
W/"6450bf20-12af2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
17486305364652861707
accept-ranges
bytes
content-length
23884
expires
Thu, 01 Jun 2023 09:27:37 GMT
_app-a05a21fb5346d2f7b819.js
s.isanook.com/sr/0/_next/static/chunks/pages/ 		722 KB
171 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-a05a21fb5346d2f7b819.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
1d6eac41689357c3703d4153f73dd70d92087119106d4b79eb83969ed76af595

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 04:51:54 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
739388
server
Lego Server
age
97
etag
W/"64587e39-b483c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
18054045193194972364
accept-ranges
bytes
content-length
174240
expires
Wed, 07 Jun 2023 04:47:32 GMT
2641-f644de276003517d4cf1.js
s.isanook.com/sr/0/_next/static/chunks/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2641-f644de276003517d4cf1.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
347a1a93f15f2e4e49ec4956179590048c292cab68669b230759e5652eaefd65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 03 May 2023 00:59:11 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Tue, 02 May 2023 10:56:50 GMT
server
Lego Server
age
0
etag
"6450ec72-7567"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
18385246204076686283
accept-ranges
bytes
content-length
7716
expires
Fri, 02 Jun 2023 00:59:11 GMT
8229-a3ffb213d38ea4b85bad.js
s.isanook.com/sr/0/_next/static/chunks/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/8229-a3ffb213d38ea4b85bad.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
0b93fcce3e4ed4086f6f2e19b753dfd7f9e48213ddba0ab5b8c9dfb2dc862ae0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 05 May 2023 06:49:04 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 03 May 2023 08:41:48 GMT
server
Lego Server
age
0
etag
W/"64521e4c-7506"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
18035141193286730494
accept-ranges
bytes
content-length
6889
expires
Sun, 04 Jun 2023 06:49:04 GMT
9669-b56602280eb9384c191d.js
s.isanook.com/sr/0/_next/static/chunks/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/9669-b56602280eb9384c191d.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
9cd0cf9358f6d9ef9aecc29466faba4f8f2f5b9a79f03be60e6b220558fd4340

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:00:15 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 03 May 2023 04:58:47 GMT
server
Lego Server
age
0
etag
"6451ea07-35e2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
13613770990045407649
accept-ranges
bytes
content-length
4715
expires
Fri, 02 Jun 2023 05:00:15 GMT
1354-e6e263fd45386d27bc3d.js
s.isanook.com/sr/0/_next/static/chunks/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1354-e6e263fd45386d27bc3d.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
6110bd3d72d24a65ab45401d0318208e362f323aca3c84d57a36523d34a60f0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 03 May 2023 00:59:13 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Tue, 02 May 2023 10:56:51 GMT
server
Lego Server
age
0
etag
W/"6450ec73-c680"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
16994540046846716982
accept-ranges
bytes
content-length
16570
expires
Fri, 02 Jun 2023 00:59:13 GMT
2962-603a28e62dde6ed2aedb.js
s.isanook.com/sr/0/_next/static/chunks/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2962-603a28e62dde6ed2aedb.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
39a9767a33fe8b9d31f24bb9f29f98152c9f738a1bf59539cfd87285d30be231

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 03:06:57 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Tue, 11 Apr 2023 07:38:50 GMT
server
Lego Server
age
1821197
etag
W/"64350e8a-2ebe"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
4461361294806956799
accept-ranges
bytes
content-length
2738
expires
Fri, 12 May 2023 03:06:57 GMT
9047-2d652cafc35943e20d62.js
s.isanook.com/sr/0/_next/static/chunks/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/9047-2d652cafc35943e20d62.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
50242617945a6f6a36fe2fd68afa582d0b765e127a17bfe46487e5cc3970bb18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 08:42:25 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Tue, 11 Apr 2023 07:38:50 GMT
server
Lego Server
age
1293839
etag
W/"64350e8a-38a5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
2142672562917571457
accept-ranges
bytes
content-length
4475
expires
Thu, 11 May 2023 08:42:25 GMT
3253-079293c535abc2a452b6.js
s.isanook.com/sr/0/_next/static/chunks/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/3253-079293c535abc2a452b6.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
3c306814caff0bcd34236c2f17695012ea796e2e7d0d1506ec323773f70596b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 07 May 2023 16:24:51 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 03 May 2023 08:41:49 GMT
server
Lego Server
age
0
etag
"64521e4d-57ad"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
8188362652173971900
accept-ranges
bytes
content-length
6481
expires
Sun, 07 May 2023 16:25:02 GMT
1350-ccbe2b949cfdea577ff1.js
s.isanook.com/sr/0/_next/static/chunks/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1350-ccbe2b949cfdea577ff1.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
7492395fef5caac2500eb07ba8dbc30c0fa593fe2db43e89db33dc0d3af70e41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 08:06:27 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 26 Apr 2023 07:40:58 GMT
server
Lego Server
age
0
etag
W/"6448d58a-3614"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9868516123818193835
accept-ranges
bytes
content-length
4649
expires
Fri, 26 May 2023 08:06:27 GMT
1216-75cdf64a6bee3b4a0f08.js
s.isanook.com/sr/0/_next/static/chunks/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1216-75cdf64a6bee3b4a0f08.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
c874f708f5b975cd971bc4b89f3a432a46121a549273f79c0e1363ef54001157

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 04:28:11 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Mon, 08 May 2023 10:46:58 GMT
server
Lego Server
age
0
etag
"6458d322-1ad7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
1763647708756339853
accept-ranges
bytes
content-length
2537
expires
Thu, 08 Jun 2023 04:28:11 GMT
617-5cad0d06573dab8c8b0a.js
s.isanook.com/sr/0/_next/static/chunks/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/617-5cad0d06573dab8c8b0a.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
68551662722fe4ed510f4d33fd3aee3dea77c47dff7584e8c50d1dc9241f22df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 03 May 2023 00:59:14 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Tue, 02 May 2023 10:56:52 GMT
server
Lego Server
age
0
etag
W/"6450ec74-3fa3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
13738615858788858818
accept-ranges
bytes
content-length
4581
expires
Fri, 02 Jun 2023 00:59:14 GMT
5886-0250f3a1d32ffcdd3e37.js
s.isanook.com/sr/0/_next/static/chunks/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5886-0250f3a1d32ffcdd3e37.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
0efc2b3150feea54abc6285d834aaea36661ffd5acb56047656748c731d12330

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 00:28:30 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Mon, 08 May 2023 10:46:56 GMT
server
Lego Server
age
0
etag
W/"6458d320-14109"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
11258959768241546471
accept-ranges
bytes
content-length
26131
expires
Fri, 09 Jun 2023 00:28:30 GMT
5616-5f8425f3631c502b5b56.js
s.isanook.com/sr/0/_next/static/chunks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5616-5f8425f3631c502b5b56.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
be670c3d3cc9021e3e244a863bd36f5c685a09f46cffefdb930b9fefee0fec0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 00:03:49 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
9072
server
Lego Server
age
1173683
etag
W/"6446323d-2370"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
12822248913117923089
accept-ranges
bytes
content-length
3074
expires
Thu, 25 May 2023 09:53:14 GMT
6066-d50250a536141f89d39a.js
s.isanook.com/sr/0/_next/static/chunks/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/6066-d50250a536141f89d39a.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
12c77ac611a4332b163f12367043df571ad45e56537880d12235f9aa3376e777

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 01:23:45 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
38372
server
Lego Server
age
68201
etag
W/"6458824e-95e4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
3956129224889879358
accept-ranges
bytes
content-length
9956
expires
Wed, 07 Jun 2023 06:04:25 GMT
6394-4c13bb638cce24c456c7.js
s.isanook.com/sr/0/_next/static/chunks/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/6394-4c13bb638cce24c456c7.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
b02bf2a8d76d3e8d58db00ee7d49100ee09d44b38d1d363bdbd33f9c72e92da1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 03 May 2023 00:59:14 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Tue, 02 May 2023 10:56:50 GMT
server
Lego Server
age
0
etag
W/"6450ec72-123d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
18181623219461536687
accept-ranges
bytes
content-length
2123
expires
Fri, 02 Jun 2023 00:59:14 GMT
2930-1d636baa27e7b232fd40.js
s.isanook.com/sr/0/_next/static/chunks/ 		213 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2930-1d636baa27e7b232fd40.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
f2489f38c5105dd0b3f40e24e240e10186fac5edc6b6bc730fbab98dfff50511

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 04:51:54 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
217628
server
Lego Server
age
124
etag
W/"64587e37-3521c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
15719199056406038415
accept-ranges
bytes
content-length
29508
expires
Wed, 07 Jun 2023 04:47:32 GMT
2996-fb071b42b1a12f78d5ec.js
s.isanook.com/sr/0/_next/static/chunks/ 		92 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2996-fb071b42b1a12f78d5ec.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
13e6896962e02b5d34f51768df79aca99d7ec1d5b2eb207c062d134e48aeb5c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 05:09:34 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 12 May 2023 10:13:29 GMT
server
Lego Server
age
0
etag
W/"645e1149-16f46"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
4421806578809237036
accept-ranges
bytes
content-length
16728
expires
Mon, 12 Jun 2023 05:09:34 GMT
1250-b6785b0363b057ac38e4.js
s.isanook.com/sr/0/_next/static/chunks/ 		196 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1250-b6785b0363b057ac38e4.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
4dc93981100acbe828b7688916d99992d46f25fef3ab78cfe26fc7bd93de403f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 02:43:01 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
200732
server
Lego Server
age
84
etag
W/"64585fcf-3101c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
1826392956384083902
accept-ranges
bytes
content-length
41794
expires
Wed, 07 Jun 2023 02:41:36 GMT
5269-db5dd255a772d738f735.js
s.isanook.com/sr/0/_next/static/chunks/ 		242 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5269-db5dd255a772d738f735.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
8bb95a8801494a5ea278fd9da6f87ac41a0a049f6e041a52fd28a8f9db53aed7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 04:28:13 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Mon, 08 May 2023 10:46:59 GMT
server
Lego Server
age
0
etag
"6458d323-3c632"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
4433123680827595719
accept-ranges
bytes
content-length
19346
expires
Thu, 08 Jun 2023 04:28:13 GMT
3316-c2db2abb0c275a7040e2.js
s.isanook.com/sr/0/_next/static/chunks/ 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/3316-c2db2abb0c275a7040e2.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
d38961bd0b1ca21df559b911d10e02450f663398373f3e6ac76eb31809b5b75e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 04:28:15 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Mon, 08 May 2023 10:46:58 GMT
server
Lego Server
age
0
etag
W/"6458d322-4663"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
5933035967570522866
accept-ranges
bytes
content-length
4351
expires
Thu, 08 Jun 2023 04:28:15 GMT
2182-c812998b9bfd40b7bc57.js
s.isanook.com/sr/0/_next/static/chunks/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2182-c812998b9bfd40b7bc57.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
9ccdbec9e927128d190882fdc2b16952ae59a95bfe6f179416ecd98d4aeef7ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 08:06:31 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 26 Apr 2023 07:40:57 GMT
server
Lego Server
age
0
etag
W/"6448d589-39ae"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
744988664252480902
accept-ranges
bytes
content-length
3109
expires
Fri, 26 May 2023 08:06:31 GMT
7634-9c48588a06a20cc2cfaa.js
s.isanook.com/sr/0/_next/static/chunks/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/7634-9c48588a06a20cc2cfaa.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
696ebff2f6fb069f9f94ffe87bf3afc534a4dc68dee592c312549170a6e0e9d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 04:28:16 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Mon, 08 May 2023 10:46:57 GMT
server
Lego Server
age
0
etag
W/"6458d321-371e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
3181343566044312334
accept-ranges
bytes
content-length
2599
expires
Thu, 08 Jun 2023 04:28:16 GMT
8316-9ad24919e3bbc1097ada.js
s.isanook.com/sr/0/_next/static/chunks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/8316-9ad24919e3bbc1097ada.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
0f39b97ea3de277e244ee8e16478fc327588d22f6d7337c4828daba88b12c9fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 17:50:07 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Mon, 24 Apr 2023 07:39:42 GMT
server
Lego Server
age
33045
etag
W/"6446323e-243b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
7498662961510151526
accept-ranges
bytes
content-length
3100
expires
Mon, 24 Apr 2023 17:50:08 GMT
2511-074af1450db624a7f16d.js
s.isanook.com/sr/0/_next/static/chunks/ 		16 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2511-074af1450db624a7f16d.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
cddb1b19e0e1005bf53cca0d8643347cabfc48c3f355d7ada6e596a81fd2abb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 04 May 2023 16:05:47 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 07 Apr 2023 11:45:50 GMT
server
Lego Server
age
2255281
etag
"6430026e-3ebe"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
10991789065656449264
accept-ranges
bytes
content-length
3106
expires
Mon, 08 May 2023 13:37:47 GMT
7605-f3d5ddfde21b6623d81b.js
s.isanook.com/sr/0/_next/static/chunks/ 		18 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/7605-f3d5ddfde21b6623d81b.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
65e08beb42a478adfc09e060a428ebe8d50160a8a8cc48edd5ee1cd2d3ab298c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 04 May 2023 16:05:48 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 03 May 2023 08:41:49 GMT
server
Lego Server
age
0
etag
W/"64521e4d-499a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
15522561906857749490
accept-ranges
bytes
content-length
3020
expires
Sat, 03 Jun 2023 16:05:48 GMT
8554-9fd916aeac27f92496e4.js
s.isanook.com/sr/0/_next/static/chunks/ 		34 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/8554-9fd916aeac27f92496e4.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
425396deda5e55615b9639c0248b4ac8f469509681a8e531f2eb04bfb2227842

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 03 May 2023 00:52:21 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
34865
server
Lego Server
age
0
etag
W/"6450ec72-8831"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
18132296169355973402
accept-ranges
bytes
content-length
6490
expires
Fri, 02 Jun 2023 00:52:21 GMT
firstpage-d7214b2d0a92eb7f36e8.js
s.isanook.com/sr/0/_next/static/chunks/pages/common/ 		288 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/pages/common/firstpage-d7214b2d0a92eb7f36e8.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
a7d76b35d274580e0e567470447b9fc79a62f95d072ec6614bf80aff36b790d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 02:44:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
295308
server
Lego Server
age
93
etag
W/"64585fd0-4818c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
12684222551627326787
accept-ranges
bytes
content-length
48639
expires
Wed, 07 Jun 2023 02:42:50 GMT
_buildManifest.js
s.isanook.com/sr/0/_next/static/pnnPgTHkmrwK-U8WXne3J/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/pnnPgTHkmrwK-U8WXne3J/_buildManifest.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
6fd17e5ca08fd57b27c7837eaf220d5ebfdfbfe8d4cf29f8a3209999ba91e9f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 07:49:59 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
22268
server
Lego Server
age
6
etag
W/"64609170-56fc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
3578405536437085487
accept-ranges
bytes
content-length
5679
expires
Tue, 13 Jun 2023 07:47:33 GMT
_ssgManifest.js
s.isanook.com/sr/0/_next/static/pnnPgTHkmrwK-U8WXne3J/ 		77 B
247 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/pnnPgTHkmrwK-U8WXne3J/_ssgManifest.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 07:47:32 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
77
server
Lego Server
age
0
etag
"64609170-4d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
5063145133057559785
accept-ranges
bytes
content-length
61
expires
Tue, 13 Jun 2023 07:47:32 GMT
gtm.js
www.googletagmanager.com/ 		219 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ff66a56cb847fc9d5f3527bc56a81af7699106b2ddd11647493016e1076afe95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72354
x-xss-protection
0
last-modified
Sun, 14 May 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 14 May 2023 13:52:00 GMT
d0004449.js
lvs2.truehits.in.th/dataa/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lvs2.truehits.in.th/dataa/d0004449.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.58.217 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-58-217.northern.inet.co.th
Software
nginx/1.23.3 /
Resource Hash
18af8ba9056199281dce1d7d08bf78d7555be69f9bc9baf180f7df1a6e2a169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:01 GMT
last-modified
Thu, 11 May 2023 07:02:00 GMT
server
nginx/1.23.3
p3p
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
content-type
application/x-javascript
cache-control
max-age=604800
content-length
8719
expires
Sun, 21 May 2023 13:52:01 GMT
a102.js
sal.isanook.com/js/ 		23 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sal.isanook.com/js/a102.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.94.165 Bangkok, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-165.static.asianet.co.th
Software
nginx /
Resource Hash
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Sun, 14 May 2023 13:52:03 GMT
Last-Modified
Mon, 10 Aug 2020 09:23:14 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24035
Expires
Tue, 13 Jun 2023 13:52:03 GMT
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 14 May 2023 13:52:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27538
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
XDZnO0IZRg6SyZ06Lbjn8N5/cq7FYVFCtjuUKJWKJoSxASM/GO6vrAekTMxVOxkgvwcKlvzNEC5/RIUAmA50rA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
spacer.gif
p3.isanook.com/sh/0/di/ac/vl/ 		43 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p3.isanook.com/sh/0/di/ac/vl/spacer.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 08:51:24 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Tue, 08 Feb 2011 09:07:23 GMT
server
Lego Server
age
0
etag
"4d5107cb-2b"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=2592000
x-nws-log-uuid
661809044171144531
accept-ranges
bytes
content-length
43
expires
Thu, 08 Jun 2023 08:51:24 GMT
ic-lotto.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/ic-lotto.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
99547a965f07daf7a5531abff25b655f8ca954dcd1fc1794a87e62b4f59069a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 07 May 2023 10:47:11 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 03 May 2023 08:42:04 GMT
server
Lego Server
age
0
etag
"64521e5c-b1f"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
12060538330434705325
accept-ranges
bytes
content-length
2847
joox.svg
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		1 KB
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/joox.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
0b2e019fbe37d9642ad85f3194ef708e5510f4e580544587d3036d2c6a22809e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 16:49:07 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 03 May 2023 08:42:04 GMT
server
Lego Server
age
0
etag
W/"64521e5c-4e7"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
2529276806057107673
accept-ranges
bytes
content-length
548
expires
Mon, 05 Jun 2023 16:49:07 GMT
wetv.svg
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/wetv.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
08a8463bf15cca775e8cc01995f1d42758cbda90dee2b7019fee15daa62822c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 07 May 2023 08:20:50 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 03 May 2023 08:42:04 GMT
server
Lego Server
age
0
etag
W/"64521e5c-1a5b"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
17608389822748186020
accept-ranges
bytes
content-length
1827
expires
Tue, 06 Jun 2023 08:20:50 GMT
wecomics-d.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/wecomics-d.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
72b957c8e33b77cbf556151dc0c974c59408561b4bf97828c5b400bb60663138

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 05 May 2023 11:21:58 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 03 May 2023 08:42:04 GMT
server
Lego Server
age
0
etag
"64521e5c-bec"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
3311476038056782310
accept-ranges
bytes
content-length
3052
pubg.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/firstpage/desktop/icons/pubg.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
695669eab4d353184ff9d06af8b2e1d0c0aea5af143d16b84206b05f1fa7ec3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 12:18:41 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Mon, 08 May 2023 10:47:13 GMT
server
Lego Server
age
0
etag
"6458d331-8c6"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
17379557033522921628
accept-ranges
bytes
content-length
2246
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzM1MjkvZWxlY3Rpb24tcmVzdWx0czAxLmpwZw==.jpg
s.isanook.com/fi/0/rp/rc/w555h333/yatxacm1w0/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w555h333/yatxacm1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzM1MjkvZWxlY3Rpb24tcmVzdWx0czAxLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
5e350907213334d6abaa825eca66b00c57971d80772e7bfe440345ec00ce2be8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 12:02:15 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
52906
server
Lego Server
age
0
etag
W/"PSA-aj-EwpEmZUBhC"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2591943
x-nws-log-uuid
1666141282591843826
accept-ranges
bytes
content-length
42454
expires
Tue, 13 Jun 2023 12:01:19 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzM1ODUvb2hvaG8uanBn.jpg
s.isanook.com/fi/0/rp/rc/w268h151/yatxacm1w0/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w268h151/yatxacm1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzM1ODUvb2hvaG8uanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
2d74536b9b773e6478091f6a064af85b572c2b5d5d643dd955fbd764ba3966a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:20:09 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
etag
W/"PSA-JQEmSFsq3C"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9415040364066880096
accept-ranges
bytes
content-length
16062
expires
Tue, 13 Jun 2023 13:20:09 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzMzMTcvdGFnbGluZS10ZW1wbGF0ZS11cGRhdGUtYXByaWwuanBn.jpg
s.isanook.com/fi/0/rp/rc/w268h151/yatxacm1w0/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w268h151/yatxacm1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzMzMTcvdGFnbGluZS10ZW1wbGF0ZS11cGRhdGUtYXByaWwuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
3d64c393a3454d460a9969dea580d4a6bf26fd8057afa3ac6249388c731aab27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:07:38 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
7425
server
Lego Server
age
0
etag
W/"PSA-aj-2q5qcIFVH-"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2591943
x-nws-log-uuid
4646195054254285273
accept-ranges
bytes
content-length
6173
expires
Tue, 13 Jun 2023 13:06:42 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzM0NDkvcF9zcG9ydCgxNykuanBn.jpg
s.isanook.com/fi/0/rp/rc/w268h151/yatxacm1w0/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w268h151/yatxacm1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzM0NDkvcF9zcG9ydCgxNykuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
1f0b4e2930056936a7b4e0e027d3f10488a61e3268e58d06147d7e1fcc0f5c53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:07:38 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
13636
server
Lego Server
age
0
etag
W/"PSA-aj-GkvIIxgZo_"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2591941
x-nws-log-uuid
13277299728653935724
accept-ranges
bytes
content-length
12371
expires
Tue, 13 Jun 2023 13:06:40 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzMzMDEvNC5qcGc=.jpg
s.isanook.com/fi/0/rp/rc/w268h151/yatxacm1w0/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w268h151/yatxacm1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzMzMDEvNC5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
30c5b1554b632083980f5eb99b674774b28d09a7f44f86f85fccc551695f9142

