Submitted URL: http://posttoday.com/
Effective URL: https://www.posttoday.com/
Submission: On January 18 via api from SG — Scanned from DE

Summary

This website contacted 56 IPs in 13 countries across 51 domains to perform 218 HTTP transactions. The main IP is 2001:41d0:404:200::32ab, located in France and belongs to OVH, FR. The main domain is www.posttoday.com. The Cisco Umbrella rank of the primary domain is 228143.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on April 13th 2020. Valid for: 2 years.
This is the only time www.posttoday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2001:c00:4618... 4618 (INET-TH-A...)
4 2001:41d0:404... 16276 (OVH)
1 2a04:4e42::645 54113 (FASTLY)
58 203.154.37.199 4618 (INET-TH-A...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:236... 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
13 203.154.37.221 4618 (INET-TH-A...)
19 142.250.186.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 118.67.80.103 17941 (BIT-ISLE ...)
1 43.134.100.94 132203 (TENCENT-N...)
3 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.37 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
7 2606:4700::68... 13335 (CLOUDFLAR...)
2 202.183.165.228 9891 (CSLOX-IDC...)
1 52.222.236.122 16509 (AMAZON-02)
2 2a03:2880:f12... 32934 (FACEBOOK)
2 203.151.144.214 4618 (INET-TH-A...)
1 2a03:2880:f02... 32934 (FACEBOOK)
1 87.240.190.78 47541 (VKONTAKTE...)
1 217.20.155.208 47764 (MAILRU-AS...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 18.66.139.117 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 45.60.46.141 19551 (INCAPSULA)
1 195.161.16.148 8342 (RTCOMM-AS)
1 52.209.125.250 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 31.220.27.134 39572 (ADVANCEDH...)
3 3 83.222.114.190 42632 (MNOGOBYTE...)
3 4 142.250.185.162 15169 (GOOGLE)
1 1 193.106.95.134 48614 (ITSOFT-AS)
1 1 88.212.201.204 39134 (UNITEDNET)
2 2 89.108.120.76 197695 (AS-REG)
3 3 185.15.175.131 43226 (SAFEDATA ...)
2 2 136.243.148.229 24940 (HETZNER-AS)
2 2 138.201.139.144 24940 (HETZNER-AS)
1 188.34.131.130 24940 (HETZNER-AS)
1 81.222.128.216 20597 (ELTEL-AS)
1 185.162.95.70 41722 (MIRAN-AS ...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
12 37.157.4.23 198622 (ADFORM)
1 185.170.63.117 27381 (CASALE-MEDIA)
9 37.157.6.236 198622 (ADFORM)
2 16 2.18.234.21 16625 (AKAMAI-AS)
2 35.71.131.137 16509 (AMAZON-02)
2 4 52.46.130.91 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 34.243.89.47 16509 (AMAZON-02)
1 1 52.0.35.69 14618 (AMAZON-AES)
2 2 51.178.20.140 16276 (OVH)
1 185.170.60.201 27381 (CASALE-MEDIA)
2 185.33.220.242 29990 (ASN-APPNEX)
2 185.33.220.243 29990 (ASN-APPNEX)
2 2a05:d018:d29... 16509 (AMAZON-02)
1 18.156.0.31 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 2 52.45.237.203 14618 (AMAZON-AES)
1 185.170.63.88 27381 (CASALE-MEDIA)
1 1 185.29.134.248 30419 (MEDIAMATH...)
1 2 52.17.84.146 16509 (AMAZON-02)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 192.132.33.46 18568 (BIDTELLECT)
218 56
Apex Domain
Subdomains
Transfer
64 posttoday.com
posttoday.com — Cisco Umbrella Rank: 197619
www.posttoday.com — Cisco Umbrella Rank: 228143
static.posttoday.com — Cisco Umbrella Rank: 424535
3 MB
21 adform.net
track.adform.net — Cisco Umbrella Rank: 3933
s1.adform.net — Cisco Umbrella Rank: 7975
472 KB
19 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
195 KB
17 googlesyndication.com
36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
166 KB
16 casalemedia.com
a4525.casalemedia.com — Cisco Umbrella Rank: 441480
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 520
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
a2170.casalemedia.com — Cisco Umbrella Rank: 666491
a4496.casalemedia.com — Cisco Umbrella Rank: 426513
dsum.casalemedia.com — Cisco Umbrella Rank: 1272
18 KB
13 bangkokpost.co.th
ads3.bangkokpost.co.th — Cisco Umbrella Rank: 380494
11 KB
9 useinsider.com
posttoday.api.useinsider.com — Cisco Umbrella Rank: 791285
segment.api.useinsider.com — Cisco Umbrella Rank: 15735
location.api.useinsider.com — Cisco Umbrella Rank: 16021
hit.api.useinsider.com — Cisco Umbrella Rank: 13563
assets.api.useinsider.com — Cisco Umbrella Rank: 21159
eitri.api.useinsider.com — Cisco Umbrella Rank: 21427
log.api.useinsider.com — Cisco Umbrella Rank: 9644
87 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
175 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 241
secure.adnxs.com — Cisco Umbrella Rank: 404
7 KB
4 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 284
3 KB
4 com.ru
rtb.com.ru — Cisco Umbrella Rank: 29732
adx.com.ru — Cisco Umbrella Rank: 47607
4 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 80
www.google.com — Cisco Umbrella Rank: 13
1 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 644
script.hotjar.com — Cisco Umbrella Rank: 919