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:07:38 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
12647
server
Lego Server
age
0
etag
W/"PSA-aj-nqRf0N_kWD"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2591941
x-nws-log-uuid
2293570371279330333
accept-ranges
bytes
content-length
10685
expires
Tue, 13 Jun 2023 13:06:40 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzMzMjkvMS5qcGc=.jpg
s.isanook.com/fi/0/rp/rc/w172h97/yatxacm1w0/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w172h97/yatxacm1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzMzMjkvMS5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
2c6c8105077ab659bb2d43e2be89dd3aca47b431e0c1feb9e5cb4bad5003f421

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:07:38 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
8418
server
Lego Server
age
0
etag
W/"PSA-aj-yWyHpVOxy-"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2591941
x-nws-log-uuid
6506242488363994638
accept-ranges
bytes
content-length
7267
expires
Tue, 13 Jun 2023 13:06:40 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzcxLzE4NTc1ODEvMDAoMykuanBn.jpg
s.isanook.com/fi/0/rp/rc/w172h97/yatxacm1w0/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w172h97/yatxacm1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzcxLzE4NTc1ODEvMDAoMykuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
bbb7e880ada59b0dbace7d845b2d52b3bf858b8f0918363a07077279285e1818

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:07:38 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
4515
server
Lego Server
age
0
etag
W/"PSA-aj-EtdJUMU2ot"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2591943
x-nws-log-uuid
641513785607638995
accept-ranges
bytes
content-length
4022
expires
Tue, 13 Jun 2023 13:06:42 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzAyMTMvZWxlY3Rpb24tY3Jvc3MtMDEuanBn.jpg
s.isanook.com/fi/0/rp/rc/w172h97/yatxacm1w0/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w172h97/yatxacm1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzAyMTMvZWxlY3Rpb24tY3Jvc3MtMDEuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
430ecf099c86f7249fb00216fb559ab42bdcdf23dccddfec85987ce3bec6b1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 14:14:48 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
9616
server
Lego Server
age
0
etag
W/"PSA-aj-bdCBcrxc97"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2591800
x-nws-log-uuid
11922909452999631014
accept-ranges
bytes
content-length
7790
expires
Mon, 05 Jun 2023 14:11:29 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzczLzE4NjUxMjUvaDkuanBn.jpg
s.isanook.com/fi/0/rp/rc/w172h97/yatxacm1w0/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w172h97/yatxacm1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzczLzE4NjUxMjUvaDkuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
b507d2ac7c73d6a028c197a299fddb97b5b79fb41c8d16b8ffddc962ed747df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:07:38 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
3816
server
Lego Server
age
0
etag
W/"PSA-aj-QTwFAZveNv"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2591941
x-nws-log-uuid
4670831759192967280
accept-ranges
bytes
content-length
3260
expires
Tue, 13 Jun 2023 13:06:40 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzMzOTMvcC5qcGc=.jpg
s.isanook.com/fi/0/rp/rc/w172h97/yatxacm1w0/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w172h97/yatxacm1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzMzOTMvcC5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
e19671ef450091de37d9ad9a9bc8a043298b9514b876cd59843edbeaf33ac168

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:25:25 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
6399
server
Lego Server
age
0
etag
W/"PSA-aj-WAf4cfk8Lh"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2591986
x-nws-log-uuid
12287485764094833814
accept-ranges
bytes
content-length
5394
expires
Tue, 13 Jun 2023 13:25:12 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzIzNjEvYWljb3NwbGF5XzR0aF9zZXQuanBn.jpg
s.isanook.com/fi/0/rp/rc/w172h97/yatxacm1w0/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w172h97/yatxacm1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzIzNjEvYWljb3NwbGF5XzR0aF9zZXQuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
6c640da6393753b2e4050c43ac4087fc4fc4d6b86c9637f8b11e428517ce98ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 17:06:47 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
8847
server
Lego Server
age
0
etag
W/"PSA-aj-9j3SgjUssG"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2591981
x-nws-log-uuid
16821069085615410909
accept-ranges
bytes
content-length
7504
expires
Sat, 10 Jun 2023 17:06:29 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzI1NzcvdGFnbGluZS10ZW1wbGF0ZS11cGRhdGUtYXByaWwuanBn.jpg
s.isanook.com/fi/0/rp/rc/w172h97/yatxacm1w0/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w172h97/yatxacm1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzI1NzcvdGFnbGluZS10ZW1wbGF0ZS11cGRhdGUtYXByaWwuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
5e640a2cd36dc4423f5be1715edbf9a3a5b19b774c012eaab8803c0f63bffd57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 09:05:22 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
7105
server
Lego Server
age
0
etag
W/"PSA-aj-8WvnCHK_zh"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2591871
x-nws-log-uuid
13391402576708463273
accept-ranges
bytes
content-length
5609
expires
Tue, 13 Jun 2023 09:03:14 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzYzLzE4MTc0MjkvdGFnbGluZS10ZW1wbGF0ZS11cGRhdGUoNykuanBn.jpg
s.isanook.com/fi/0/rp/rc/w172h97/yatxacm1w0/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w172h97/yatxacm1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzYzLzE4MTc0MjkvdGFnbGluZS10ZW1wbGF0ZS11cGRhdGUoNykuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
70fbcd913b6b112aff02189897d364a6b8a011e3dbe23751c28d049dd8841631

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 11:06:24 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17739184305638410707
accept-ranges
bytes
content-length
3830
expires
Tue, 13 Jun 2023 11:06:24 GMT
oppa.js
p3.isanook.com/sh/0/js/ 		487 B
526 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/sh/0/js/oppa.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
5c9ffe1bfb0d4ac195af879d7ce333dde2534bb66d93e990d52c421891d8b746

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 06:21:37 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
487
server
Lego Server
age
2493824
etag
W/"PSA-aj-2J8lsPvpC5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
12431825014395049528
accept-ranges
bytes
content-length
323
expires
Fri, 28 Apr 2023 17:28:58 GMT
db04b7e80825ebbe7211052ca9638d056f74acc8-1.11.0.js
s.isanook.com/sr/0/js/izooto/ 		209 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/js/izooto/db04b7e80825ebbe7211052ca9638d056f74acc8-1.11.0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
04739cdd0a9f88f3ceac9851166b8376d4d10cc38cff7f92edc30d5e298d11b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 05 May 2023 06:49:07 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 03 May 2023 08:42:21 GMT
server
Lego Server
age
0
etag
W/"64521e6d-34574"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
2748873451184679811
accept-ranges
bytes
content-length
55174
expires
Sun, 04 Jun 2023 06:49:07 GMT
1489944661112333
connect.facebook.net/signals/config/ 		300 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1489944661112333?v=2.9.104&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e94c370cc0d6136c5507a2f2be89550f6f8b09591630668f1bb921306c2a3ca
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 14 May 2023 13:52:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88183
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
slR6+ioeCSjSZRlDcFe+fFhG6TzfpkEErMNpAAYUxyMIjcxjV4nxPeaG4UZi7TKS5YFll64FkNkzBa+VsfejDg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
logo-sanook-n.svg
s.isanook.com/sr/0/images/ 		11 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/logo-sanook-n.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
412e44de7c09f2b8d76b1ad4ca25cc6915bcca5d737aaa7c5a6b44e5965d1d6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 20:09:29 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 12 May 2023 10:13:43 GMT
server
Lego Server
age
0
etag
W/"645e1157-2b18"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
4072291309568728370
accept-ranges
bytes
content-length
4394
expires
Mon, 12 Jun 2023 20:09:29 GMT
prompt-regular-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/prompt/prompt-regular-webfont.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
8756f19020bac3a40d2a403c5f5bcf3ac5034bc0da074d6a383bbe6c32561de5

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 05:51:26 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Mon, 08 May 2023 10:47:01 GMT
server
Lego Server
age
37924
etag
"6458d325-c8dc"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
11975277349015643212
accept-ranges
bytes
content-length
51420
expires
Thu, 08 Jun 2023 05:51:26 GMT
SukhumvitReg.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitReg.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 05:55:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Mon, 08 May 2023 10:47:03 GMT
server
Lego Server
age
25719
etag
W/"6458d327-7a90"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
140611298796716776
accept-ranges
bytes
content-length
31404
expires
Thu, 08 Jun 2023 05:55:53 GMT
prompt-bold-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/prompt/prompt-bold-webfont.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
d68c3ead837103c502de483abfdb0167fa83abe2a3ba452df2d5f216289f6c9f

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 07:12:07 GMT
x-cache-lookup
Cache Hit
last-modified
Wed, 10 May 2023 11:30:46 GMT
server
Lego Server
age
8542
etag
"645b8066-cf40"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
734653470382219890
accept-ranges
bytes
content-length
53056
expires
Sat, 10 Jun 2023 07:12:07 GMT
prompt-semibold-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 		50 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/prompt/prompt-semibold-webfont.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
211ce11050c57b74d7f793232305a8ee5cea7f061366efaa6df4bff5cb7a2495

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 08:00:01 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 03 May 2023 08:41:53 GMT
server
Lego Server
age
3538
etag
"64521e51-c930"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
3658001088475875618
accept-ranges
bytes
content-length
51504
expires
Mon, 05 Jun 2023 08:00:01 GMT
SukhumvitBold.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitBold.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 10:30:22 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Mon, 24 Apr 2023 07:39:47 GMT
server
Lego Server
age
1235392
etag
"64463243-7df4"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
1594572402291661699
accept-ranges
bytes
content-length
32244
expires
Thu, 25 May 2023 10:30:22 GMT
optimize.js
www.googleoptimize.com/ 		121 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=GTM-NBRLWV4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
65c5209bee6152d1232aa12aa2c9cd97a27c393de23700d078e0ff08d3afb7d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
47549
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 14 May 2023 13:52:01 GMT
/
www.googleadservices.com/pagead/conversion/1007499765/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/1007499765/?random=1684072320410&cv=11&fst=1684072320410&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&bttype=purchase&auid=375541212.1684072320&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8429e638fc94861f35de8542c469761b523fbd524c4aff71f55155dbc70d0801
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1643
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/?random=1684072320416&cv=11&fst=1684072320416&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&auid=375541212.1684072320&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be73eb199a6134fce000f9b74786b26354f11cfad9d3fe3ce937725305fc023a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1242
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1489944661112333&ev=PageView&dl=https%3A%2F%2Fwww.sanook.com%2F&rl=&if=false&ts=1684072320433&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1684072320433.1426097308&it=1684072320327&coo=false&rqm=GET
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 14 May 2023 13:52:00 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ Frame 023F 		0
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.sanook.com
Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.sanook.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 13:52:00 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
base-icon-v1.0.45.woff2
s.isanook.com/sr/0/fonts/icon/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/icon/base-icon-v1.0.45.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
14642d9bda67d96a5291f33bb8c703967c8f2ac0214efe41b0c453aaa369cc6e

Request headers

Referer
https://www.sanook.com/
Origin
https://www.sanook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 08:56:13 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 12 May 2023 10:13:33 GMT
server
Lego Server
age
0
etag
"645e114d-9d84"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
5179611090088235266
accept-ranges
bytes
content-length
40324
expires
Mon, 12 Jun 2023 08:56:13 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155976/781/ 		2 MB
239 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fef4faae40a223746521b1ac55c3e99aacc17151dcef5f0397c18e8b6879c42c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:01 GMT
content-encoding
gzip
last-modified
Wed, 10 May 2023 07:46:04 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=116316
accept-ranges
bytes
content-length
243413
expires
Mon, 15 May 2023 22:10:37 GMT
hub.html
p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/ Frame E864 		236 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-a05a21fb5346d2f7b819.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
805063
cache-control
no-cache, max-age=0
content-length
236
content-type
text/html
date
Fri, 05 May 2023 06:14:18 GMT
server
Lego Server
vary
Accept-Encoding
x-cache-lookup
Cache Miss Cache Miss Cache Miss Hit From Inner Cluster
x-nws-log-uuid
7506944035012851651
x-page-speed
1.13.35.2-0
/
graph.sanook.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getFirstpageLatestEntryConnection&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%5D%2C%22categoryIds%22%3A%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%2C%22categorySlugs%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22slugs%22%3A%5B%22hotnews%22%5D%7D%5D%2C%22orderBy%22%3A%7B%22direction%22%3A%22DESC%22%2C%22field%22%3A%22STICKY%22%7D%2C%22first%22%3A4%2C%22excludeEntries%22%3A%5B%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873529%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873633%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873681%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873537%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873665%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873585%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873317%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873449%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873301%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873329%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1857581%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1870213%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1865125%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873393%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1872361%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1872577%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1817429%7D%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%221474309c383bf4a103df9ccddde816058e046508%22%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.93.41 Bangkok, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-41.static.asianet.co.th
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.sanook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Max-Age
300
Connection
keep-alive
Date
Sun, 14 May 2023 13:52:02 GMT
G-API-Cache-Status
BYPASS
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Vary
Origin
/
graph.sanook.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getFirstpageLatestEntryConnection&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%5D%2C%22categoryIds%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%5D%2C%22categorySlugs%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22slugs%22%3A%5B%22ch-entertain%22%5D%7D%5D%2C%22first%22%3A4%2C%22excludeEntries%22%3A%5B%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873529%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873633%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873681%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873537%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873665%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873585%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873317%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873449%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873301%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873329%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1857581%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1870213%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1865125%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873393%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1872361%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1872577%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1817429%7D%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%221474309c383bf4a103df9ccddde816058e046508%22%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.93.41 Bangkok, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-41.static.asianet.co.th
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.sanook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Max-Age
300
Connection
keep-alive
Date
Sun, 14 May 2023 13:52:02 GMT
G-API-Cache-Status
BYPASS
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Vary
Origin
cookiepolicy.png
s.isanook.com/sr/0/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/cookiepolicy.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
d57aeaf80265f0b85de1bf9798c3eb60e8b8a71869a16cea4873e21667c9f657

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 16:29:53 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 03 May 2023 08:42:02 GMT
server
Lego Server
age
0
etag
"64521e5a-428b"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
17208579298144167386
accept-ranges
bytes
content-length
17035
sanook_trend
sloth-api.sanook.com/api/ 		689 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sloth-api.sanook.com/api/sanook_trend?channel=all&t=467797
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.93.46 Bangkok, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-46.static.asianet.co.th
Software
nginx / Express
Resource Hash
fed24d17bedc5029900e13e8bdefb58dd8f025a89d9a0ce8dd7dbfdb38d35202

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

X-Response-Time
2.629ms
Date
Sun, 14 May 2023 13:52:04 GMT
Server
nginx
X-Powered-By
Express
ETag
W/"2b1-SO0W9t2xNM4ffRmGcA75fyS3azw"
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Length
689
Expires
Tue, 13 Jun 2023 13:52:04 GMT
title-vote.png
s.isanook.com/sr/0/images/events/2023/hbdproject/june/desktop/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/events/2023/hbdproject/june/desktop/title-vote.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
582393be1813e52d588f9c0b62f8ebf67ad5d9e1aba1d810611ea9303817a45e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 03:37:50 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
66912
server
Lego Server
age
0
etag
W/"PSA-aj-vaXoE8gOab"
content-type
image/png
x-nws-log-uuid
8732807060445070948
accept-ranges
bytes
content-length
50332
expires
Mon, 08 May 2023 03:40:56 GMT
/
graph.sanook.com/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getFirstpageLatestEntryConnection&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%5D%2C%22categoryIds%22%3A%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%2C%22categorySlugs%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22slugs%22%3A%5B%22hotnews%22%5D%7D%5D%2C%22orderBy%22%3A%7B%22direction%22%3A%22DESC%22%2C%22field%22%3A%22STICKY%22%7D%2C%22first%22%3A4%2C%22excludeEntries%22%3A%5B%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873529%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873633%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873681%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873537%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873665%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873585%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873317%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873449%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873301%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873329%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1857581%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1870213%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1865125%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873393%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1872361%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1872577%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1817429%7D%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%221474309c383bf4a103df9ccddde816058e046508%22%7D%7D
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-a05a21fb5346d2f7b819.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.93.41 Bangkok, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-41.static.asianet.co.th
Software
nginx /
Resource Hash
390c7a083630523df13c0acd5a01ed407422c105d4c2e896e7dae5ab34440604
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept
*/*
Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type
application/json

Response headers

Date
Sun, 14 May 2023 13:52:02 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Server
nginx
X-Cache-Status
EXPIRED
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Credentials
true
G-API-Cache-Status
HIT
Connection
keep-alive
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
/
graph.sanook.com/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getFirstpageLatestEntryConnection&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%5D%2C%22categoryIds%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%5D%2C%22categorySlugs%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22slugs%22%3A%5B%22ch-entertain%22%5D%7D%5D%2C%22first%22%3A4%2C%22excludeEntries%22%3A%5B%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873529%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873633%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873681%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873537%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873665%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873585%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873317%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873449%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873301%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873329%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1857581%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1870213%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1865125%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1873393%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1872361%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1872577%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1817429%7D%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%221474309c383bf4a103df9ccddde816058e046508%22%7D%7D
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-a05a21fb5346d2f7b819.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.93.41 Bangkok, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-41.static.asianet.co.th
Software
nginx /
Resource Hash
37f0083e3ccae47923056a2cf1bcd82ebf8ba1f8d53c6bc28f2fd72e1c2c9a6d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept
*/*
Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type
application/json

Response headers

Date
Sun, 14 May 2023 13:52:02 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Server
nginx
X-Cache-Status
EXPIRED
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Credentials
true
G-API-Cache-Status
HIT
Connection
keep-alive
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
syncframe
gum.criteo.com/ Frame 5510 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 13:52:01 GMT
server
Kestrel
server-processing-duration-in-ticks
489829
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
btn-close.png
s.isanook.com/sr/0/images/events/2023/hbdproject/june/desktop/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/events/2023/hbdproject/june/desktop/btn-close.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
c3fd8d1ca0927bef0d34534e1ae91c92cf336842f17f6f08d7907180529acd1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:15:56 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 11 May 2023 09:35:43 GMT
server
Lego Server
age
0
etag
"645cb6ef-8ab"
content-type
image/png
cache-control
s-maxage=10
x-nws-log-uuid
1557245508222167436
accept-ranges
bytes
content-length
2219
bg-vote.png
s.isanook.com/sr/0/images/events/2023/hbdproject/june/desktop/ 		162 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/events/2023/hbdproject/june/desktop/bg-vote.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
0a62a445564da839be3d2fa0aef9f81b08d4869dbe8b0f63a0864f60b172a640

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 03:35:56 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
etag
"64585fd8-2866e"
content-type
image/png
x-nws-log-uuid
3838594759746695514
accept-ranges
bytes
content-length
165486
expires
Mon, 08 May 2023 03:40:56 GMT
button-v.png
s.isanook.com/sr/0/images/events/2023/hbdproject/june/desktop/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/events/2023/hbdproject/june/desktop/button-v.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
a74b93030e1ae059d7d2437c8232abacd76d03e1626b9ee417ac2dcca41a38bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 03:37:51 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
4902
server
Lego Server
age
0
etag
W/"PSA-aj-qi-nQmtHk1"
content-type
image/png
x-nws-log-uuid
7983156947270708095
accept-ranges
bytes
content-length
2850
expires
Mon, 08 May 2023 03:40:56 GMT
/
www.google.de/pagead/1p-conversion/1007499765/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=139786315&cv=11&fst=1684072320410&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww....
  • https://www.google.com/pagead/1p-conversion/1007499765/?random=139786315&cv=11&fst=1684072320410&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=J...
  • https://www.google.de/pagead/1p-conversion/1007499765/?random=139786315&cv=11&fst=1684072320410&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=Jx...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/1007499765/?random=139786315&cv=11&fst=1684072320410&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&auid=375541212.1684072320&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOEkyQ293WVFnYVdvMHRqdTVMMEdFaVVBNjlqUmNIeTB3cFRURXlxV2pqYTZXWTNVUEZ6bk9oaEVkNzA5Q2JMRTg5QUpsUnJnGlhDaEVJOEkyQ293WVFfTmVnM3JuYW9xdWxBUkl0QUh5cy1NLTY5V0QwN2htSzBJRVdtd3N1cXdPbW5WOC12X0RNSTNWNi03XzBfSExNZW9BbUtuYjVkbWZT&is_vtc=1&ocp_id=gedgZN6FAZrI7_UP9OGsuAM&cid=CAQSKQBygQiDG_m2lhO7HwALRyLnymg2j2vUtYU_MXb4xdds4SLaA2lJQPbk&eitems=ChEI8I2CowYQ772jjZzHiIOQARIdAJupAypKNgxMewjlDcQmY-it-gmXUxhl3mDlM2Y&random=2539240228&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:01 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:01 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/1007499765/?random=139786315&cv=11&fst=1684072320410&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&auid=375541212.1684072320&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOEkyQ293WVFnYVdvMHRqdTVMMEdFaVVBNjlqUmNIeTB3cFRURXlxV2pqYTZXWTNVUEZ6bk9oaEVkNzA5Q2JMRTg5QUpsUnJnGlhDaEVJOEkyQ293WVFfTmVnM3JuYW9xdWxBUkl0QUh5cy1NLTY5V0QwN2htSzBJRVdtd3N1cXdPbW5WOC12X0RNSTNWNi03XzBfSExNZW9BbUtuYjVkbWZT&is_vtc=1&ocp_id=gedgZN6FAZrI7_UP9OGsuAM&cid=CAQSKQBygQiDG_m2lhO7HwALRyLnymg2j2vUtYU_MXb4xdds4SLaA2lJQPbk&eitems=ChEI8I2CowYQ772jjZzHiIOQARIdAJupAypKNgxMewjlDcQmY-it-gmXUxhl3mDlM2Y&random=2539240228&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iz_setcid.html
cdn.izooto.com/scripts/sak/ Frame D53A 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/js/izooto/db04b7e80825ebbe7211052ca9638d056f74acc8-1.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
271408
cache-control
public, max-age=2678400
cf-cache-status
HIT
cf-ray
7c739e891e659a00-FRA
content-encoding
br
content-type
text/html
date
Sun, 14 May 2023 13:52:01 GMT
expires
Wed, 14 Jun 2023 13:52:01 GMT
last-modified
Tue, 07 Feb 2023 10:27:13 GMT
server
cloudflare
vary
Accept-Encoding
x-xss-protection
1; mode=block
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 14 May 2023 12:35:39 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
4582
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Sun, 14 May 2023 14:35:39 GMT
/
www.google.com/pagead/1p-user-list/408516141/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/408516141/?random=1684072320416&cv=11&fst=1684069200000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&fmt=3&is_vtc=1&random=1110294015&rmt_tld=0&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:01 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/408516141/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/408516141/?random=1684072320416&cv=11&fst=1684069200000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&fmt=3&is_vtc=1&random=1110294015&rmt_tld=1&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:01 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 06:03:54 GMT
content-encoding
gzip
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
28088
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
jWMdWaCiT2r5BQZ5g4LOwLpU-E56NVuCl2PMVKZKvIuV7pI8TeP35A==
js
www.googletagmanager.com/gtag/ 		230 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Requested by
Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=GTM-NBRLWV4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6845354fd79c0af37cd71a0c92f57e12ec463571b296718c0cae8ab7a5b6c830
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81304
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 14 May 2023 13:52:01 GMT
container_57b51f2f1c51b15b6d1e8553.js
avd.innity.net/225/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/oppa.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.215.19.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-19-214.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Sun, 14 May 2023 13:52:01 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Aug 2020 08:27:45 GMT
Server
nginx/1.20.1
ETag
"5f48c001-20eb-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=461072
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3222
Expires
Fri, 19 May 2023 21:56:33 GMT
sid
mug.criteo.com/ Frame 5510
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=sanook.com&sn=ChromeSyncframe&so=0&topUrl=www.sanook.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=ozb7uXxLK1BQbmIwVzl4VnJFSHhLR3VTVFVXWUE0bWYrWmt4bTJuQnJuUEFpNXpyM3NudjFOYXFKOThucFQ5a29VZDZFc296RlNyRDBKTW51WXhkOFg2b2hrYlQ3eVU5Mkh0WWF3L1ZhVmhFUzBwaU84Y1BYZnQrNzVhdm...
443 B
657 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ozb7uXxLK1BQbmIwVzl4VnJFSHhLR3VTVFVXWUE0bWYrWmt4bTJuQnJuUEFpNXpyM3NudjFOYXFKOThucFQ5a29VZDZFc296RlNyRDBKTW51WXhkOFg2b2hrYlQ3eVU5Mkh0WWF3L1ZhVmhFUzBwaU84Y1BYZnQrNzVhdmVtdlI5S2kvVGZqLzF6QUxnOENuN1pReTJTbXJFcHN2MlNIdGNMU2o1NUY0UEY2S09ORjBCWGRJdGtHS0pSeFpRM2JDL1FCVXRvWk1JaUtrTnJxcDhBN2pTZWFkQVFWVUpndE5FcFBKd3NzTjg3REswemVGd2Q4dnBpem95Z0QxY2IreVNGYURKaVo4dXc5enBHYXZ4a3lQSjFQOXBuZz09fA&cppv=2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5ef1f9afe5400a1e9619e2ab2cec83ec5961bf45520ea8cdf00c6229e90ef656
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:01 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1418578
expires
0

Redirect headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:00 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=ozb7uXxLK1BQbmIwVzl4VnJFSHhLR3VTVFVXWUE0bWYrWmt4bTJuQnJuUEFpNXpyM3NudjFOYXFKOThucFQ5a29VZDZFc296RlNyRDBKTW51WXhkOFg2b2hrYlQ3eVU5Mkh0WWF3L1ZhVmhFUzBwaU84Y1BYZnQrNzVhdmVtdlI5S2kvVGZqLzF6QUxnOENuN1pReTJTbXJFcHN2MlNIdGNMU2o1NUY0UEY2S09ORjBCWGRJdGtHS0pSeFpRM2JDL1FCVXRvWk1JaUtrTnJxcDhBN2pTZWFkQVFWVUpndE5FcFBKd3NzTjg3REswemVGd2Q4dnBpem95Z0QxY2IreVNGYURKaVo4dXc5enBHYXZ4a3lQSjFQOXBuZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
291647
content-length
0
expires
0
floors.json
ads.pubmatic.com/AdServer/js/pwt/floors/155976/781/ 		2 KB
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/floors/155976/781/floors.json
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9af13b9e5f07aff41e140edcd380b63f9b5f624e445623665710f902c7c546ae

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 14 May 2023 13:52:01 GMT
content-encoding
gzip
last-modified
Sat, 13 May 2023 01:16:32 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
content-type
application/json
cache-control
max-age=41064
access-control-allow-credentials
true
accept-ranges
bytes
content-length
349
expires
Mon, 15 May 2023 01:16:25 GMT
gpt.js
www.googletagservices.com/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b01878bb14cf38583deae6167267f1f3e2cf4596d5f061cda02f93b0fe22e1af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25236
x-xss-protection
0
server
cafe
etag
341 / 19491 / m202305090101 / config-hash: 12209807291441061903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 14 May 2023 13:52:01 GMT
goggen.php
lvs2.truehits.in.th/ 		91 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lvs2.truehits.in.th/goggen.php?hc=d0004449&bv=0&rf=bookmark&web=1kmabSf6feG8CSdjcoTFNg%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=727CD550.1&fp=d&fv=-&truehitspage=sanook.www.index&truehitsurl=https%3a//www.sanook.com/&async=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.58.217 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-58-217.northern.inet.co.th
Software
nginx/1.23.3 /
Resource Hash
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/jpeg
pragma
no-cache
date
Sun, 14 May 2023 13:52:01 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server
nginx/1.23.3
p3p
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
collect
www.google-analytics.com/j/ 		4 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=984628893&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABQAAAACAEK~&jid=763343930&gjid=1173815460&cid=1927003879.1684072322&tid=UA-8147095-6&_gid=1230874791.1684072322&_r=1&_slc=1&gtm=45He35a0n81PNXLXRS&cd4=0&cd12=1684072321415.8jwy63po&cd22=firstpage&cd23=indexpage&cd43=0&z=311729017
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
b
sb.scorecardresearch.com/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684072321528&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2F&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c9=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:01 GMT
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
Tz0m4-_sgso56cScsj2PMkaMEE3ftz2od8_K6RUOUsT7kHj3_m691A==
x-cache
Miss from cloudfront
collect
region1.analytics.google.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-M0RYDTKBFK&gtm=45je35a0&_p=984628893&_gaz=1&cid=1927003879.1684072322&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&sid=1684072321&sct=1&seg=0&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&en=page_view&_fv=1&_ss=2&ep.user_session_id=1684072321414.5a4fq2g&ep.content_channel=firstpage&ep.content_page_format=indexpage&ep.adblock_tracker=false&upn.user_login=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M0RYDTKBFK&cid=1927003879.1684072322&gtm=45je35a0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M0RYDTKBFK&cid=1927003879.1684072322&gtm=45je35a0&aip=1&z=2117162054
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-8147095-6&cid=1927003879.1684072322&jid=763343930&gjid=1173815460&_gid=1230874791.1684072322&_u=YEBAAEAAQAAAACAEK~&z=2003682367
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 14 May 2023 13:52:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-8147095-6&cid=1927003879.1684072322&jid=763343930&_u=YEBAAEAAQAAAACAEK~&z=2026066580
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-8147095-6&cid=1927003879.1684072322&jid=763343930&_u=YEBAAEAAQAAAACAEK~&z=2026066580
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc.js
avd.innity.net/lib/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/lib/dc.js
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.215.19.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-19-214.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Sun, 14 May 2023 13:52:01 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Oct 2021 06:40:46 GMT
Server
nginx/1.20.1
ETag
"61725cee-5149-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=361018
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6412
Expires
Thu, 18 May 2023 18:08:59 GMT
container_5f47736a47e7049801000002.js
avd.innity.net/261/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/261/container_5f47736a47e7049801000002.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.215.19.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-19-214.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Sun, 14 May 2023 13:52:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Sep 2020 01:58:26 GMT
Server
nginx/1.20.1
ETag
"5f73e642-1eac-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=500200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2870
Expires
Sat, 20 May 2023 08:48:41 GMT
/
avd.innity.com/dc/cb/ 		59 B
726 B 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.216.16 , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
10.d8.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
f7bf48f1b5f98defd5b08bb1d4dbe9545d125b1d3ba46d784a2db43caaba435f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 May 2023 13:52:02 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 May 2023 13:52:02 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Length
79
Expires
Wed, 04 Aug 1985 12:59:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/ 		402 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4dc80fcaf6db01fa29ced797dbb0947bb3bb95b1a88f893f389cf17144166075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:15:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
2211
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127184
x-xss-protection
0
server
cafe
etag
3263738860219486170
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 13 May 2024 13:15:10 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.sanook.com
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1aa4e18158673b2d3ba35d5852dceae2d04e25f5f2e4e00961cbf40b79524386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
878
x-xss-protection
0
expires
Sun, 14 May 2023 13:52:01 GMT
dc-script-v2.min.js
sal.isanook.com/dc/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sal.isanook.com/dc/dc-script-v2.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.94.165 Bangkok, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-165.static.asianet.co.th
Software
nginx /
Resource Hash
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Sun, 14 May 2023 13:52:03 GMT
Last-Modified
Mon, 16 Nov 2020 11:46:30 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25278
Expires
Tue, 13 Jun 2023 13:52:03 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=139
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Sun, 14 May 2023 13:52:01 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		2 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=23211565542
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 14 May 2023 13:52:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
28
cdb
bidder.criteo.com/ 		2 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=44661421510
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 14 May 2023 13:52:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
28
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=661
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Sun, 14 May 2023 13:52:00 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		2 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=26601568591
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
28
213794966
fundingchoicesmessages.google.com/i/ 		131 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/213794966?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5d72e7f8f4515a77774b80d777d50dde6d46b7ba313521b24aeffbc373f09847
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-uj7HamFhKWKoR4gF7rCl6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:01 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-uj7HamFhKWKoR4gF7rCl6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
hub.js
p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/ Frame E864 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/hub.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:01 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 18 Nov 2016 04:14:33 GMT
server
Lego Server
etag
"582e8029-1e6a"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
14330572303810096371
accept-ranges
bytes
content-length
2483
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5FBA 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=58230
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 14 May 2023 13:52:01 GMT
expires
Mon, 15 May 2023 06:02:31 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3243 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=58230
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 14 May 2023 13:52:01 GMT
expires
Mon, 15 May 2023 06:02:31 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
AGSKWxX57FwyLovztzPVPL3-eW8bWMpfqb9Sa4z3WgXrh7CodzST8P-9rVzZ1CeiTkXclHMZ3MTN4qUn9UiwI29aR6E=
fundingchoicesmessages.google.com/f/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX57FwyLovztzPVPL3-eW8bWMpfqb9Sa4z3WgXrh7CodzST8P-9rVzZ1CeiTkXclHMZ3MTN4qUn9UiwI29aR6E=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg0MDcyMzIxLDk5MTAwMDAwMF0sIkI0OEE1N0ZCLUE1NzktNEY2Qi05MDQwLTlDREFBQzM3RkZGMiIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3LnNhbm9vay5jb20vIixudWxsLFtbOCwidlB0Y0JGRmJmUkEiXSxbOSwiZGUiXSxbMTYsIlsxLDEsMV0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.vPtcBFFbfRA.es5.O/d=1/rs=AJlcJMzRYUhmOBqJxIffD-hs8t-nJHyljw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
559b1655dd2217813e55b8356d4e89d999fb61f4a6aa26aa6a45c147877f1e36
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PoDd7G0ZsI0vJr7FzCvCAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
content-security-policy
script-src 'report-sample' 'nonce-PoDd7G0ZsI0vJr7FzCvCAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3265520568402377&correlator=2717868022202600&eid=31072020%2C31073864&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cuniversalb&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ifi=1&adks=345054422&didk=2096832710&sfv=1-0-40&prev_scp=category%3Dall&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1684072322016&lmt=1684072322&dlt=1684072320075&idt=1762&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=1927003879.1684072322&ga_sid=1684072322&ga_hid=984628893&ga_fc=true
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d02ebd9eb1208457fcdd2d6a13d63eab2327b5e019bbbee3fd1b1299abfcd192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10462
x-xss-protection
0
google-lineitem-id
5582840632
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138373742424
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 98CF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 13:52:02 GMT
expires
Mon, 13 May 2024 13:52:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		563 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3265520568402377&correlator=2773408053957962&eid=31072020%2C31073864&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2CSkyscraper&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=130x445&ifi=2&adks=908668280&didk=1874942343&sfv=1-0-40&prev_scp=category%3Dall&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1684072322029&lmt=1684072322&dlt=1684072320075&idt=1762&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=132&ohw=130&ga_vid=1927003879.1684072322&ga_sid=1684072322&ga_hid=984628893&ga_fc=true
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab85b212cc731304bc60a1da2621df8d562709f9c20d0e2e7152dd029d2a0817
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
306
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxVQWxk-ryz1cTpmyRII5IW2uG1D7BDW9jmq4dJ1tsKFYlFgdWE-rxDoPWxJ6sPoBLCMFN5OZ6vqtkt2_xGtA-dN8NG6b643bIdTgO4nBLBCJ21HIiP05XpA_ZVHGIw8pRMlaocmfQ==
fundingchoicesmessages.google.com/f/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVQWxk-ryz1cTpmyRII5IW2uG1D7BDW9jmq4dJ1tsKFYlFgdWE-rxDoPWxJ6sPoBLCMFN5OZ6vqtkt2_xGtA-dN8NG6b643bIdTgO4nBLBCJ21HIiP05XpA_ZVHGIw8pRMlaocmfQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg0MDcyMzIyLDcxMDAwMDAwXSwiQjQ4QTU3RkItQTU3OS00RjZCLTkwNDAtOUNEQUFDMzdGRkYyIixudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly93d3cuc2Fub29rLmNvbS8iLG51bGwsW1s4LCJ2UHRjQkZGYmZSQSJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.vPtcBFFbfRA.es5.O/d=1/rs=AJlcJMzRYUhmOBqJxIffD-hs8t-nJHyljw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6e7cee02f137ecb7687634dcd4c4ba4ab740242b635dd8e46c6d32e462679ca2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-392bsRCBxsH0lPPvGcLyKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
content-security-policy
script-src 'report-sample' 'nonce-392bsRCBxsH0lPPvGcLyKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 5FBA 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=49776864&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e38d761834243bf2cc6fe6785b8b08e3f48db6a79c3fc46296f0d3a1753683b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 14 May 2023 13:52:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
view
securepubads.g.doubleclick.net/pcs/ Frame 849B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstguJS3PW-39HdSJQaaZPi7yImYlKR_ngkwgGY0zf7ZZ-_RDt2azN_sa2DgT0ichiI2r2dOBUu8MulMp-0oJPCptRm9WqFE5c_-9xcmsc2PNDHwdJjLfpzFQBovzC8ZIz3OxBgTGF1sstes61YYqyuk_kRHvg4vRbpRJ1mjYWGhtHW1td0XxZsGY6yeyOqlSGCFBNHhtBjwzwbXUeEwTYhV7JC87acvMblxMQYNAB7bZZLwqoaKeHUpu8tAKU0oiNZ8pbWPudiiUzk-0hEF-GKfhzKH5kts-JzJyLOqphw3_SEbYGygo6Bk_WkLOJmOmiwiKzY9JZCfTlIfmlCDArmS4Lm_exT-CFY_4Y0j7A&sai=AMfl-YQnZsawBm2tVIlQgxE1KAk-Y4NMTU0oF9GxyeYzVuY8uKuwlW0HKUAO2Xs-D_L8jIJ4xjGqGSfF9F3HaD6y4ZqYW1m_URCEWk8W2-M9sTLhsjUf8Pm3MSt2aePrRg&sig=Cg0ArKJSzFhnSUYdLAiAEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 849B 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
652e6b0c1e2415dcec99519e4c0ceb4390e443d84463547c3287c1aebc013f9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25240
x-xss-protection
0
server
cafe
etag
738 / 19491 / 31074523 / config-hash: 12209807291441061903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 14 May 2023 13:52:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 849B 		169 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 May 2023 13:52:02 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2064
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ebe16460-e782-4500-a0a6-1dc52db12729&gdpr=0&gdpr_consent=
42 B
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ebe16460-e782-4500-a0a6-1dc52db12729&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 14 May 2023 13:52:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 14 May 2023 13:52:02 GMT
Expires
Sun, 14 May 2023 13:52:01 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 851 9bd98ae master zrh-pixel-x3 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ebe16460-e782-4500-a0a6-1dc52db12729&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 6769
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336723200229105
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336723200229105
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 14 May 2023 13:52:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sun, 14 May 2023 13:52:02 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336723200229105
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame AD11
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 14 May 2023 13:52:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 13:52:01 GMT
expires
Sun, 14 May 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1204746
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame F6BE
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7195103447793568274
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7195103447793568274
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 14 May 2023 13:52:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7195103447793568274
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame FDC1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4551528029839449851&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4551528029839449851&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 14 May 2023 13:52:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
7a63fbbf-72bf-48f5-b649-ad0107e16e79
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sun, 14 May 2023 13:52:02 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4551528029839449851&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
80.255.10.199; 80.255.10.199; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 1C9A
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 14 May 2023 13:52:02 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
N6AGR27AK72FGDHHBGCQ