vars.hotjar.com — Cisco Umbrella Rank: 1012
in.hotjar.com — Cisco Umbrella Rank: 1810
65 KB
4 giraff.io
code.th.giraff.io — Cisco Umbrella Rank: 63100
data.th.giraff.io — Cisco Umbrella Rank: 60069
a.giraff.io — Cisco Umbrella Rank: 56171
45 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
2 KB
3 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 636
1 KB
3 digitaltarget.ru
dmg.digitaltarget.ru — Cisco Umbrella Rank: 24900
4 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
graph.facebook.com — Cisco Umbrella Rank: 117
an.facebook.com Failed
953 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
55 KB
2 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 673
579 B
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 3893
563 B
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1261
850 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
529 B
2 altergeo.ru
cm.p.altergeo.ru — Cisco Umbrella Rank: 47755
1 KB
2 1dmp.io
sync.1dmp.io — Cisco Umbrella Rank: 12235
1 KB
2 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 13701
2 KB
2 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 11367
485 B
2 settrade.com
www.settrade.com — Cisco Umbrella Rank: 225770
37 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8028
www.google.de — Cisco Umbrella Rank: 5557
1 KB
2 truehits.in.th
lvs.truehits.in.th — Cisco Umbrella Rank: 43562
10 KB
2 thelead.tech
cdn.thelead.tech — Cisco Umbrella Rank: 82102
connect.thelead.tech — Cisco Umbrella Rank: 85161
11 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
114 KB
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 746
380 B
1 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2733
187 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 421
683 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 424
509 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 2192
232 B
1 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 205
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 770
425 B
1 stat.media
stat.media — Cisco Umbrella Rank: 20469
265 B
1 adriver.ru
ssp.adriver.ru — Cisco Umbrella Rank: 13446
201 B
1 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 8294
1 KB
1 prodmp.ru
prodmp.ru — Cisco Umbrella Rank: 46144
1 KB
1 ok.ru
connect.ok.ru — Cisco Umbrella Rank: 22099
2 KB
1 vk.com
vk.com — Cisco Umbrella Rank: 5015
479 B
1 ptengine.jp
collect.ptengine.jp — Cisco Umbrella Rank: 74815
235 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
53 KB
1 optad360.io
get.optad360.io — Cisco Umbrella Rank: 24472
91 KB
1 ptengine.com
js.ptengine.com — Cisco Umbrella Rank: 110237
25 KB
1 anymind360.com
anymind360.com — Cisco Umbrella Rank: 21459
28 KB
0 everesttech.net Failed
sync-tm.everesttech.net Failed
218 51
Domain Requested by
58 static.posttoday.com www.posttoday.com
static.posttoday.com
14 securepubads.g.doubleclick.net anymind360.com
securepubads.g.doubleclick.net
www.posttoday.com
www.googletagservices.com
13 ads3.bangkokpost.co.th www.posttoday.com
static.posttoday.com
12 track.adform.net 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
s1.adform.net
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
9 s1.adform.net track.adform.net
s1.adform.net
36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
8 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
um2.eqads.com
5 www.googletagservices.com static.posttoday.com
securepubads.g.doubleclick.net
36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
4 ssum-sec.casalemedia.com 1 redirects 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
4 cm.g.doubleclick.net 3 redirects ssum-sec.casalemedia.com
4 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 www.posttoday.com www.posttoday.com
static.posttoday.com
3 js-sec.indexww.com ssum-sec.casalemedia.com
3 www.google.com www.posttoday.com
36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
3 dmg.digitaltarget.ru 3 redirects
3 rtb.com.ru 3 redirects
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 bcp.crwdcntrl.net 1 redirects ssum-sec.casalemedia.com
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
2 secure.adnxs.com ssum-sec.casalemedia.com
2 ib.adnxs.com www.posttoday.com
ssum-sec.casalemedia.com
2 gu.dyntrk.com 2 redirects
2 match.adsrvr.org ssum-sec.casalemedia.com
2 cm.p.altergeo.ru 2 redirects
2 sync.1dmp.io 2 redirects
2 x01.aidata.io 2 redirects
2 s.uuidksinc.net www.posttoday.com
2 log.api.useinsider.com www.posttoday.com
2 www.settrade.com www.posttoday.com
2 lvs.truehits.in.th www.posttoday.com
2 www.facebook.com www.posttoday.com
2 posttoday.api.useinsider.com www.googletagmanager.com
posttoday.api.useinsider.com
2 connect.facebook.net www.posttoday.com
connect.facebook.net
2 code.th.giraff.io www.posttoday.com
2 posttoday.com 2 redirects
1 bttrack.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 sync.mathtag.com 1 redirects