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sun, 14 May 2023 13:52:02 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
F722SMQ9W9D9PME8CRF3
Pug
image2.pubmatic.com/AdServer/ Frame 7175
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-RkDcKoaDXLiHgYh9hsYcawaDXHiTwwk90g3C_dz
42 B
566 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-RkDcKoaDXLiHgYh9hsYcawaDXHiTwwk90g3C_dz
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 14 May 2023 13:52:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sun, 14 May 2023 13:52:02 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-RkDcKoaDXLiHgYh9hsYcawaDXHiTwwk90g3C_dz
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 27AD
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7233035547097102484&gdpr=0&gdpr_consent=
42 B
448 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7233035547097102484&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 14 May 2023 13:52:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Sun, 14 May 2023 13:52:02 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7233035547097102484&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
image2.pubmatic.com/AdServer/ Frame 3943
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHY1QwN0l3YzhBQUNEMG93YzJOUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGcT07Iwc8AACD0owc2NQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=1954334274752897082&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGcT07Iwc8AACD0owc2NQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1954334274752897082%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1954334274752897082&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAGcT07...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGcT07Iwc8AACD0owc2NQ&gdpr=0&gdpr_consent=
42 B
198 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGcT07Iwc8AACD0owc2NQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 14 May 2023 13:52:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sun, 14 May 2023 13:52:02 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGcT07Iwc8AACD0owc2NQ&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 4CC7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZGDnggAJ_HswGQAn&gdpr=1&gdpr_consent=&_test=ZGDnggAJ_HswGQAn
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZGDnggAJ_HswGQAn&gdpr=1&gdpr_consent=&_test=ZGDnggAJ_HswGQAn
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 14 May 2023 13:52:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sun, 14 May 2023 13:52:03 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZGDnggAJ_HswGQAn&gdpr=1&gdpr_consent=&_test=ZGDnggAJ_HswGQAn
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-gig2250025-GIG
x-timer
S1684072323.084468,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5FBA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=L2mYpY5KRb68e5c_f64E0Q%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=58229
accept-ranges
bytes
content-length
5554
expires
Mon, 15 May 2023 06:02:31 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 5FBA 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&gdpr=0&gdpr_consent=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.105.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-105-75.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:02 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.1.20
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 5FBA
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1497351764
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:02 GMT
via
1.1 google
last-modified
Sun, 14 May 2023 13:52:02 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1
date
Sun, 14 May 2023 13:52:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 5FBA
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YjZmU3E3eWdQeGtRYi1IbC15RUUxMzRGUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=635146453989379027&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Server
3.215.146.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-146-42.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Sun, 14 May 2023 13:52:02 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 14 May 2023 13:52:02 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 5FBA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkY2OTk4QTUtOEU0QS00NUJFLUJDN0ItOTczRjdGQUUwNEQx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 14 May 2023 13:52:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5FBA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKr9RxTP49JSxGQlzTMDb9k&google_cver=1
42 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKr9RxTP49JSxGQlzTMDb9k&google_cver=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 14 May 2023 13:52:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKr9RxTP49JSxGQlzTMDb9k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 5FBA 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 13 May 2023 13:52:02 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5FBA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=635146453989379027
42 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=635146453989379027
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 14 May 2023 13:52:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=635146453989379027
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 5FBA 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 14 May 2023 13:52:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
SPug
image4.pubmatic.com/AdServer/ Frame 5FBA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-das34jtE2uXfVEEIFSsKosrwcgHMqTk-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-das34jtE2uXfVEEIFSsKosrwcgHMqTk-~A&gdpr=0
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:01 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-das34jtE2uXfVEEIFSsKosrwcgHMqTk-~A&gdpr=0
date
Sun, 14 May 2023 13:52:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5FBA 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1?gdpr=0&gdpr_consent=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:ffc9:867:3ede:5e54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 5FBA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=8ea390d7-5e0f-448f-80ea-cfc3a71c1f86&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=8ea390d7-5e0f-448f-80ea-cfc3a71c1f86&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=b632df4a-991d-40ea-b8f8-7c1eb6668028&ssp=pubmatic&gdpr=0
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8ea390d7-5e0f-448f-80ea-cfc3a71c1f86&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8ea390d7-5e0f-448f-80ea-cfc3a71c1f86&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 14 May 2023 13:52:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8ea390d7-5e0f-448f-80ea-cfc3a71c1f86&gdpr=0&gdpr_consent=&gdpr_pd=
date
Sun, 14 May 2023 13:52:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 5FBA 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&gdpr=0&gdpr_consent=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:02 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 5FBA 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sun, 14 May 2023 13:52:01 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
bid-request
a.teads.tv/hb/ 		16 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:02 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 14 May 2023 13:52:02 GMT
translator
hbopenbid.pubmatic.com/ 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=952
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Sun, 14 May 2023 13:51:59 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
events
bidder.criteo.com/csm/ 		0
215 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=219
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Sun, 14 May 2023 13:52:00 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		16 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:02 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 14 May 2023 13:52:02 GMT
hb
rtb-eu.andbeyond.media/ 		22 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.6
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 14 May 2023 13:52:02 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
22
fastlane.json
fastlane.rubiconproject.com/a/api/ 		370 B
921 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17864&site_id=385176&zone_id=2142876&size_id=15&alt_size_ids=570&rf=https%3A%2F%2Fwww.sanook.com%2F&kw=%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%2C%E0%B8%AB%E0%B8%A7%E0%B8%A2%2C%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A%E0%B8%B2%E0%B8%A5%2C%E0%B8%9F%E0%B8%B1%E0%B8%87%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%2CJoox%2C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%2C%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%2C%E0%B8%A7%E0%B8%B2%E0%B9%84%E0%B8%A3%E0%B8%95%E0%B8%B5%E0%B9%89%2C%E0%B8%81%E0%B8%B5%E0%B8%AC%E0%B8%B2%2C%E0%B8%AB%E0%B8%99%E0%B8%B1%E0%B8%87%2C%E0%B8%A5%E0%B8%B0%E0%B8%84%E0%B8%A3%2C%E0%B8%84%E0%B8%A5%E0%B8%B4%E0%B8%9B%E0%B8%A7%E0%B8%B4%E0%B8%94%E0%B8%B5%E0%B9%82%E0%B8%AD%2C%E0%B8%AA%E0%B8%B8%E0%B8%82%E0%B8%A0%E0%B8%B2%E0%B8%9E%2C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%9A%E0%B8%B1%E0%B8%99%E0%B9%80%E0%B8%97%E0%B8%B4%E0%B8%87%2Csanook%2C%E0%B8%A7%E0%B8%B4%E0%B9%80%E0%B8%84%E0%B8%A3%E0%B8%B2%E0%B8%B0%E0%B8%AB%E0%B9%8C%E0%B8%9A%E0%B8%AD%E0%B8%A5%2C%E0%B9%80%E0%B8%81%E0%B8%A1%2C%E0%B8%94%E0%B8%B9%E0%B8%97%E0%B8%B5%E0%B8%A7%E0%B8%B5%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C&tg_i.page=https%3A%2F%2Fwww.sanook.com%2F&tg_i.domain=sanook.com&tg_i.pbadslot=%2F4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Freca&tk_flint=pbjs_lite_v7.25.0&x_source.tid=325cfcec-0ad7-45bf-a511-2e662f3ebd45&l_pb_bid_id=201de0470f7a81a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Freca&slots=1&rand=0.7298408738521853
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3820f7eb79bb9a166b5ad1cda0f12ee32284dec09723a4bea04a2dd320c912a0

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:02 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
370
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3466750af397dd37459ef329277cdbc104d53003a9714c75627e6c33a3cb131d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 14 May 2023 13:52:02 GMT
AN-X-Request-Uuid
ef7e99e2-601e-487b-8781-d25f6754f751
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.10.199; 80.255.10.199; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
tencentth-d.openx.net/w/1.0/ 		73 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=325cfcec-0ad7-45bf-a511-2e662f3ebd45&nocache=1684072322301&aus=300x250%2C257x240%2C300x125&divids=rgpt-reca-4&aucs=%252F4899711%252Fwww.sanook%252Fdesktop%252Fall%252Findexpage%252Freca&auid=542511420
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
098621df3b498d9b70c2eb4e4ffbf76791177e5617b1620aca006f3e8d92187b

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:02 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=575406
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9f181deb949e1ffcea7b2a8d47f0bf673c7ac0615a7e8dabe5d8518926dff20

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0fkbz%2Fx%2BKCDeVyET1sPVWGwwbY888td5hxwM5lFJB80FTIIvQkl2Fv957q%2BzYE%2BHrLXip2%2Bg4v71%2Fdl3Pyvcil3fNvwvteC7dRfMvFRdI%2BOZNnSGTBoC%2Bjwq2QlLRQOisCAbX%2F%2Bo"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7c739e8e998f377b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
events
bidder.criteo.com/csm/ 		0
215 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=566
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Sun, 14 May 2023 13:52:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
events
bidder.criteo.com/csm/ 		0
215 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/ Frame 849B 		402 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4dc80fcaf6db01fa29ced797dbb0947bb3bb95b1a88f893f389cf17144166075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 20:10:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
63696
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127184
x-xss-protection
0
server
cafe
etag
3263738860219486170
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 12 May 2024 20:10:26 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 849B 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1aa4e18158673b2d3ba35d5852dceae2d04e25f5f2e4e00961cbf40b79524386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
878
x-xss-protection
0
expires
Sun, 14 May 2023 13:52:02 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		341 B
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3265520568402377&correlator=4160490989780385&eid=31072020%2C31073864%2C676982996&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1%7C1150x90%7C1090x250&ifi=3&adks=3448326100&didk=498303881&sfv=1-0-40&prev_scp=category%3Dall&eri=1&sc=1&cookie=ID%3Dd648c922cbe348da%3AT%3D1684072322%3AS%3DALNI_MbMUjMgW6FQDQSdOU8ttr-nRMjQog&gpic=UID%3D00000c176e6de962%3AT%3D1684072322%3ART%3D1684072322%3AS%3DALNI_MYcrO5dxSC-5RJrB8BJxy6rpTG6HA&abxe=1&dt=1684072322365&lmt=1684072322&dlt=1684072320075&idt=1762&adxs=225&adys=-90&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2F&frm=20&vis=1&psz=1150x-1&msz=1150x-1&fws=4&ohw=1150&psts=ABHeCvgUwSyQlG7H8IEycFBlnY9ifI6-K7BBx1TffSXvLtpqhRmUMnLANh-Thw0erEhbH63dAaTCQPptmmyJUZ3xisFCQ3gDH-Kj1EHpOFJdOSh2eWgDJkU3HWU%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1927003879.1684072322&ga_sid=1684072322&ga_hid=984628893&ga_fc=true
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
330f0b8b01fa3345ce5b2e138e7c662da14763863a70c2ebfbba20a665b193f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		104 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3265520568402377&correlator=1747380988171192&eid=31072020%2C31073864%2C676982996&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cleaderboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90%7C468x60&ifi=4&adks=3667654068&didk=3402878631&sfv=1-0-40&prev_scp=category%3Dall&eri=1&sc=1&cookie=ID%3Dd648c922cbe348da%3AT%3D1684072322%3AS%3DALNI_MbMUjMgW6FQDQSdOU8ttr-nRMjQog&gpic=UID%3D00000c176e6de962%3AT%3D1684072322%3ART%3D1684072322%3AS%3DALNI_MYcrO5dxSC-5RJrB8BJxy6rpTG6HA&abxe=1&dt=1684072322405&lmt=1684072322&dlt=1684072320075&idt=1762&adxs=0&adys=1811&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&psts=ABHeCvgUwSyQlG7H8IEycFBlnY9ifI6-K7BBx1TffSXvLtpqhRmUMnLANh-Thw0erEhbH63dAaTCQPptmmyJUZ3xisFCQ3gDH-Kj1EHpOFJdOSh2eWgDJkU3HWU%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1927003879.1684072322&ga_sid=1684072322&ga_hid=984628893&ga_fc=true
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
473ba7671b2f5046b0e427d109218f3ad81f6f5e3d1b82329813428a503b49b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35315
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
u.openx.net/w/1.0/ Frame DFC1 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 14 May 2023 13:52:02 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
view
securepubads.g.doubleclick.net/pcs/ Frame 849B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8aw96mJ1mTzfhOUkoa71gnljR83y3RgCSaPhTzzaOzA3GUG0Rvdz0JnATzNkfImBnQzVNodk2HlDncJP2LFZjeJxSVSP4Jmu-cfW1STVp13z8qJGhC2RP5_0TP_yBThPm9-kguHZ5ahLzM_GMMcgklWPuYB9G-yAA1wQm_VGD1TaogUz3dsySFGNkCyjzknG3o6lpTIVSwfxq29UnmlBjX806xZN8-hsh7nPC8i2ABDKoXn8zwaaD1imJ4SM1q8z3wzYrfwXb3hUgnSGFWji8vy0iAWmUNN4hLmt8_NET89AhpPnNggi7VX4T1SBTjbN3W8NslIfM5IMWkpvIz_1H6-eKjfs-J6MThG3ROVrT&sai=AMfl-YTpQsxg1y5gTTFI0owakFA1iwmg2WJy8PEBQGoK15msGeTEgCkCSK653eyO2HdBrt_pjRXftI0bggkMIQrIudk-3SIvU3kkEyt3CvjI5STeFnXBKQE3UG4R90cGmQ&sig=Cg0ArKJSzI2cxv1mkAvDEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 14 May 2023 13:52:02 GMT
/
avd.innity.com/dc/ 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/dc/?cl=225&cuid=2cf233f30b9cccdf39fbf2609291aac9&cb=1684072322468&douid=&sess=230914140.225.1684072322467&dur=0&ref=https%3A%2F%2Fwww.sanook.com%2F&srf=&pk=&pt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.216.16 , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
10.d8.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 May 2023 13:52:03 GMT
Last-Modified
Sun, 14 May 2023 13:52:03 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
/
avd.innity.com/sync/ 		43 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/sync/?partner=innity&token=2cf233f30b9cccdf39fbf2609291aac9&type=cookie&itmcb=1684072322468
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.216.16 , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
10.d8.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 May 2023 13:52:02 GMT
Last-Modified
Sun, 14 May 2023 13:52:02 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
integrator.js
adservice.google.de/adsid/ Frame 849B 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 849B 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 849B 		956 KB
94 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2000627669369485&correlator=4070624912916068&eid=31072019%2C31074303%2C31074523%2C31074538&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&us_privacy=1---&iu_parts=21927187246%2C55034_Sanook_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=178697795&sfv=1-0-40&sc=1&cookie=ID%3Dd648c922cbe348da%3AT%3D1684072322%3AS%3DALNI_MbMUjMgW6FQDQSdOU8ttr-nRMjQog&gpic=UID%3D00000c176e6de962%3AT%3D1684072322%3ART%3D1684072322%3AS%3DALNI_MYcrO5dxSC-5RJrB8BJxy6rpTG6HA&abxe=1&dt=1684072322488&lmt=1684072322&dlt=1684072322107&idt=315&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=qgjuq7edc9da&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2F&ref=https%3A%2F%2Fwww.sanook.com%2F&top=https%3A%2F%2Fwww.sanook.com%2F&frm=23&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=1927003879.1684072322&ga_sid=1684072322&ga_hid=1499615690&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0dc1dc5f6b73ea4226f750387704e46cb7c8b0a54f03b0e22ac51777a9428a01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96474
x-xss-protection
0
google-lineitem-id
5849485604
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138373690262
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 849B 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28870c95b20237aa1f6fcfae58c897b6de8c34a879da05ee5eb9d634655d3abb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11409
x-xss-protection
0
container.html
e2c8d9bc0e74cc2f08f71b7a455426b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 807B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e2c8d9bc0e74cc2f08f71b7a455426b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 13:52:02 GMT
expires
Mon, 13 May 2024 13:52:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3265520568402377&correlator=1609581152378416&eid=31072020%2C31073864%2C676982996&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Creca&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C257x240%7C300x125&ifi=5&adks=4033539290&didk=4218483591&sfv=1-0-40&prev_scp=category%3Dall&eri=1&sc=1&cookie=ID%3Dd648c922cbe348da%3AT%3D1684072322%3AS%3DALNI_MbMUjMgW6FQDQSdOU8ttr-nRMjQog&gpic=UID%3D00000c176e6de962%3AT%3D1684072322%3ART%3D1684072322%3AS%3DALNI_MYcrO5dxSC-5RJrB8BJxy6rpTG6HA&abxe=1&dt=1684072322509&lmt=1684072322&dlt=1684072320075&idt=1762&adxs=1033&adys=986&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&psts=ABHeCvgUwSyQlG7H8IEycFBlnY9ifI6-K7BBx1TffSXvLtpqhRmUMnLANh-Thw0erEhbH63dAaTCQPptmmyJUZ3xisFCQ3gDH-Kj1EHpOFJdOSh2eWgDJkU3HWU%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1927003879.1684072322&ga_sid=1684072322&ga_hid=984628893&ga_fc=true
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bc5b8f4463864dd39b86eff2c2f1bab1fda0c91d9d64f08e26489bcc1f9e368
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11877
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame C50E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 14 May 2023 13:52:02 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 4253 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1124
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7c739e8ffe8c9c12-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 14 May 2023 13:52:02 GMT
expires
Sun, 14 May 2023 17:52:02 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame C8BC 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 14 May 2023 13:52:02 GMT
ETag
"623de86a-cf34"
Expires
Mon, 15 May 2023 13:52:04 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 849B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 14 May 2023 13:52:02 GMT
async_usersync
ib.adnxs.com/ Frame C8BC 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 May 2023 13:52:02 GMT
AN-X-Request-Uuid
1b788c61-33b3-456a-9fbe-a005d272a9c5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.199; 80.255.10.199; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 3F5A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
16ecf21c6c16be45b7764f67f50c86526a29c5ae1384af9bf7edfee4cfd6cf98

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1602
Content-Type
text/html
Date
Sun, 14 May 2023 13:52:02 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Sun, 14 May 2023 13:52:02 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.js
eus.rubiconproject.com/ Frame C50E 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
25645b415081078126cb366c6856f5fb61beb1fd5ab24cfe9046fe6611acdf06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Sun, 14 May 2023 13:52:02 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 May 2023 07:12:02 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62445
Connection
keep-alive
Content-Length
10019
Expires
Mon, 15 May 2023 07:12:47 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzM2OTcvdGFnbGluZS10ZW1wbGF0ZS11cGRhdGUtYXByaWwuanBn.jpg
s.isanook.com/fi/0/rp/rc/w268h151/yatxacm1w0/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w268h151/yatxacm1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzM2OTcvdGFnbGluZS10ZW1wbGF0ZS11cGRhdGUtYXByaWwuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
d56fe8018757bf86b1d59d34e645ecf5f8e728878de4fb45368a1cffe0e8273d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:51:16 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
16069
server
Lego Server
age
0
etag
W/"PSA-aj-n1WuzVN0rp"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2591981
x-nws-log-uuid
1501477883666627695
accept-ranges
bytes
content-length
13118
expires
Tue, 13 Jun 2023 13:50:58 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzM2NDkvdGFnbGluZS10ZW1wbGF0ZS11cGRhdGUtYXByaWwuanBn.jpg
s.isanook.com/fi/0/rp/rc/w268h151/yatxacm1w0/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w268h151/yatxacm1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzM2NDkvdGFnbGluZS10ZW1wbGF0ZS11cGRhdGUtYXByaWwuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
a00239aead0915c259a42cd13df46b0a9f1f99a7dfa99f2f82ab5a4643d3c11d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 11:32:54 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
17238
server
Lego Server
age
0
etag
W/"PSA-aj-UEh-SQJ0ou"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2591949
x-nws-log-uuid
9151163247920897834
accept-ranges
bytes
content-length
15176
expires
Tue, 13 Jun 2023 11:32:04 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzM1NzMvdGFnbGluZS10ZW1wbGF0ZS11cGRhdGUtYXByaWwuanBn.jpg
s.isanook.com/fi/0/rp/rc/w268h151/yatxacm1w0/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w268h151/yatxacm1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzM1NzMvdGFnbGluZS10ZW1wbGF0ZS11cGRhdGUtYXByaWwuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
8d9fb88fdeab238f8bf08528f2bafa66d86c1c52f68a22eb875a45dbb6d61cd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 09:35:31 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
5022722725309327791
accept-ranges
bytes
content-length
19379
expires
Tue, 13 Jun 2023 09:35:31 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzM1NjkvdGFnbGluZS10ZW1wbGF0ZS11cGRhdGUtYXByaWwuanBn.jpg
s.isanook.com/fi/0/rp/rc/w268h151/yatxacm1w0/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w268h151/yatxacm1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzM1NjkvdGFnbGluZS10ZW1wbGF0ZS11cGRhdGUtYXByaWwuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
192314ba33c3a22a6c7f89e485a012ef563e16dcf6b2821f332826eec947b78e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 09:26:18 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
16396
server
Lego Server
age
0
etag
W/"PSA-aj-O4wVHAzEzh"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2591948
x-nws-log-uuid
16529151611210763699
accept-ranges
bytes
content-length
13762
expires
Tue, 13 Jun 2023 09:25:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BF5C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMfD0q_aZ_sFtQBVdsaeTh8nlIDAXlvhv65fKxMzDaiLX8_uIjKgXH1BwNl2VmWUZs5hUC35ZcqBZ0LAsshmzpWP4LPj3v8rNIbNOdnH-GoaKJCm9_Ay3VBWOnmol81A9ysyv9v3h2HiJsbAmDmOFJIs0IAMiX9WQTi3CTCRjiCoOm2cAnMP2chYa5Me35M4JaZW74Eqy4Xj5Wmn3FpNouKgV2yffXH9U10itU92OH0MS9Vna44swvYPnZxeAa9527tFDKK1X2fjs7TbkZBhaCu3U4nrHBce5AOFXWsTnaelms7XPRPfmLLW5WTTTWi7oUmtQUueRdpQ&sai=AMfl-YQ-YTPF_TN3t51o3-C2i8jeBQOjmhS3gEwy4q2d3d02NW-9jvaiXRZvtvBcGjkdX1mtWHzGWVhj_mSdEoBdfZbryyIMUFkuz-j3aQpWx3worTju0xGgb6YY56RuP5g&sig=Cg0ArKJSzGhXn8WH2C1oEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame BF5C 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 07:40:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22320
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 13 May 2024 07:40:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BF5C 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js?cb=31074523
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 May 2023 13:52:02 GMT
dcm
s.amazon-adsystem.com/ Frame 3F5A 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZGDngheklNpeOZ1CXrFjugAADUYAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 May 2023 13:52:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
APKV5KAWXFRESSNGNSVD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 3F5A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 14 May 2023 13:52:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 3F5A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZGDngheklNpeOZ1CXrFjugAADUYAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECYSnWcxRwCaJPf_WyU3cwo&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECYSnWcxRwCaJPf_WyU3cwo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 May 2023 13:52:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECYSnWcxRwCaJPf_WyU3cwo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3F5A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZGDngheklNpeOZ1CXrFjugAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOGvKiYL9w76lT6XCxyeHPA&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOGvKiYL9w76lT6XCxyeHPA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 May 2023 13:52:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOGvKiYL9w76lT6XCxyeHPA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3F5A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3341713350281898955
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3341713350281898955
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 May 2023 13:52:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3341713350281898955
pragma
no-cache
date
Sun, 14 May 2023 13:52:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum.casalemedia.com/ Frame 3F5A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4551528029839449851
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4551528029839449851
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 May 2023 13:52:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Sun, 14 May 2023 13:52:02 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.199; 80.255.10.199; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
00fe50f0-8532-4b3d-be0b-3212c0886bfc
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4551528029839449851
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 3F5A 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:65fe:ad5d:6046:af21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
ix
ad4m.at/ad/sim/ Frame 3F5A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
htw-pixel.gif
cdn.indexww.com/ht/ Frame 3F5A 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZGDngheklNpeOZ1CXrFjugAA%263398
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
66544
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c739e917f022c55-FRA
content-length
43
expires
Mon, 15 May 2023 13:52:02 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzM0NzMvcGFnZTIuanBn.jpg
s.isanook.com/fi/0/rp/rc/w268h151/yatxacm1w0/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w268h151/yatxacm1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzM0NzMvcGFnZTIuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
a0271f98803c9fe01228d180c20c34afbcc7c30ef2792f10a8f7eda524a82dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 06:08:24 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
16262
server
Lego Server
age
0
etag
W/"PSA-aj-rpwKsHuYoE"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2591903
x-nws-log-uuid
5226135988792473585
accept-ranges
bytes
content-length
13780
expires
Tue, 13 Jun 2023 06:06:48 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzM0MzcvcGFnZS5qcGc=.jpg
s.isanook.com/fi/0/rp/rc/w268h151/yatxacm1w0/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w268h151/yatxacm1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzM0MzcvcGFnZS5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
7f4a1690bfdb65f69700202985165cc01913b37845c8df400a45166187ce5ce1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 04:29:34 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
15016
server
Lego Server
age
0
etag
W/"PSA-aj-39-7dwgq9v"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2591812
x-nws-log-uuid
18003267376054667839
accept-ranges
bytes
content-length
12667
expires
Tue, 13 Jun 2023 04:26:27 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzMyMzcvMTUuanBn.jpg
s.isanook.com/fi/0/rp/rc/w268h151/yatxacm1w0/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w268h151/yatxacm1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzMyMzcvMTUuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
0a07be96c86e6357e4f958da91231c469affcea6570b9bb91a3dc3ea99dbf244

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 02:17:36 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
14113
server
Lego Server
age
0
etag
W/"PSA-aj-BnGNBr__t0"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2589415
x-nws-log-uuid
12261898220105003735
accept-ranges
bytes
content-length
12101
expires
Tue, 13 Jun 2023 01:34:32 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzI4NDkvbnAwMS5qcGc=.jpg
s.isanook.com/fi/0/rp/rc/w268h151/yatxacm1w0/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w268h151/yatxacm1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzI4NDkvbnAwMS5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
a0801fff07962b46f2d5576e081876c5dbc4a955f339803faaa694c09d62c1ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 07:31:56 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
13060
server
Lego Server
age
0
etag
W/"PSA-aj-qegCd3amr9"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2573910
x-nws-log-uuid
11272471761793317235
accept-ranges
bytes
content-length
10943
expires
Tue, 13 Jun 2023 02:30:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0F2D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1825
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 13:21:37 GMT
expires
Mon, 13 May 2024 13:21:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 58F4 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5c717cef5a9dcd54d2277d6d61eb1c95a307847650e097ea9f752f7d87c42896
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fiNPY6x4GwzV56VmTB41Sw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-fiNPY6x4GwzV56VmTB41Sw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 13:52:02 GMT
expires
Sun, 14 May 2023 13:52:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
container.html
978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 21FE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 13:52:02 GMT
expires
Mon, 13 May 2024 13:52:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame BF5C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTLkLAOY3VtdX-LKU-bzrMQ8iwqevKHnsNJz80S13oBirzgR3vyBm5M8P66Woq1M3uj1a7hfLClh3e1Jml0tmHdfMUfxe8ZnZz4n8kSqZc6GcUJKlr-vXFbOLEW9LmXm5xH0OGwy7yJdqEl2fyc6EmSObTJf2F90zZ0Gbus6EcyA6tSoxdVEdgtz_3BIUaNEsbHariP1UgnsdJckNQNhZ1PZBdQVbtKmwnXeL_pVdvLwjmqpFFcVwSe9TeDwQnuB9suEi2-HBifmFFuaM1m78eSX-07U0CyutlLMc5FmjRbV1YbQimaq6E8HY_4DbmMEe4UDUS5h-PmCkS&sai=AMfl-YRS-PZODlayYrTcRXPSi9k13tOBzFqiNbIy0xMvVMK46P2xg9Erb-TL9JzIHFsoQNzef6WKSpIWuH54VwqtHTkdvsY84h7X_DMLO7e3efvKA36NMUmFDcKRscmBPC4&sig=Cg0ArKJSzDikq_rV07AcEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 14 May 2023 13:52:02 GMT
css
fonts.googleapis.com/ Frame 21FE 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: 978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com
URL: https://978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 May 2023 13:52:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 May 2023 12:34:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 May 2023 13:52:02 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 21FE 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com
URL: https://978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 12:27:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
5075
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 May 2023 12:27:27 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 21FE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CX4_ggudgZIzDG8_cxwLz3bygAb2Npq9vn8yvrL8O6p_coNQBEAEgr9HbH2CV2oiCmAegAbC6odcDyAEJqQK4Sb-1M2eyPuACAKgDAcgDywSqBIQCT9ApEj8xYNw7zmKQvw6VhMPmLKCbFLGD-11NtGCoH3mCYymoAjSqv6juf48jng_ckmI4BtiQ_h1O65ccwST_8B2yAqFvXM3Q0qohmkf3ZmYq8HWU2YQUoWlImoeGomYcdtcm9mr9yRPAWDKftJnpdmfDG7U6yLg9uWkWkrfcUPQvZyNJjgI8WJHX91Xl47nEHFmsRSSVM-4Z_sRdGh-PgBBov8WveCtCjIOw3dMkoBxR0YalX5XHusVnQAXmtz_X3O6oHP9wBDq1yKtima_tJFOSU22xWdVGI4XyVLW36BHSOtLr5J6fUFc6AX4jPl1d9CQS25c3WswBY6yl0jsMsMPeStbABKmcqargA-AEAZIFBAgEGAGSBQQIBRgEoAYugAfF960-qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEKi0BdIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTqACgPICwHYEwyIFALQFQGAFwGyFx4KHAgAEhRwdWItMzM1NDM2MDkxOTY3Njc0ORj3gRA&sigh=QVg7rtY2p2A&uach_m=[UACH]&cid=CAQSPABygQiDCWUe-InGcaxnQsq5qiFmZVe7oTvpfziTlGc9je71_50pZPW4OkcToRHGsbJNJOfUI1eaVom23hgB&template_id=494
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 21FE 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js
Requested by
Host: 978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com
URL: https://978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 12:27:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
5075
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8754
x-xss-protection
0
server
cafe
etag
1905752258753453817
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 May 2023 12:27:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 21FE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js
Requested by
Host: 978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com
URL: https://978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:15:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
2210
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 May 2023 13:15:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 21FE 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com
URL: https://978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 12:20:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
5464
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7937
x-xss-protection
0
server
cafe
etag
2499949999788435271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 May 2023 12:20:58 GMT
l
www.google.com/ads/measurement/ Frame 21FE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQNfiZMmYD84g2Ew3_2KzRRUGrbuLsZDgMvDKeuwd9To-01U64cgEyec2UnDmsNn5hRl6Sl
Requested by
Host: 978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com
URL: https://978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 21FE 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com
URL: https://978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 May 2023 13:52:02 GMT
9d5f24412120a376f470376f2f2984aa.js
www.gstatic.com/mysidia/ Frame 21FE 		32 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com
URL: https://978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 14:34:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
429441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13623
x-xss-protection
0
last-modified
Tue, 09 May 2023 14:00:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 07 Aug 2023 14:34:41 GMT
truncated
/ Frame 21FE 		287 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin
https://978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
624907996767536446
tpc.googlesyndication.com/simgad/ Frame 21FE
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
  • https://tpc.googlesyndication.com/simgad/624907996767536446
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/624907996767536446
Requested by
Host: 978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com
URL: https://978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 19:41:57 GMT
x-content-type-options
nosniff
age
65405
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8502
x-xss-protection
0
last-modified
Tue, 09 Apr 2019 09:00:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 12 May 2024 19:41:57 GMT

Redirect headers

date
Sun, 14 May 2023 09:29:48 GMT
x-content-type-options
nosniff
server
cafe
age
15734
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/624907996767536446
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 13 Jun 2023 09:29:48 GMT
pixel
cm.g.doubleclick.net/ Frame C50E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhOSDZHQ1UtMjEtSU5YSA==&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAQgcQmGETL-Uszd5WGNabg&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhOSDZHQ1UtMjEtSU5YSA==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhOSDZHQ1UtMjEtSU5YSA==&google_push=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhOSDZHQ1UtMjEtSU5YSA==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
tap.php
pixel.rubiconproject.com/ Frame C50E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/i6tX2nPBro-VEQNB7dzqCcn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ObLar2BE2oL8e5Qj_Rlm86rDTxk6afi6BaiV2Q--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ObLar2BE2oL8e5Qj_Rlm86rDTxk6afi6BaiV2Q--~A
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 14 May 2023 13:52:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ObLar2BE2oL8e5Qj_Rlm86rDTxk6afi6BaiV2Q--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame C50E
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=9iTicMgjRlad297ZJvGx3A&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=9iTicMgjRlad297ZJvGx3A
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=9iTicMgjRlad297ZJvGx3A
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 May 2023 13:52:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D1VR0N6A5Y0CF122HHYE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=9iTicMgjRlad297ZJvGx3A
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012304262219000/ Frame 66B2 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
151efe0aef9774258d30d2e65e7b1450e7d84d9965a55d0989d1d64d25484035
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
499297
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61839
x-xss-protection
0
server
sffe
etag
"ccf36922213b3ec5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 66B2 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a39d28f78d96f29523eee3db2d6657e6436565fb175a70e6c84c3106c53dde20
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
499297
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5222
x-xss-protection
0
server
sffe
etag
"4fd619331b8f64df"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 66B2 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
004dccc422f9d07025eb214e959cea7b998666e94fb15d5d254d7c581063d680
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
499297
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28884
x-xss-protection
0
server
sffe
etag
"6451d33588c99856"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 66B2 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0fa2fafb5adcf4a630ac19299166f2db7fad934b4c00be42447afbba5c36c852
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
499297
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1906
x-xss-protection
0
server
sffe
etag
"83933b769a9f5701"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 66B2 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5b19727f965f05638f8fbb07196eb4aaae8722e495c7d38dc1815e676178831
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
499297
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12938
x-xss-protection
0
server
sffe
etag
"3f9bab308b30f46e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
truncated
/ Frame 66B2 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3c0675fdd328c5f49f6b946691a6b8d5fea493dc8c4c8de24eba784fe21df7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
2593632313319242282
tpc.googlesyndication.com/simgad/ Frame 66B2 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2593632313319242282?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkHivx1qwvn_s2R30X4E82IxXnTTg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8adab9a33a643e7d2c4878a55edd61bd5aaff6e1d856c8d0174f756008bcdd31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 12:37:46 GMT
x-content-type-options
nosniff
age
263656
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36297
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 07:04:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 10 May 2024 12:37:46 GMT
th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 66B2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/th.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 20:52:54 GMT
x-content-type-options
nosniff
server
cafe
age
61148
etag
12800268860518071124
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3306
x-xss-protection
0
expires
Sun, 14 May 2023 20:52:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 66B2 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:35:10 GMT
x-content-type-options
nosniff
server
cafe
age
1012
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 15 May 2023 13:35:10 GMT
l
www.google.com/ads/measurement/ Frame 66B2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTwaW4ZgT3CKso7i1fXicAti0tOyGuOxqtlJskMz8gW6xZNciu7X_GhopFA1BhdBDyKNXV3
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 66B2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CyA5vgudgZOanIsuN1gbCupgYy__Sg3DPnerNoxGez-atiQIQASCv0dsfYJWqn4KwB6ABxLvfvwLIAQKpArhJv7UzZ7I-4AIAqAMByAMIqgSIAk_QUC02EQy_X3P4r2ZO_J8aDo01kqtK-mzRQBrl0e_9dZopW7YvdDmJYLanTlYBGXzqZfU09y-QIFnq0_VD9t6ukWLpFM1vBeykv6A_8Up85_u-d1c15CF-fCCVzObglIiqAAR9DJzNGRDln20wj2XqZDi7pvvvWDOQUhGR6t39d4GF6Buy3tRoVh96CGsfAQ7cVR_XjXU4ucfanIzi7OK--XvsfAcLm9LGV2iOydQs19zOVLgzm5N9TwT3Jn1DZSyCFKroCTkaq715e-i_J0adMcKTGSF987t16cDiU0_bwbfCAGh-uOG1-CgLq2FwZHprdVj60nJCvyCLyyCAvQtcXF9ZZiHiPsAEj6iC36EE4AQBoAYCgAekxKDAAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOT9DdIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTqACgPICwHYEwPQFQGAFwGyFx4KHAgAEhRwdWItMzM1NDM2MDkxOTY3Njc0ORj3gRA&sigh=a-lNwdveCM0&uach_m=[UACH]&cid=CAQSPABygQiDNwPHWm9fQdOatcanPU-TvydAKf90MvRkwHtBspGYIrRn7FMIteQbzbPTT4s0uJzrFF9Nc9IgyhgB
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
rubicon
match.adsrvr.org/track/cmf/ Frame C50E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 14 May 2023 13:52:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame C50E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzlkMDkxY2Q5N2Y5NDgzYjkyYjIzNzAxZDFkNDVmZTI4YmQwYWQzNA&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzlkMDkxY2Q5N2Y5NDgzYjkyYjIzNzAxZDFkNDVmZTI4YmQwYWQzNA&us_privacy=1---
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzlkMDkxY2Q5N2Y5NDgzYjkyYjIzNzAxZDFkNDVmZTI4YmQwYWQzNA&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame C50E
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=PYWBKdurQfqNo8D1B29ERA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=PYWBKdurQfqNo8D1B29ERA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=PYWBKdurQfqNo8D1B29ERA
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 May 2023 13:52:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WMCAHXQY1THZYAGB04MP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=PYWBKdurQfqNo8D1B29ERA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame C50E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJ2Ac4Cx37uS421aiFfFeeU&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJ2Ac4Cx37uS421aiFfFeeU&google_cver=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJ2Ac4Cx37uS421aiFfFeeU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame C50E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHNH6GCU-21-INXH&us_privacy=1---
0
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHNH6GCU-21-INXH&us_privacy=1---
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:03 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 63646B327D854A189C0CDB8DEC0B45EF Ref B: FRAEDGE1306 Ref C: 2023-05-14T13:52:03Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX7p6SYcBRN7VSHBUY8/w==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHNH6GCU-21-INXH&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sodar
pagead2.googlesyndication.com/pagead/ Frame 58F4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305090101&jk=2000627669369485&rc=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js
pagead2.googlesyndication.com/bg/ Frame 0F2D 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 12:20:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
5464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14771
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 May 2024 12:20:58 GMT
truncated
/ Frame 21FE 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be72bf82f18f784a8ab0d09064bed07463618deb95b5d82fcf35e65e8730eae5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 21FE 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 18:58:23 GMT
x-content-type-options
nosniff
age
68020
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 18:58:23 GMT
oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js
pagead2.googlesyndication.com/bg/ Frame AC9E 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 12:20:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
5465
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14771
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 May 2024 12:20:58 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 66B2
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

date
Sun, 14 May 2023 13:52:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
2593632313319242282
tpc.googlesyndication.com/simgad/ Frame 66B2 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2593632313319242282?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkHivx1qwvn_s2R30X4E82IxXnTTg
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8adab9a33a643e7d2c4878a55edd61bd5aaff6e1d856c8d0174f756008bcdd31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 12:37:46 GMT
x-content-type-options
nosniff
age
263657
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36297
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 07:04:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 10 May 2024 12:37:46 GMT
th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 66B2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/th.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 20:52:54 GMT
x-content-type-options
nosniff
server
cafe
age
61149
etag
12800268860518071124
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3306
x-xss-protection
0
expires
Sun, 14 May 2023 20:52:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 66B2 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:35:10 GMT
x-content-type-options
nosniff
server
cafe
age
1013
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 15 May 2023 13:35:10 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=4.95149155369773
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-H6B7mjCw8QNUgxrBjgLSkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:03 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-H6B7mjCw8QNUgxrBjgLSkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=8.821412617166557
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-4n4gXYpjUesYGd-R69Md6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:03 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-4n4gXYpjUesYGd-R69Md6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 0F2D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?XdEfAg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
AGSKWxW0qEsvmahrZAcywiZCrhXepOdEe-MOuKVilOkdzMC2wpbirVP03l-pJo7FTkgxKsz-BpHOq9e-UXLBEDX48gkW-_9B9NRvpHvFNHnwkioQRUD0vpYlZ9G5Bc7pFSUvYDS_v8_0qQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW0qEsvmahrZAcywiZCrhXepOdEe-MOuKVilOkdzMC2wpbirVP03l-pJo7FTkgxKsz-BpHOq9e-UXLBEDX48gkW-_9B9NRvpHvFNHnwkioQRUD0vpYlZ9G5Bc7pFSUvYDS_v8_0qQ==
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-udIyRY-7jS3EfHGb-aieZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 14 May 2023 13:52:03 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-udIyRY-7jS3EfHGb-aieZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 849B 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame BF5C 		0
0
jquery-3.2.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:03 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-15283"
vary
Accept-Encoding
x-hw
1684072323.dop217.fr8.t,1684072323.cds216.fr8.hn,1684072323.cds133.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30125
maxmind.php
prebid.andbeyond.media/ 		189 B
419 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.andbeyond.media/maxmind.php
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.87.248 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-87-248.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0166a929552b279f7abc3553f8d47c13b788b6f45ad171e38b1ae08ba3c42d55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 14 May 2023 13:52:04 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
X-Powered-By
PHP/5.3.3
Content-Length
189
Content-Type
text/html; charset=UTF-8
apstag.js
c.amazon-adsystem.com/aax2/ 		230 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:41:22 GMT
content-encoding
gzip
via
1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront), 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 21:23:07 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1, FRA56-P3
age
642
x-amz-server-side-encryption
AES256
etag
W/"e6af4658ab1a6fdde1f0066b27d5372e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
oM9JLZNu_GgZIR-Yns0rHC5EmessZR5WWm_aXzK99z6QZ7sGGVlYuA==
config
c.amazon-adsystem.com/cdn/prod/ 		469 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.sanook.com&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
c84f5c94fec8629693e4bbb5d8c6810bdeee0f88ae60703782c583d3dbcf6469

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 10:01:30 GMT
via
1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
13832
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
469
x-amz-cf-id
ICloVUXKrAkVYMhzmyuVsbpwJEQJD0Uukf1yjU_ocljVnhh8WO1LXA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
yHpogsakS7iCluwAmUa6Y9ccBYm32d5h
content-encoding
gzip
via
1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
date
Sun, 14 May 2023 05:26:39 GMT
x-amz-cf-pop
FRA56-P3
age
47449
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 11 May 2023 21:16:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
TcX22VSKXjCbLabISyzL0UysjTTfHwpX-saH-SEbOrcoY9-WYBmzew==
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.236.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-236-105.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.sanook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 14 May 2023 13:52:03 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
id5-api.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
8HGAAJ5SPG01V3HV
age
1361
etag
W/"b58faeda0c1d193bc50dd25a7640d8ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7c739e95eeed9078-FRA
x-amz-id-2
f161amAWddzOEKqFyIw1z52Y5MNS/KtI81MQGyxgUMhTiDS4PahByU0RD15HxgWIBN24MAWKZrTTCx8w+NnXNA==
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.236.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-236-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 14 May 2023 13:52:03 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
a.js
p.adlooxtracking.com/gpt/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/gpt/a.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:36:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
server
nginx
age
933
etag
W/"81c857a6c52da1ca7444f198bd33b2ea"
last-modified
Tue, 22 Nov 2022 17:41:01 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3703
async_usersync
ib.adnxs.com/ Frame C8BC 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 May 2023 13:52:04 GMT
AN-X-Request-Uuid
ffc81f6e-2f9b-4c89-9890-3e7840bbcbba
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.199; 80.255.10.199; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.sanook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 14 May 2023 13:52:04 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
310433
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1&lsw=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:03 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
343591
expires
0
prebid
id5-sync.com/api/config/ 		135 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
0b55ec4e5aa91ac70224085c402a372fcdd954dd4df3229b7de7efbfa86cff3c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Sun, 14 May 2023 13:52:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
id
id.crwdcntrl.net/ 		43 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.51.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-51-215.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:05 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache
x-server
10.45.26.65
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ 		63 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
99d40011659780baf645011cb90c43221b705b543b9da88009f082341b658b70

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 14 May 2023 13:52:04 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Tue, 13 Jun 2023 13:52:04 GMT
wl
t.pubmatic.com/ 		17 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:05 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:05 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame 5FBA 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:03 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:05 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:05 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:05 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 66B2 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu93qmIbtJzlz3ZG_SOAjrgEivIYTi3CHGhbhMLcgcPGuGbFJmMgICIjU0dARo-L97hVBnO6rXtST5DV-NFVEJL8dhEY14GwJB29d1ux_15BzbdDc-8d0IjX18lPf_Dcw3JK6xLHXj005UUfCfvJx14hdM9OfShKSWFam4O8msBQRgcveBum60fyhhEcDoPQxy67mj8bpLunbTob4Bcu1mXUXwys8UlQKX2Q6W9UW4Z1FD1ck5t8m5eA8BMdNWnr258RIzZRcMuFGya_7PGrkEhn67_LuAOWJrNhT4xav32KULnVR48TM2H3vgfjF82dkNo-sCApSlt6oEDvcQ-1FrUDX5HPbLQEeX_riBmnCXVRMCq7BiWgOH-O5W2T15l5S4FLVFo2Gkt-0S7kwA2b--fBoruGQK8USJxeY3a8MWJQbaPDncr2bDvg1TA3tS9YbLXXT_-jlGYYjG34PdnCcrmZmaUTQ69UA0iQjxO4axGHhd_CEzl1A79UxH_LlZ2Au1rOynwxtKrMfnGwIypjo9c4ZaQemMCOK8WrAg8c6NZhAx1J-iCtUORwFsiF3JLtD8r7jbEMhuyLpgxkuDhOtMC88lGwZu2IYanc3ep963k_YPJPBvdpaN862F5x1_G82MPE0IwtZVvkgRVVD5FqcqAO4fA1a6k7VEkZwGBNVQnoZoIcAhgTfVpL0-WHTA0KKpabBSnq3OpCY6Rh38PRCxQAjV37V42vzDl9Kti13Ph7xfbk4GTR7tJrYSPRGku_NlUf7Bxveiy_Wt5-uJeN-omhPWnd-4Eq_dIhg9AyxyuWF7j97TisYL29czTJ8nZ0jy9BVeJk1jgfsZMd016uEiVA1CP-6QonCSy5UPo71jmF32RC6W_oO-lSsTd09wGm17K8z8jhrQHvCPWncR5hbRSlVLGwaPqfeqVR-f7lBujbjF9F2lpkOw3wwhPXYUtjlDkx_oUJP-dIOQhNFYAO_WY7scIfXEkxWbwwcG_0rxVUX3C27aAXzwAgW3TbmnmHNhi_SI8ibp11BNCYxdWmWg_JLsEWiyrkJadeAmS3D3PIZHK-jumrQMd9SYhVyBKri7GKojgFgjY9K4IDw&sai=AMfl-YRyRngCVVxNakcGavwPbP_DhFc1P3CwoNDNU882l4rMN365oKwhIp0m6XS-E9flipi8L7zk-gJNK4SRsBwBntXoXHheFtUZExBj2SNBC9jNEYXTRK0QAgNMwisXCtjtBjD3197gDBKHHQ&sig=Cg0ArKJSzKW6mYReLGNPEAE&cid=CAQSPABygQiDNwPHWm9fQdOatcanPU-TvydAKf90MvRkwHtBspGYIrRn7FMIteQbzbPTT4s0uJzrFF9Nc9IgyhgB&id=ampim&o=1033,861&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1427&mtos=0,0,1427,1427,1427&tos=0,0,1427,0,0&tfs=374&tls=1801&g=100&h=100&tt=1801&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
sal.isanook.com/sa/ 		35 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sal.isanook.com/sa/c?v=1&_v=j41&a=849535445&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QAAAAAABC~&cid=284197396.1684072325&tid=SA-8147095-6&cd4=0&cd8=b&z=1271862265
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.94.165 Bangkok, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-165.static.asianet.co.th
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 14 May 2023 13:52:04 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
no-cache, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
Expires
Thu, 01 Jan 1970 00:00:01 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
708b2a7ac9ef7d34271a231dbc962c0c7db9e897cf1a6328e066facf3d468a6d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Sun, 14 May 2023 13:52:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
9a7e5ba60478e8b217b4c2ba427443a6566409a790953434a33cb1c77031d4e4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Sun, 14 May 2023 13:52:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
nr-1071.min.js
js-agent.newrelic.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1071.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 varnish
date
Sun, 14 May 2023 13:52:05 GMT
strict-transport-security
max-age=300
x-amz-request-id
Y05GJGM766DD414J
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
9086
x-amz-id-2
iEo4/Q30Kmk1RuEzvTgVe0701pQUi5N9e5aqkIZVmCAtApLxnX3GZ5gMUYe0TUloH8kaYbEPnC8=
x-served-by
cache-gig2250067-GIG
last-modified
Wed, 28 Feb 2018 23:33:31 GMT
server
AmazonS3
x-timer
S1684072326.515326,VS0,VE0
etag
"a1a545c95f313a230157b47dca555c25"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305090101&st=env
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f845b9769b0269494a35ba847135283027157318caac8593fa49d249fd90f617
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11334
x-xss-protection
0
984.json
id5-sync.com/g/v2/ 		241 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/984.json
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
cdd1cbe7be892ec19e00672bf28e3b5bbe3c23143a104e3fdedc6399ca6e54c5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Sun, 14 May 2023 13:52:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
617.json
id5-sync.com/g/v2/ 		241 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/617.json
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
256fa8474244fa5febefbd25bd8179ca0f778ffd3c4b303dfafd80a65402d2e4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Sun, 14 May 2023 13:52:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 14 May 2023 13:52:05 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 3243 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=10749881&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
aee078d2db3d2f8601a31db68c14c5d374debab80ed52bc94bd4dfa3d605cb08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 14 May 2023 13:52:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6A0A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1828
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 13:21:37 GMT
expires
Mon, 13 May 2024 13:21:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4E2B 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
63f493e415c3790ad68a1bb7e2ee860a20c254cc2f045675f9b58821d61f559c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QUjGN_jG-PrZymTftYck1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sanook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-QUjGN_jG-PrZymTftYck1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 14 May 2023 13:52:05 GMT
expires
Sun, 14 May 2023 13:52:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sideads.
fundingchoicesmessages.google.com/f/AGSKWxWPdaPRPQk7QPw4GTiLgStotKF8vnm_rYTq_pLLc1mVDSFC0IScyKn7uKCyJSn18T9Hm5bxFkNj7BuQ6nXcYWx6aA-4Q1vwFzxSuzdDtMO0Efx_EkyhgjfM_n-5Rnp-d9peypuvtjzSMuMym9kNsJ6a1kPFU... 		54 B
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWPdaPRPQk7QPw4GTiLgStotKF8vnm_rYTq_pLLc1mVDSFC0IScyKn7uKCyJSn18T9Hm5bxFkNj7BuQ6nXcYWx6aA-4Q1vwFzxSuzdDtMO0Efx_EkyhgjfM_n-5Rnp-d9peypuvtjzSMuMym9kNsJ6a1kPFU1GCyV7UnXPaCbHs3JbYuJEueY643Lp4/_/exit_popup/partner_ads_/468x280./momsads./sideads.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.vPtcBFFbfRA.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMzRYUhmOBqJxIffD-hs8t-nJHyljw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f4face233d06286293f5f6dc1d6473f8be67f35d45c4d29560c7cba0cb3e5e69
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-IKtEV52DdQgSQdOYwR5D5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:05 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-IKtEV52DdQgSQdOYwR5D5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
lidar.js
pagead2.googlesyndication.com/pagead/js/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.vPtcBFFbfRA.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMzRYUhmOBqJxIffD-hs8t-nJHyljw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3719e33cd745e11292495508fe2b7528b65e0c891139d474048f5ffaf2e94e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:10:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
2497
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29782
x-xss-protection
0
server
cafe
etag
10665759206076846777
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 14 May 2023 14:10:28 GMT
AGSKWxW0qEsvmahrZAcywiZCrhXepOdEe-MOuKVilOkdzMC2wpbirVP03l-pJo7FTkgxKsz-BpHOq9e-UXLBEDX48gkW-_9B9NRvpHvFNHnwkioQRUD0vpYlZ9G5Bc7pFSUvYDS_v8_0qQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW0qEsvmahrZAcywiZCrhXepOdEe-MOuKVilOkdzMC2wpbirVP03l-pJo7FTkgxKsz-BpHOq9e-UXLBEDX48gkW-_9B9NRvpHvFNHnwkioQRUD0vpYlZ9G5Bc7pFSUvYDS_v8_0qQ==
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-P1EmzquafZZ9Bc4g7COQjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 14 May 2023 13:52:05 GMT
content-security-policy
script-src 'report-sample' 'nonce-P1EmzquafZZ9Bc4g7COQjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame DEF1 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 14 May 2023 13:52:05 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 30CC
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HdRmrrutWZ5sztA1d4BNLlD_Csc&gdpr=0&gdpr_consent=
42 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HdRmrrutWZ5sztA1d4BNLlD_Csc&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 14 May 2023 13:52:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Sun, 14 May 2023 13:52:05 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HdRmrrutWZ5sztA1d4BNLlD_Csc&gdpr=0&gdpr_consent=
bridge
cm.adgrx.com/ Frame 6110 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Sun, 14 May 2023 13:52:05 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-10
cm
ipac.ctnsnet.com/int/ Frame 0A6D 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sun, 14 May 2023 13:52:03 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame D360
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 14 May 2023 13:52:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sun, 14 May 2023 13:52:05 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
i.match
s.tribalfusion.com/z/ Frame 8559
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7c739ea31be037f1-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Sun, 14 May 2023 13:52:05 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7c739ea03fbe37f1-FRA
content-type
text/html
date
Sun, 14 May 2023 13:52:05 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
126
cookiesync
core.iprom.net/ Frame 079B 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 14 May 2023 13:52:05 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-3c4b67be67f6@version_1.551
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame DF11
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&gdpr=0&gdpr_consent=
42 B
366 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 14 May 2023 13:52:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 14 May 2023 13:52:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame 9D5F
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=58c22e6ebd7d8b17/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uroLIz3lVSjXXnUnhQTQShbT&gdpr=0&gdpr_consent=
42 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uroLIz3lVSjXXnUnhQTQShbT&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 14 May 2023 13:52:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uroLIz3lVSjXXnUnhQTQShbT&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 7DC3
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=dpr108v17znp
42 B
309 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=dpr108v17znp
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 14 May 2023 13:52:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Sun, 14 May 2023 13:52:05 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=dpr108v17znp
lws
35
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
simage2.pubmatic.com/AdServer/ Frame F3C4
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1684072325178
  • https://ad.turn.com/r/cs?pid=45&rndcb=7289596952
  • https://sync.1rx.io/usersync/turn/3341713350281898955?dspret=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-a34f3279-45dd-464c-b825-f3016de0e65f-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a34f3279-45dd-464c-b825-f3016de0e65f-003
42 B
335 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a34f3279-45dd-464c-b825-f3016de0e65f-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 14 May 2023 13:52:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Sun, 14 May 2023 13:52:05 GMT
etag
RXa34f327945dd464cb825f3016de0e65f003
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a34f3279-45dd-464c-b825-f3016de0e65f-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pub
matching.truffle.bid/sync/ Frame A7E8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Sun, 14 May 2023 13:52:05 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame CC13
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:122A398EB59E41789AAE032E0A7F286A&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:122A398EB59E41789AAE032E0A7F286A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 14 May 2023 13:52:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Sun, 14 May 2023 13:52:05 GMT
expires
Sat, 13 May 2023 13:52:05 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:122A398EB59E41789AAE032E0A7F286A&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame 3243 		95 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:05 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7c739ea05fc26909-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 3243
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.121 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:14 GMT
frontend-id
2
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 May 2023 13:52:13 GMT
frontend-id
6
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 3243
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 14 May 2023 13:52:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3243
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4551528029839449851
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4551528029839449851
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 14 May 2023 13:52:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 14 May 2023 13:52:05 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.199; 80.255.10.199; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
bb1733d4-35f1-40eb-a29d-10bc603955bf
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4551528029839449851
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3243
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3341713350281898955&gdpr=0&gdpr_consent=&us_privacy=
1 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3341713350281898955&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 14 May 2023 13:52:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3341713350281898955&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 14 May 2023 13:52:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 3243
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:9bf02d42-fbaa-40eb-96a0-196677d028ea&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:9bf02d42-fbaa-40eb-96a0-196677d028ea&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 14 May 2023 13:52:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:9bf02d42-fbaa-40eb-96a0-196677d028ea&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 14 May 2023 13:52:05 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js
pagead2.googlesyndication.com/bg/ Frame 6A0A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 12:20:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
5467
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14771
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 May 2024 12:20:58 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4E2B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305090101&jk=3265520568402377&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
AGSKWxW0qEsvmahrZAcywiZCrhXepOdEe-MOuKVilOkdzMC2wpbirVP03l-pJo7FTkgxKsz-BpHOq9e-UXLBEDX48gkW-_9B9NRvpHvFNHnwkioQRUD0vpYlZ9G5Bc7pFSUvYDS_v8_0qQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW0qEsvmahrZAcywiZCrhXepOdEe-MOuKVilOkdzMC2wpbirVP03l-pJo7FTkgxKsz-BpHOq9e-UXLBEDX48gkW-_9B9NRvpHvFNHnwkioQRUD0vpYlZ9G5Bc7pFSUvYDS_v8_0qQ==
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-X47qHwrkqyXsiDxCW-WpsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 14 May 2023 13:52:05 GMT
content-security-policy
script-src 'report-sample' 'nonce-X47qHwrkqyXsiDxCW-WpsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.sanook.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW0qEsvmahrZAcywiZCrhXepOdEe-MOuKVilOkdzMC2wpbirVP03l-pJo7FTkgxKsz-BpHOq9e-UXLBEDX48gkW-_9B9NRvpHvFNHnwkioQRUD0vpYlZ9G5Bc7pFSUvYDS_v8_0qQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW0qEsvmahrZAcywiZCrhXepOdEe-MOuKVilOkdzMC2wpbirVP03l-pJo7FTkgxKsz-BpHOq9e-UXLBEDX48gkW-_9B9NRvpHvFNHnwkioQRUD0vpYlZ9G5Bc7pFSUvYDS_v8_0qQ==
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bmbGxUAHyiAynzuYonwZTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 14 May 2023 13:52:05 GMT
content-security-policy
script-src 'report-sample' 'nonce-bmbGxUAHyiAynzuYonwZTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW0qEsvmahrZAcywiZCrhXepOdEe-MOuKVilOkdzMC2wpbirVP03l-pJo7FTkgxKsz-BpHOq9e-UXLBEDX48gkW-_9B9NRvpHvFNHnwkioQRUD0vpYlZ9G5Bc7pFSUvYDS_v8_0qQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW0qEsvmahrZAcywiZCrhXepOdEe-MOuKVilOkdzMC2wpbirVP03l-pJo7FTkgxKsz-BpHOq9e-UXLBEDX48gkW-_9B9NRvpHvFNHnwkioQRUD0vpYlZ9G5Bc7pFSUvYDS_v8_0qQ==
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pGVBpWhxI7opcWHVXKRa2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 14 May 2023 13:52:05 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pGVBpWhxI7opcWHVXKRa2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.sanook.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUMK2oLQeYZRN6zh1x__o9pr7hV-HHT9I_-NeF83gtCqmrmjoESQvoixb4Lam4c65rjypymEJ5of1GemeMYDqqbsWMmRN1jLw8hNVTO5VaMZdRVXIjTBRPvEtyc87wTQ0Pe8bIigQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUMK2oLQeYZRN6zh1x__o9pr7hV-HHT9I_-NeF83gtCqmrmjoESQvoixb4Lam4c65rjypymEJ5of1GemeMYDqqbsWMmRN1jLw8hNVTO5VaMZdRVXIjTBRPvEtyc87wTQ0Pe8bIigQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg0MDcyMzI1LDE2MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LnNhbm9vay5jb20vIixudWxsLFtbOCwidlB0Y0JGRmJmUkEiXSxbOSwiZGUiXSxbMTYsIlsxLDEsMV0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.vPtcBFFbfRA.es5.O/d=1/rs=AJlcJMzRYUhmOBqJxIffD-hs8t-nJHyljw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
526bdda8acc3c0699dcec8b92c619ed7075edd9ad68328691f24664d8d2aea90
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oaAq3vbJJIEozLlmPsGNaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:05 GMT
content-security-policy
script-src 'report-sample' 'nonce-oaAq3vbJJIEozLlmPsGNaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXpcWGVLLL_CqfJgjBKx3XeGshjvF7LiUnCU87qFLkg7fmjS3jaqQQ6dHQrAVS8GQpEdYdT4Ozqp8xet6AjGYNKthfqoNKbB6uItK-6jH6zQXZMYd1uOiyrDCqFDjl0GQAjL0Ri3g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXpcWGVLLL_CqfJgjBKx3XeGshjvF7LiUnCU87qFLkg7fmjS3jaqQQ6dHQrAVS8GQpEdYdT4Ozqp8xet6AjGYNKthfqoNKbB6uItK-6jH6zQXZMYd1uOiyrDCqFDjl0GQAjL0Ri3g==
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NxhjlbayNgzmyk3YIVCoEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 14 May 2023 13:52:05 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NxhjlbayNgzmyk3YIVCoEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.sanook.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 6A0A 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?fsip7A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:05 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
8f062114d3
bam.nr-data.net/1/ 		57 B
423 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/8f062114d3?a=50891400&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=8613&ref=https://www.sanook.com/&be=3088&fe=7958&dc=4300&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1684072317012,%22n%22:0,%22f%22:2201,%22dn%22:2201,%22dne%22:2202,%22c%22:2202,%22s%22:2396,%22ce%22:2843,%22rq%22:2843,%22rp%22:3060,%22rpe%22:3254,%22dl%22:3063,%22di%22:4056,%22ds%22:4300,%22de%22:4302,%22dc%22:7958,%22l%22:7958,%22le%22:7961%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1071.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230039-FRA
date
Sun, 14 May 2023 13:52:04 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
57
content-type
text/javascript;charset=iso-8859-1
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305090101&jk=3265520568402377&bg=!ICOlI3fNAAYldGN0BXQ7ADkAdvg8WqyAQmx0Hi5AjAjQ0DZm-zNYmhZ_suTLzvQe4-Do2xsZZcSM8JGGpHFpaTQ_4KdXZYmYo4ICAAAAblIAAAADaAEHCgC1wv2hqb4TjO-20EbX0rRh-0WEvt46azTcsZ671ZbXdFoGday2UZRxbsMQabjDKOq2boFaheg5s4Sm4vOloWFM25ExOnOP_FvtxK0iR4hsSdrfFwPmtBcvxObY4PONifPehkunGMYVMVx5WrkkXnbSAowSe_4AN7O8CSfWuZqWRKV9BE9nun-mEEa4skR16kXvDDrrpVePlXrRWlIvoskpUOJzaRijb-rt7TBTCZ32jLiDOKQCn5kCpnDptqHAbuDWF2Lvy6B2Y9lc9wk4rSgOY-CxZkx4wKVKXEWzSUs4IAwTf4ibXJcCHBSNTy3auBaMZ5cKs0ig8Cmcy--E3N36w4KU1zSrwTs44PNKWpmWRKMEgtgZ4392Qkyneha8r4COP7JN56cts6bKBb-9p-6CNOvQmm8AGYHZ5zhFmKiGwfW43M30GdIvPiXTwsycL0lAwLgUyikumV6kmYfeSIjqbyepplyDgpuyq9G52Kk1gprX0uNqzGzaWqey2Ht2MhpLSgATSttbKi51qR3wZDDyXcyASwyS22--SofDPi3PyCMh63s1tZfq211gtryo_F_dIMQcuoiLHfWDskiPRt8tKM8l9YcVXolIX74_IJ93cBl7vDEdccoguFQDPLdT9BEWdn4IAjvNsbdulow7btqd82gPhq2xkyyl0lh9NvYCR_zJXzZsKZXSCr2VF9tSCYI7efpHpms5Gmcv2qLZq_SC5haEW41QjSRhdHVZMq0nl1xmQpXm8iklZU_HZH9hurvaimxAmg7NmD6cZbi0IPkYAdEdAqUMDvFFpNfW7P0hfQzjaed55FTrQPThdncLV1G4At_ovhuk-t3tY8WDXBQhVcSHUvBYc_nXq5AKgU07TFv3S13ordVGo3ngiM4ka03ohaZzocnyQOuevPDhiPurI3EFvDn5LpC0tCXac-3M5-LzD710Ns3E4Jd_5WPlfLpf3Atd0zWT8U8dfS2myaX5IZl5Ah_Lk9emnK7yTiv5AZBVPmXwTwUyoCajlDogntsGFlIzpf83a-2jpjujrr8Oft8tULqeXOTtzVmVOL-UJ16xLvVgfcM5frBlt93vr_KDis5C1PCIXQH6nQxJ569LQPuu7YNHYPjmrUOSMUa_9h-RNbjAbphthSYZ0Md5TA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
SPug
simage4.pubmatic.com/AdServer/ Frame 3243 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:52:06 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzM2MzMvZHVzaXQuanBn.jpg
s.isanook.com/fi/0/rp/rc/w555h333/yatxacm1w0/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w555h333/yatxacm1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzc0LzE4NzM2MzMvZHVzaXQuanBn.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
9a9b6f4ab621b7fd1198a85be8882269781756321ce5642db647c67855c791b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:36:13 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
56918
server
Lego Server
age
0
etag
W/"PSA-aj-pGsr-hc6Ed"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2591807
x-nws-log-uuid
2892638997989657795
accept-ranges
bytes
content-length
47102
expires
Tue, 13 Jun 2023 13:33:01 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=984628893&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=fp-eventpromote-redirect&ea=click&el=fp-eventpromote-redirect&_u=aEDAAEABQAAAACAEK~&jid=&gjid=&cid=1927003879.1684072322&tid=UA-8147095-6&_gid=1230874791.1684072322&gtm=45He35a0n81PNXLXRS&cd4=0&cd12=1684072331304.dii7snoe&cd43=0&cd44=2&z=1097315376
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 May 2023 04:14:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
34675
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
c
sal.isanook.com/sa/ 		35 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sal.isanook.com/sa/c?v=1&_v=j41&a=849535445&t=event&_s=2&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=fp-eventpromote-redirect&ea=click&el=fp-eventpromote-redirect&_u=SEAAAAABC~&cid=284197396.1684072325&tid=SA-8147095-6&cd4=0&cd8=b&z=1438114417
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.94.165 Bangkok, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-165.static.asianet.co.th
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 14 May 2023 13:52:11 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
no-cache, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
Expires
Thu, 01 Jan 1970 00:00:01 GMT
d
dc.sanook.com/sanookStat/userActBinary/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutC9cEIdiOPlXBMmyFuRhg9SCfhNKCiNO7anMjAv9VyaCw3IMGcEEPmzhIxcLKs-gnbRj22SE_k2BAGL3m_M9Jt9ZvIwYEsrTUdxM5YMpLKF4sUtW1&sig=Cg0ArKJSzD0Gaw5vJghyEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230510&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=345054422&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1684072322107&rpt=338&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUgzpWRoKn7XM7HBCfq80g4K4jw6big0y1uaYJVROopgqb3EYmYcfq7cbGAlH33VaBASKpNpqkiNuouR0iMTGIkkCuz84TiO3NCvwOu3gmvnE8xpAl&sig=Cg0ArKJSzIuuOsVzbQG5EAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230510&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=178697795&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1684072322697&rpt=194&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Domain
dc.sanook.com
URL
https://dc.sanook.com/sanookStat/userActBinary/d?v=1&_v=j41&a=849535445&t=event&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=fp-eventpromote-redirect&ea=click&el=fp-eventpromote-redirect&cd4=0&cd22=firstpage&cd23=indexpage&_gid=1230874791.1684072322&_u=CAAAAEABC~&cid=1927003879.1684072322&tid=DC-8147095-6&z=1317580769

Verdicts & Comments Add Verdict or Comment

542 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 boolean| credentialless object| objGTMInitialValue object| smiData object| adsCookieRegex boolean| GTMFirstLoad object| dataLayer function| getPage object| THwhitelist boolean| THFirstLoad string| page string| SanookAnalyticsObject function| snSAL object| m function| fbq function| _fbq object| NREUM object| newrelic function| __nr_require object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_135 object| Criteo object| Criteo_135 object| google_tag_manager object| google_tag_data object| ad boolean| adblockTracker string| GoogleAnalyticsObject function| ga object| GooglebQhCsO object| _izq object| webpackChunk_N_E object| regeneratorRuntime object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| next object| _N_E function| __NEXT_PRELOADREADY object| PWT object| googletag object| __consolidated_events_handlers__ object| __BUILD_MANIFEST object| __SSG_MANIFEST object| container undefined| _izAlt object| izConfig function| _izooto object| google_optimize object| _comscore object| innityDataLayer object| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| OWT string| partnerName string| key string| hash string| turlnameindex string| _hsv string| _ht string| _ctg string| _hc number| __thflag undefined| stat_frm string| truehitsurl object| tga number| VisitorT number| onSeconds string| p_cookie function| truehits_set_no_cookie function| truehits_set_accept_cookie function| getLogonTime function| getLogoffTime function| path_cookie function| logon_getcookie function| Tracker function| _rdId function| _toHex function| _gsc function| _Hash function| _ref function| collector function| th_ajax_tracker function| domain_cmp string| __th_page string| udf string| arg string| _narg string| rf string| truehitsurl_top object| th_img object| th_link object| gaplugins object| gaGlobal object| gaData function| _UA-8147095-6_sendHitTask object| msgData object| COMSCORE object| ns_p function| onYouTubeIframeAPIReady object| innitytagmgr boolean| bG57b51f2f1c51b15b6d1e8553 object| _innityq object| _innity_wtl object| _innityoq object| V object| _iampt number| dz object| ggeac object| google_js_reporting_queue boolean| bG5f47736a47e7049801000002 string| DataCollectionObject function| datCol undefined| google_measure_js_timing object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| MzI0YWQ4Nzc3YWIyYWE3NmxvYWRlcl9qcw== string| MzI0YWQ4Nzc3YWIyYWE3NmNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady function| __uspapi object| __uspapiManager object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady number| google_unique_id object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager number| time_interval number| geopercent number| geoedge number| min_view_andbeyond number| min_view number| timebased_refresh_andbeyond number| residual number| refresh_andbeyond number| number number| refresh number| iframes string| machine_rules object| label_adapter_video object| label_adapter_display object| config_rtb object| adapter_rtb_new string| home_country object| adunit_network function| getQueryString_val_new object| myElementrtbtracker string| sitemainurlandbyeond undefined| andbeyondhttp function| getQueryString_val object| andbeyonddebug object| observ object| slot_vis object| start_time object| total_vis string| country_rtb1 string| city_rtb string| city_ip string| city_region string| Countrytimezone number| timedate1 number| andstatus300 number| andstatus3001 number| prebid_active number| newtestunitcount number| adlooksstatus number| adlooksstatus1 number| adloox_fraud number| andbeyondadult number| newunitcallback number| netacuitycpde number| width number| height object| block_url number| size3001status number| size3002status number| size3003status number| size3004status number| size3005status number| size3006status number| size3007status number| size3008status number| size3009status number| size30010status number| size30011status number| size30012status number| size30013status number| size30014status number| size30015status number| size30016status number| size30017status number| size30018status number| size30019status number| size30020status number| size30021status number| size30022status number| size30023status number| size30024status number| size30025status number| size30026status number| size30027status number| size30028status number| size30029status number| size30030status number| size30031status number| size30032status number| size30033status number| size30034status number| size30035status number| size30036status number| size30037status number| size30038status number| size30039status number| size30040status number| size30041status number| size30042status number| size30043status number| size30044status number| size30045status number| size6001status number| size6002status number| size6003status number| size6004status number| size6005status number| size6006status number| size6007status number| size6008status number| size60010status number| size7281status number| size7282status number| size7283status number| size7284status number| size7285status number| size7286status number| size7287status number| size7288status number| size7289status number| size72810status number| size72811status number| size72812status number| size72813status number| size72814status number| size72815status number| size72816status number| size72817status number| size72818status number| size72819status number| size72820status number| size72821status number| size72822status number| size72823status number| size72824status number| size72825status number| size9701status number| size9702status number| size9703status number| size9704status number| size9705status number| size9706status number| size9707status number| size9708status number| size9709status number| size97010status number| size9702501status number| size9702502status number| size9702503status number| size9702504status number| size9702505status number| size9702506status number| size9702507status number| size9702508status number| size9702509status number| size97025010status number| size1201status number| size1202status number| size1203status number| size1204status number| size1205status number| size1206status number| size1601status number| size1602status number| size1603status number| size1604status number| size1605status number| size1606status number| size1607status number| size1608status number| size1609status number| size3201status number| size3202status number| size3203status number| size3204status number| size3205status number| size3206status number| size3207status number| size3208status number| size3209status number| size32010status number| size32011status number| size32012status number| size32013status number| size32014status number| size32015status number| size32016status number| size32017status number| size32018status number| size32019status number| size32020status number| size32021status number| size1001status number| size1002status number| size1003status number| size1004status number| size1005status number| size1006status number| size1007status number| size1008status number| size1009status number| size10010status number| size4681status number| size4682status number| size4683status number| size4684status object| label_adapter number| tier2 number| tier3 number| globalandbeyond number| factor_internal number| timebased number| timebased_refresh number| timer_refresh number| factor_visible number| factor_tier1 number| factor_tier2 string| factor_tier1_text string| factor_tier2_text string| no_refresh boolean| detectPartial number| highcpm number| highcpm1 number| windowwandtest number| strategy number| myVar number| randomval1 number| network1 number| network2 number| percent1 number| namemc number| windowwidth2 number| PREBID_TIMEOUT_NEW number| floor number| ref object| rtbpbjs object| divandbeyond number| andbeyondtotalSeconds number| andbeyondtotalSeconds1 undefined| andbeyondtimestop boolean| idleStates object| idleTimers object| a9slots object| block_domain_creative string| pathurl12 number| geoindiablock object| and_geo_block function| checkeractivenew function| bidder_restrict function| callnative function| encodenativeurl function| callvideo function| calcTime function| isInteger function| myTimer function| isVisible function| bidadjust1 function| andbeyonddisps function| addListenerMulti function| callbackand0 object| aff_var number| floorlogic object| bidder_allowed_native object| bidder_allowed_video function| $ object| apstag function| jQuery boolean| apstagLOADED object| apscustom object| _aps string| timezonename object| adUnitand12 object| playersize number| pos string| native string| context number| count number| j object| adunit object| size string| code string| code1 number| flagsize object| temp1 object| bids object| bid object| temp number| flag string| adapt_temp object| params string| param1_name_video string| param2_name_video string| param3_name_video string| param4_name_video string| param1_value_video string| param2_value_video string| param3_value_video string| param4_value_video string| param1_name string| param1_value string| param2_name string| param2_value string| param3_name string| param3_value string| param4_name string| param4_value string| param5_name string| param5_value undefined| label object| adloox_pubint object| ignore function| setImmediate function| clearImmediate object| ID5 string| Oe string| Ce string| Ae string| Te string| Ee string| Le string| Ie string| Pe string| Ve string| Me string| Ne string| De string| Re string| He string| Be function| Fe function| $e object| qe function| ze function| Ge function| Xe function| We function| Ue function| Ke boolean| Ze function| Je function| Ye function| Qe function| tn function| en function| nn function| rn function| an function| on object| sn object| cn function| un object| saplugins object| saGlobal string| Ct string| At string| cd35 string| cd36 object| GoogleGcLKhOms number| __google_lidar_ function| __google_lidar_radf_ boolean| a55ad576-09ff-4aae-bb14-bcce5fbe55a2 number| current_time number| refreshval number| number5 object| google_image_requests number| success number| timeflag string| idnew2 number| knew number| newidflag string| vs3 number| nextactive number| nextpassive number| time_refreshunit number| nextnumber number| passivergptbillboard3 number| activergptbillboard3 number| time_refreshunitrgptbillboard3 number| nextnumberrgptbillboard3 number| newflag number| diff number| flagnewone number| passivergptreca4 number| activergptreca4 number| time_refreshunitrgptreca4 number| nextnumberrgptreca4 number| passivergptSkyscraper5 number| activergptSkyscraper5 number| time_refreshunitrgptSkyscraper5 number| nextnumberrgptSkyscraper5 number| passivergptleaderboard6 number| activergptleaderboard6 number| time_refreshunitrgptleaderboard6 number| nextnumberrgptleaderboard6 number| passivergptuniversalb2 number| activergptuniversalb2 number| time_refreshunitrgptuniversalb2 number| nextnumberrgptuniversalb2

120 Cookies

Domain/Path Name / Value
.sanook.com/ Name: _gcl_au
Value: 1.1.375541212.1684072320
.sanook.com/ Name: _fbp
Value: fb.1.1684072320433.1426097308
.sanook.com/ Name: sa_optout
Value: 2
.sanook.com/ Name: dc_optout
Value: 2
.sanook.com/ Name: ads_optout
Value: 2
.criteo.com/ Name: uid
Value: 2d846b44-5e50-45fe-8d09-7add79c69cb0
.doubleclick.net/ Name: IDE
Value: AHWqTUm76WYYfDgCh0oc49QFtVEP351o6MhdUCPlyttrffwkOLi9IPq042km4Fh7
www.sanook.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.izooto.com/ Name: IZCID
Value: 18bc5a42-aab4-4047-ad7c-ffee6ed07036
.sanook.com/ Name: _cbclose
Value: 1
.sanook.com/ Name: _cbclose45879
Value: 1
.sanook.com/ Name: _uid45879
Value: 727CD550.1
.sanook.com/ Name: _ctout45879
Value: 1
www.sanook.com/ Name: verify
Value: test
.sanook.com/ Name: _gid
Value: GA1.2.1230874791.1684072322
.sanook.com/ Name: _gat_UA-8147095-6
Value: 1
.sanook.com/ Name: _ga_M0RYDTKBFK
Value: GS1.1.1684072321.1.0.1684072321.60.0.0
.sanook.com/ Name: _ga
Value: GA1.1.1927003879.1684072322
.www.sanook.com/ Name: freq.5f73e63e47e7040e00000000
Value: 1
.sanook.com/ Name: cto_bundle
Value: 4ZtjxF9mJTJCcHVvYm5ITndTaW5seW9RUU5lZEJtZFZ6UGdVbjNTM1EzQ1k4bWgwJTJCSE02c3VjSjVXUyUyQkRRMiUyQk1neWJqcnclMkZjb3ptN3k0c3QyWWtXdTNrWFFEM2t6TnZ6ZWtiMkslMkJIcTZXVDZqUllreVQ4N3dKM1MzZXJwJTJGU0hHSldIeVQlMkYwNDA2ZHhEQVhqTzZjem80ZHVJaDhRJTNEJTNE
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1
.sanook.com/ Name: __gads
Value: ID=d648c922cbe348da:T=1684072322:S=ALNI_MbMUjMgW6FQDQSdOU8ttr-nRMjQog
.sanook.com/ Name: __gpi
Value: UID=00000c176e6de962:T=1684072322:RT=1684072322:S=ALNI_MYcrO5dxSC-5RJrB8BJxy6rpTG6HA
.quantserve.com/ Name: d
Value: EJYBCwH-KPijAA
.quantserve.com/ Name: mc
Value: 6460e782-33a96-1c781-b9d8e
.weborama.fr/ Name: AFFICHE_W
Value: gTSwlFeiUxeB27
.mathtag.com/ Name: uuid
Value: ebe16460-e782-4500-a0a6-1dc52db12729
.adfarm1.adition.com/ Name: UserID1
Value: 7233035547097102484
.adnxs.com/ Name: uuid2
Value: 4551528029839449851
.simpli.fi/ Name: suid
Value: 122A398EB59E41789AAE032E0A7F286A
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3MjYyMDAysjQ0MBXiM9R1Mcq2zHTXNXKpKAsFAIfKexclAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3MjYyMDAysjQ0MBXiM9R1Mcq2zHTXNXKpKAsFAIfKexclAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFiYG5kbGRkZGoEAA1gVMoQAAAA
.de17a.com/ Name: guid
Value: 1.7195103447793568274
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923--RkDcKoaDXLiHgYh9hsYcawaDXHiTwwk90g3C_dz&KRTB&19420--RkDcKoaDXLiHgYh9hsYcawaDXHiTwwk90g3C_dz&KRTB&22979--RkDcKoaDXLiHgYh9hsYcawaDXHiTwwk90g3C_dz&KRTB&23462--RkDcKoaDXLiHgYh9hsYcawaDXHiTwwk90g3C_dz
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEKr9RxTP49JSxGQlzTMDb9k&KRTB&22987-CAESEKr9RxTP49JSxGQlzTMDb9k&KRTB&23025-CAESEKr9RxTP49JSxGQlzTMDb9k&KRTB&23386-CAESEKr9RxTP49JSxGQlzTMDb9k
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5142336723200229105
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-7195103447793568274
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7233035547097102484&KRTB&23369-7233035547097102484
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:ebe16460-e782-4500-a0a6-1dc52db12729&KRTB&16736-uid:ebe16460-e782-4500-a0a6-1dc52db12729&KRTB&23019-uid:ebe16460-e782-4500-a0a6-1dc52db12729&KRTB&23114-uid:ebe16460-e782-4500-a0a6-1dc52db12729
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4551528029839449851&KRTB&23339-4551528029839449851
.adform.net/ Name: uid
Value: 635146453989379027
.bidr.io/ Name: bito
Value: AAGcT07Iwc8AACD0owc2NQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.bidswitch.net/ Name: tuuid
Value: 8ea390d7-5e0f-448f-80ea-cfc3a71c1f86
.bidswitch.net/ Name: c
Value: 1684072322
.bidswitch.net/ Name: tuuid_lu
Value: 1684072322
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-635146453989379027&KRTB&23263-635146453989379027&KRTB&23481-635146453989379027
.innity.com/ Name: iUUID
Value: 2cf233f30b9cccdf39fbf2609291aac9
.rubiconproject.com/ Name: khaos
Value: LHNH6GCU-21-INXH
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB0a0xdXMQVaRuQFbWGgM44fR/rFJVNr6iLAwlOVW3UfWGbs9jOYjXnDtPRa9KYHFgupJFs8sPz6DDH4Wm0It/pKcJ5v0ZEgBYM=
.sanook.com/ Name: iUUID
Value: 2cf233f30b9cccdf39fbf2609291aac9
.sanook.com/ Name: innity.dmp.225.sess
Value: 1.1684072322467.1684072322467.1684072322467
.sanook.com/ Name: innity.dmp.225.sess.id
Value: 230914140.225.1684072322467
.sanook.com/ Name: innity.dmp.cks.innity
Value: 1
.adnxs.com/ Name: icu
Value: ChgIvrdKEAoYASABKAEwgs-DowY4AUABSAEQgs-DowYYAA..
.smartadserver.com/ Name: pid
Value: 1954334274752897082
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAGcT07Iwc8AACD0owc2NQ
.yahoo.com/ Name: A3
Value: d=AQABBILnYGQCEGXeGVpzTYpasN4fQEkWkZ0FEgEBAQE5YmRqZOAYyiMA_eMAAA&S=AQAAAsvBsmfO_5y5DlgKh5zhWDs
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~2bn1
.amazon-adsystem.com/ Name: ad-id
Value: A69LFN3nckDyrQoxGC7ai4k
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.audrte.com/ Name: arcki2
Value: b6fSq7ygPxkQb-Hl-yEE134FQ!20220908!1684072322519!ip#80.255.10.199
.audrte.com/ Name: arcki2_pubmatic
Value: 2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1!20220908!1684072322527
.mfadsrvr.com/ Name: tuuid
Value: b632df4a-991d-40ea-b8f8-7c1eb6668028
.mfadsrvr.com/ Name: c
Value: 1684072322
.mfadsrvr.com/ Name: tuuid_lu
Value: 1684072322
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1684072322
.casalemedia.com/ Name: CMID
Value: ZGDngheklNpeOZ1CXrFjugAA
.casalemedia.com/ Name: CMPS
Value: 3398
.casalemedia.com/ Name: CMPRO
Value: 3398
.audrte.com/ Name: arcki2_ddp2
Value: b6fSq7ygPxkQb-Hl-yEE134FQ!20220908!1684072322672
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-8ea390d7-5e0f-448f-80ea-cfc3a71c1f86
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 709f027884222a00
.audrte.com/ Name: arcki2_adform
Value: 635146453989379027!20220908!1684072322833
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAGcT07Iwc8AACD0owc2NQ
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZGDnggAJ_HswGQAn
.turn.com/ Name: uid
Value: 3341713350281898955
.linkedin.com/ Name: bcookie
Value: "v=2&bd609e95-c79f-42ff-8fbd-97a72ddb4a27"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODQwNzIzMjM7MjswMjFpxtviiSZj4UE7ElBxL2fOHbdqjKlnRxW4ZEndmp4nRw==
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2907:u=1:x=1:i=1684072323:t=1684158723:v=2:sig=AQEj9aUwRANyqYMVMu6I6xYVfDHBma4R"
.doubleclick.net/ Name: DSID
Value: NO_DATA
avd.innity.com/ Name: geo
Value: EU%3BGermany%3BDE%3B%3B%3B
www.sanook.com/ Name: _lr_retry_request
Value: true
www.sanook.com/ Name: _lr_env_src_ats
Value: false
.sanook.com/ Name: _sa
Value: SA1.2.284197396.1684072325
www.sanook.com/ Name: pubmatic-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-05-14T13%3A52%3A04%22%7D
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 155976:4
.pubmatic.com/ Name: DPSync3
Value: 1685232000%3A201_245_241_235_227_226_219_197
.pubmatic.com/ Name: SyncRTB3
Value: 1685232000%3A55_56_204_176_238_88_8_22_7_81_99_243_21_166_161_233_214_3_54_234_254_220_71_249_13_251_46_165%7C1689206400%3A69%7C1684627200%3A2_223_15%7C1685318400%3A35%7C1684886400%3A63%7C1686614400%3A203
.ctnsnet.com/ Name: cid_71b8aacb673a4f85915a06415aff6824
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3341713350281898955&KRTB&23150-3341713350281898955
ads.playground.xyz/ Name: connect.sid
Value: s%3AezRr5MkpOln-DO1eqQP30cQGhTtHRkU_.JRdqXAvjV38St7bmGivLD7b4NFRLqBNtPMB0q4SMFbQ
.zeotap.com/ Name: zc
Value: 65139e84-49f5-4ea2-6485-37ffad3c51e0
.csync.loopme.me/ Name: viewer_token
Value: 611774ec-6449-4226-a41e-38153bbfcfa9
.onaudience.com/ Name: cookie
Value: 58c22e6ebd7d8b17
.onaudience.com/ Name: done_redirects147
Value: 1
.sanook.com/ Name: FCNEC
Value: %5B%5B%22AKsRol8KlQcB7Kr85eTWFBlw14e8eiTy0Hh7JsXpLasUOLqb-NWU4-h9AuQNmA86WQdVR7vknDUYY2HJo7LMVyTxUx7s2Y8EVEWlJ1lLiPpD1Ciiidd2knpoN3Fxa_RLlCrluMaajz_hMYhvf30T8tapKg-HYQesRw%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.adsby.bidtheatre.com/ Name: __kuid
Value: 9bf02d42-fbaa-40eb-96a0-196677d028ea.453286325
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a34f3279-45dd-464c-b825-f3016de0e65f-003%22%2C%22nxtrdr%22%3Afalse%7D
.semasio.net/ Name: SEUNCY
Value: 252818EDF22DEDF2
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&KRTB&23413-2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&KRTB&23479-2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a34f3279-45dd-464c-b825-f3016de0e65f-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-a34f3279-45dd-464c-b825-f3016de0e65f-003&KRTB&17107-RX-a34f3279-45dd-464c-b825-f3016de0e65f-003
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-uroLIz3lVSjXXnUnhQTQShbT
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1dd466ae-bbad-599e-6cce-d03577804d2e.saLNx3Vz4Dz5WZQPZT%2FWUXBAmQfXtrc%2Bve6d3Gy3LyU
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AHdRmrrutWZ5sztA1d4BNLlD_Csc.R9Sc5JkIHlnOQgYFVCdTsn19KpGLcHwg%2B%2BNNnO7WTSA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AHdRmrrutWZ5sztA1d4BNLlD_Csc.R9Sc5JkIHlnOQgYFVCdTsn19KpGLcHwg%2B%2BNNnO7WTSA
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-HdRmrrutWZ5sztA1d4BNLlD_Csc&KRTB&23334-HdRmrrutWZ5sztA1d4BNLlD_Csc&KRTB&23417-HdRmrrutWZ5sztA1d4BNLlD_Csc&KRTB&23426-HdRmrrutWZ5sztA1d4BNLlD_Csc
.pubmatic.com/ Name: PugT
Value: 1684072325
.nr-data.net/ Name: JSESSIONID
Value: 9416aa9c6d2510a3
.tribalfusion.com/ Name: ANON_ID
Value: atnseFriIthP3PTReGi055RsjuOxhh9WSZbOEjLea4THEMYWrFkEWLduMZdY6OiXp9wa3pBZd2gNBWv7Hm0MHKF
.gammaplatform.com/ Name: _aGeoIp
Value: DE|Osnabruck
.gammaplatform.com/ Name: _aUID
Value: dpr108v17znp
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-dpr108v17znp&KRTB&23446-dpr108v17znp&KRTB&23465-dpr108v17znp
.pubmatic.com/ Name: SPugT
Value: 1684072326

4 Console Messages

Source Level URL
Text
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2F6998A5-8E4A-45BE-BC7B-973F7FAE04D1&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.6
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
javascript error URL: https://www.sanook.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.sanook.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

978a7fc246f3cf0aaf9a13f50ecb1543.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.mrtnsvr.com
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.rlcdn.com
avd.innity.com
avd.innity.net
bam.nr-data.net
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
cdn.ampproject.org
cdn.id5-sync.com
cdn.indexww.com
cdn.izooto.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
connect.facebook.net
core.iprom.net
cr.frontend.weborama.fr
csync.loopme.me
d.adroll.com
d5p.de17a.com
dc.sanook.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e2c8d9bc0e74cc2f08f71b7a455426b3.safeframe.googlesyndication.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
graph.sanook.com
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
ipac.ctnsnet.com
js-agent.newrelic.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lvs2.truehits.in.th
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
p.adlooxtracking.com
p.rfihub.com
p3.isanook.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.andbeyond.media
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.analytics.google.com
rtb-csync.smartadserver.com
rtb-eu.andbeyond.media
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.isanook.com
s.tribalfusion.com
sal.isanook.com
sanook.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sloth-api.sanook.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.pubmatic.com
tencentth-d.openx.net
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.sanook.com
x.bidswitch.net
api.rlcdn.com
dc.sanook.com
pagead2.googlesyndication.com
104.18.10.47
104.18.11.47
104.18.24.185
108.128.51.215
119.81.216.16
13.228.87.248
13.32.99.105
141.94.161.158
141.94.171.215
141.94.171.216
142.250.186.162
142.250.186.66
15.197.193.217
151.101.130.49
151.101.194.137
162.19.138.119
162.19.138.83
162.247.243.29
162.55.120.196
164.92.213.94
178.250.1.11
178.250.1.9
185.29.132.241
185.64.189.112
185.64.190.78
185.64.190.80
185.64.190.82
185.64.191.210
185.80.39.216
185.86.139.93
185.89.210.20
185.89.211.12
193.0.160.130
195.5.165.20
198.148.27.139
198.47.127.20
2.18.232.7
2.18.233.180
2001:4860:4802:34::36
2001:4860:4802:36::178
2001:4de0:ac18::1:a:1b
203.151.133.2
203.154.58.217
209.54.182.161
213.155.156.183
213.19.147.44
23.215.19.214
23.32.184.180
23.37.63.179
2602:803:c004:200::140
2606:4700:10::6816:1957
2606:4700:10::6816:3456
2606:4700:20::ac43:4a81
2606:4700::6812:19ad
2606:4700::6812:d941
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9d
2a02:2638:3::7
2a02:2638:3::c
2a02:2638:d::2
2a02:fa8:8806:12::1370
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a05:d018:cc3:fe04:65fe:ad5d:6046:af21
2a05:d018:d29:3601:ffc9:867:3ede:5e54
3.120.144.155
3.121.249.106
3.215.146.42
3.71.149.231
34.102.163.6
34.102.253.54
34.107.231.31
34.111.129.221
34.111.131.239
35.171.236.105
35.186.193.173
35.204.74.118
35.214.153.92
35.244.159.8
37.157.2.229
43.152.28.33
46.228.164.11
52.220.229.2
52.222.208.154
52.94.222.140
54.156.183.173
54.220.255.219
61.91.93.41
61.91.93.46
61.91.94.165
63.33.105.75
64.95.96.108
69.173.144.139
69.173.144.165
77.243.51.121
77.245.57.78
85.114.159.118
98.98.134.242
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda
004dccc422f9d07025eb214e959cea7b998666e94fb15d5d254d7c581063d680
0166a929552b279f7abc3553f8d47c13b788b6f45ad171e38b1ae08ba3c42d55
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
04739cdd0a9f88f3ceac9851166b8376d4d10cc38cff7f92edc30d5e298d11b1
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c
08a8463bf15cca775e8cc01995f1d42758cbda90dee2b7019fee15daa62822c9
098621df3b498d9b70c2eb4e4ffbf76791177e5617b1620aca006f3e8d92187b
0a07be96c86e6357e4f958da91231c469affcea6570b9bb91a3dc3ea99dbf244
0a62a445564da839be3d2fa0aef9f81b08d4869dbe8b0f63a0864f60b172a640
0b2e019fbe37d9642ad85f3194ef708e5510f4e580544587d3036d2c6a22809e
0b55ec4e5aa91ac70224085c402a372fcdd954dd4df3229b7de7efbfa86cff3c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b93fcce3e4ed4086f6f2e19b753dfd7f9e48213ddba0ab5b8c9dfb2dc862ae0
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0dc1dc5f6b73ea4226f750387704e46cb7c8b0a54f03b0e22ac51777a9428a01
0efc2b3150feea54abc6285d834aaea36661ffd5acb56047656748c731d12330
0f39b97ea3de277e244ee8e16478fc327588d22f6d7337c4828daba88b12c9fb
0fa2fafb5adcf4a630ac19299166f2db7fad934b4c00be42447afbba5c36c852
12c77ac611a4332b163f12367043df571ad45e56537880d12235f9aa3376e777
13e6896962e02b5d34f51768df79aca99d7ec1d5b2eb207c062d134e48aeb5c0
14642d9bda67d96a5291f33bb8c703967c8f2ac0214efe41b0c453aaa369cc6e
151efe0aef9774258d30d2e65e7b1450e7d84d9965a55d0989d1d64d25484035
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16ecf21c6c16be45b7764f67f50c86526a29c5ae1384af9bf7edfee4cfd6cf98
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18af8ba9056199281dce1d7d08bf78d7555be69f9bc9baf180f7df1a6e2a169b
192314ba33c3a22a6c7f89e485a012ef563e16dcf6b2821f332826eec947b78e
1aa4e18158673b2d3ba35d5852dceae2d04e25f5f2e4e00961cbf40b79524386
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c4ab2f8971959b6a8e4375092eacd41007a97c2078e14af4dd43fdfea43bb6a
1d6eac41689357c3703d4153f73dd70d92087119106d4b79eb83969ed76af595
1f0b4e2930056936a7b4e0e027d3f10488a61e3268e58d06147d7e1fcc0f5c53
211ce11050c57b74d7f793232305a8ee5cea7f061366efaa6df4bff5cb7a2495
25645b415081078126cb366c6856f5fb61beb1fd5ab24cfe9046fe6611acdf06
256fa8474244fa5febefbd25bd8179ca0f778ffd3c4b303dfafd80a65402d2e4
28870c95b20237aa1f6fcfae58c897b6de8c34a879da05ee5eb9d634655d3abb
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bc5b8f4463864dd39b86eff2c2f1bab1fda0c91d9d64f08e26489bcc1f9e368
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87
2c6c8105077ab659bb2d43e2be89dd3aca47b431e0c1feb9e5cb4bad5003f421
2d74536b9b773e6478091f6a064af85b572c2b5d5d643dd955fbd764ba3966a5
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
30c5b1554b632083980f5eb99b674774b28d09a7f44f86f85fccc551695f9142
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
330f0b8b01fa3345ce5b2e138e7c662da14763863a70c2ebfbba20a665b193f7
3466750af397dd37459ef329277cdbc104d53003a9714c75627e6c33a3cb131d
347a1a93f15f2e4e49ec4956179590048c292cab68669b230759e5652eaefd65
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3719e33cd745e11292495508fe2b7528b65e0c891139d474048f5ffaf2e94e87
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad
37f0083e3ccae47923056a2cf1bcd82ebf8ba1f8d53c6bc28f2fd72e1c2c9a6d
3820f7eb79bb9a166b5ad1cda0f12ee32284dec09723a4bea04a2dd320c912a0
390c7a083630523df13c0acd5a01ed407422c105d4c2e896e7dae5ab34440604
39a9767a33fe8b9d31f24bb9f29f98152c9f738a1bf59539cfd87285d30be231
3c306814caff0bcd34236c2f17695012ea796e2e7d0d1506ec323773f70596b8
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d64c393a3454d460a9969dea580d4a6bf26fd8057afa3ac6249388c731aab27
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
412e44de7c09f2b8d76b1ad4ca25cc6915bcca5d737aaa7c5a6b44e5965d1d6d
425396deda5e55615b9639c0248b4ac8f469509681a8e531f2eb04bfb2227842
430ecf099c86f7249fb00216fb559ab42bdcdf23dccddfec85987ce3bec6b1df
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
473ba7671b2f5046b0e427d109218f3ad81f6f5e3d1b82329813428a503b49b1
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
4dc80fcaf6db01fa29ced797dbb0947bb3bb95b1a88f893f389cf17144166075
4dc93981100acbe828b7688916d99992d46f25fef3ab78cfe26fc7bd93de403f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
50242617945a6f6a36fe2fd68afa582d0b765e127a17bfe46487e5cc3970bb18
526bdda8acc3c0699dcec8b92c619ed7075edd9ad68328691f24664d8d2aea90
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559b1655dd2217813e55b8356d4e89d999fb61f4a6aa26aa6a45c147877f1e36
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
582393be1813e52d588f9c0b62f8ebf67ad5d9e1aba1d810611ea9303817a45e
5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305
5c717cef5a9dcd54d2277d6d61eb1c95a307847650e097ea9f752f7d87c42896
5c9ffe1bfb0d4ac195af879d7ce333dde2534bb66d93e990d52c421891d8b746
5d72e7f8f4515a77774b80d777d50dde6d46b7ba313521b24aeffbc373f09847
5e350907213334d6abaa825eca66b00c57971d80772e7bfe440345ec00ce2be8
5e640a2cd36dc4423f5be1715edbf9a3a5b19b774c012eaab8803c0f63bffd57
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
5ef1f9afe5400a1e9619e2ab2cec83ec5961bf45520ea8cdf00c6229e90ef656
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
6110bd3d72d24a65ab45401d0318208e362f323aca3c84d57a36523d34a60f0b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63f493e415c3790ad68a1bb7e2ee860a20c254cc2f045675f9b58821d61f559c
63f76efdf34dcee17d568b373f3b6616322a133cf8299dec72a3f9e74789e363
652e6b0c1e2415dcec99519e4c0ceb4390e443d84463547c3287c1aebc013f9f
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4
65c5209bee6152d1232aa12aa2c9cd97a27c393de23700d078e0ff08d3afb7d7
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479
65e08beb42a478adfc09e060a428ebe8d50160a8a8cc48edd5ee1cd2d3ab298c
6845354fd79c0af37cd71a0c92f57e12ec463571b296718c0cae8ab7a5b6c830
68551662722fe4ed510f4d33fd3aee3dea77c47dff7584e8c50d1dc9241f22df
695669eab4d353184ff9d06af8b2e1d0c0aea5af143d16b84206b05f1fa7ec3d
696ebff2f6fb069f9f94ffe87bf3afc534a4dc68dee592c312549170a6e0e9d2
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6c640da6393753b2e4050c43ac4087fc4fc4d6b86c9637f8b11e428517ce98ee
6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55
6d5ebc4be33dc468d3f5c59aa8ca1edc7c3c979191ce83138678daefc239a5b9
6e7cee02f137ecb7687634dcd4c4ba4ab740242b635dd8e46c6d32e462679ca2
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
6fd17e5ca08fd57b27c7837eaf220d5ebfdfbfe8d4cf29f8a3209999ba91e9f6
708b2a7ac9ef7d34271a231dbc962c0c7db9e897cf1a6328e066facf3d468a6d
70fbcd913b6b112aff02189897d364a6b8a011e3dbe23751c28d049dd8841631
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72b957c8e33b77cbf556151dc0c974c59408561b4bf97828c5b400bb60663138
7492395fef5caac2500eb07ba8dbc30c0fa593fe2db43e89db33dc0d3af70e41
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
7f4a1690bfdb65f69700202985165cc01913b37845c8df400a45166187ce5ce1
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8429e638fc94861f35de8542c469761b523fbd524c4aff71f55155dbc70d0801
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8756f19020bac3a40d2a403c5f5bcf3ac5034bc0da074d6a383bbe6c32561de5
8adab9a33a643e7d2c4878a55edd61bd5aaff6e1d856c8d0174f756008bcdd31
8bb95a8801494a5ea278fd9da6f87ac41a0a049f6e041a52fd28a8f9db53aed7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9fb88fdeab238f8bf08528f2bafa66d86c1c52f68a22eb875a45dbb6d61cd5
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99547a965f07daf7a5531abff25b655f8ca954dcd1fc1794a87e62b4f59069a7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99d40011659780baf645011cb90c43221b705b543b9da88009f082341b658b70
9a7e5ba60478e8b217b4c2ba427443a6566409a790953434a33cb1c77031d4e4
9a9b6f4ab621b7fd1198a85be8882269781756321ce5642db647c67855c791b8
9af13b9e5f07aff41e140edcd380b63f9b5f624e445623665710f902c7c546ae
9ccdbec9e927128d190882fdc2b16952ae59a95bfe6f179416ecd98d4aeef7ea
9cd0cf9358f6d9ef9aecc29466faba4f8f2f5b9a79f03be60e6b220558fd4340
9e94c370cc0d6136c5507a2f2be89550f6f8b09591630668f1bb921306c2a3ca
a00239aead0915c259a42cd13df46b0a9f1f99a7dfa99f2f82ab5a4643d3c11d
a0271f98803c9fe01228d180c20c34afbcc7c30ef2792f10a8f7eda524a82dff
a0801fff07962b46f2d5576e081876c5dbc4a955f339803faaa694c09d62c1ec
a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29
a39d28f78d96f29523eee3db2d6657e6436565fb175a70e6c84c3106c53dde20
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a74b93030e1ae059d7d2437c8232abacd76d03e1626b9ee417ac2dcca41a38bb
a7d76b35d274580e0e567470447b9fc79a62f95d072ec6614bf80aff36b790d5
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
ab85b212cc731304bc60a1da2621df8d562709f9c20d0e2e7152dd029d2a0817
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee078d2db3d2f8601a31db68c14c5d374debab80ed52bc94bd4dfa3d605cb08
b01878bb14cf38583deae6167267f1f3e2cf4596d5f061cda02f93b0fe22e1af
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b02bf2a8d76d3e8d58db00ee7d49100ee09d44b38d1d363bdbd33f9c72e92da1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b507d2ac7c73d6a028c197a299fddb97b5b79fb41c8d16b8ffddc962ed747df4
bbb7e880ada59b0dbace7d845b2d52b3bf858b8f0918363a07077279285e1818
be670c3d3cc9021e3e244a863bd36f5c685a09f46cffefdb930b9fefee0fec0e
be72bf82f18f784a8ab0d09064bed07463618deb95b5d82fcf35e65e8730eae5
be73eb199a6134fce000f9b74786b26354f11cfad9d3fe3ce937725305fc023a
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3fd8d1ca0927bef0d34534e1ae91c92cf336842f17f6f08d7907180529acd1a
c84f5c94fec8629693e4bbb5d8c6810bdeee0f88ae60703782c583d3dbcf6469
c874f708f5b975cd971bc4b89f3a432a46121a549273f79c0e1363ef54001157
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
cdd1cbe7be892ec19e00672bf28e3b5bbe3c23143a104e3fdedc6399ca6e54c5
cddb1b19e0e1005bf53cca0d8643347cabfc48c3f355d7ada6e596a81fd2abb9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d02ebd9eb1208457fcdd2d6a13d63eab2327b5e019bbbee3fd1b1299abfcd192
d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c
d38961bd0b1ca21df559b911d10e02450f663398373f3e6ac76eb31809b5b75e
d3c0675fdd328c5f49f6b946691a6b8d5fea493dc8c4c8de24eba784fe21df7c
d56fe8018757bf86b1d59d34e645ecf5f8e728878de4fb45368a1cffe0e8273d
d57aeaf80265f0b85de1bf9798c3eb60e8b8a71869a16cea4873e21667c9f657
d5b19727f965f05638f8fbb07196eb4aaae8722e495c7d38dc1815e676178831
d68c3ead837103c502de483abfdb0167fa83abe2a3ba452df2d5f216289f6c9f
dbfed29103e9686ce4cec6e9703ac6208581c8311fae17556ae6cce51bdb36ea
e16941500a7e562826092aa4e31a907a0c6e9354e4c843391cd3fdec33602bb1
e19671ef450091de37d9ad9a9bc8a043298b9514b876cd59843edbeaf33ac168
e38d761834243bf2cc6fe6785b8b08e3f48db6a79c3fc46296f0d3a1753683b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2489f38c5105dd0b3f40e24e240e10186fac5edc6b6bc730fbab98dfff50511
f4face233d06286293f5f6dc1d6473f8be67f35d45c4d29560c7cba0cb3e5e69
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b
f7bf48f1b5f98defd5b08bb1d4dbe9545d125b1d3ba46d784a2db43caaba435f
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f845b9769b0269494a35ba847135283027157318caac8593fa49d249fd90f617
f9f181deb949e1ffcea7b2a8d47f0bf673c7ac0615a7e8dabe5d8518926dff20
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
fed24d17bedc5029900e13e8bdefb58dd8f025a89d9a0ce8dd7dbfdb38d35202
fef4faae40a223746521b1ac55c3e99aacc17151dcef5f0397c18e8b6879c42c
ff66a56cb847fc9d5f3527bc56a81af7699106b2ddd11647493016e1076afe95