1 pagead2.googlesyndication.com www.googletagservices.com
1 a4496.casalemedia.com 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
1 pixel.quantserve.com 1 redirects
1 ups.analytics.yahoo.com ssum-sec.casalemedia.com
1 a2170.casalemedia.com 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
1 nep.advangelists.com 1 redirects
1 dpm.demdex.net ssum-sec.casalemedia.com
1 ad.turn.com 1 redirects
1 a4525.casalemedia.com 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
1 connect.thelead.tech cdn.thelead.tech
1 www.google.de www.posttoday.com
1 stat.media www.posttoday.com
1 ssp.adriver.ru www.posttoday.com
1 adx.com.ru www.posttoday.com
1 counter.yadro.ru 1 redirects
1 prodmp.ru 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 in.hotjar.com script.hotjar.com
1 a.giraff.io code.th.giraff.io
1 eitri.api.useinsider.com posttoday.api.useinsider.com
1 assets.api.useinsider.com posttoday.api.useinsider.com
1 hit.api.useinsider.com posttoday.api.useinsider.com
1 location.api.useinsider.com posttoday.api.useinsider.com
1 segment.api.useinsider.com posttoday.api.useinsider.com
1 vars.hotjar.com static.hotjar.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 connect.ok.ru code.th.giraff.io
1 vk.com code.th.giraff.io
1 graph.facebook.com code.th.giraff.io
1 script.hotjar.com static.hotjar.com
1 cdn.thelead.tech www.posttoday.com
1 static.hotjar.com www.googletagmanager.com
1 data.th.giraff.io code.th.giraff.io
1 collect.ptengine.jp js.ptengine.com
1 www.googletagmanager.com www.posttoday.com
1 get.optad360.io www.posttoday.com
1 js.ptengine.com www.posttoday.com
1 anymind360.com www.posttoday.com
0 sync-tm.everesttech.net Failed ssum-sec.casalemedia.com
0 an.facebook.com Failed www.posttoday.com
218 82
Subject Issuer Validity Valid
*.posttoday.com
AlphaSSL CA - SHA256 - G2
2020-04-13 -
2022-05-21
2 years crt.sh
anymind360.com
R3
2022-01-03 -
2022-04-03
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-10-25 -
2022-10-24
a year crt.sh
*.ptengine.jp
Amazon
2021-08-24 -
2022-09-22
a year crt.sh
*.optad360.io
Amazon
2021-11-17 -
2022-12-15
a year crt.sh
*.bangkokpost.co.th
AlphaSSL CA - SHA256 - G2
2021-07-16 -
2022-08-17
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
th.giraff.io
R3
2021-11-22 -
2022-02-20
3 months crt.sh
*.hotjar.com
Amazon
2021-11-25 -
2022-12-23
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-10-28 -
2022-01-26
3 months crt.sh
useinsider.com
Cloudflare Inc ECC CA-3
2021-09-20 -
2022-09-19
a year crt.sh
cdn.thelead.tech
R3
2021-11-25 -
2022-02-23
3 months crt.sh
lvs.truehits.in.th
Sectigo RSA Domain Validation Secure Server CA
2021-09-15 -
2022-10-14
a year crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2
2020-06-09 -
2022-06-10
2 years crt.sh
*.ok.ru
GeoTrust RSA CA 2018
2021-02-18 -
2022-03-21
a year crt.sh
*.google.de
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.google.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.settrade.com
DigiCert TLS RSA SHA256 2020 CA1
2021-05-07 -
2022-06-07
a year crt.sh
giraff.io
R3
2021-12-17 -
2022-03-17
3 months crt.sh
uuidksinc.net
R3
2022-01-14 -
2022-04-14
3 months crt.sh
*.adriver.ru
RapidSSL RSA CA 2018
2020-04-03 -
2022-04-24
2 years crt.sh
stat.media
R3
2021-11-29 -
2022-02-27
3 months crt.sh
www.google.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
www.google.de
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
connect.thelead.tech
R3
2021-11-25 -
2022-02-23
3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2
2021-01-13 -
2022-02-14
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-12-12 -
2022-12-13
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-19 -
2022-11-19
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-08-24 -
2022-02-16
6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-01-11 -
2022-07-06
6 months crt.sh
um3.eqads.com
Amazon
2021-06-26 -
2022-07-25
a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA
2021-03-29 -
2022-03-29
a year crt.sh

This page contains 14 frames:

Primary Page: https://www.posttoday.com/
Frame ID: C22391E83A1DEFE14AFD06A7BDEA7EC5
Requests: 136 HTTP requests in this frame

Frame: https://www.posttoday.com/set.php
Frame ID: C5C2EBFA7078A2D9AE8DA44225767B7C
Requests: 3 HTTP requests in this frame

Frame: https://posttoday.api.useinsider.com/worker-new.html
Frame ID: 3D62B4F40D5AA8273883B074A444EA9B
Requests: 1 HTTP requests in this frame

Frame: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 990304D1927B92E97E9DF865CD781F7E
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Frame ID: 218DD8FAC132A9B156D2DBC0FDF51EB1
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 41820C17F19C531551A5B207B51704FF
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuE5samTyPqcGvTbKYsG0-JhW6aqT8U1g0ihXf13H3vklQtDUYuEIKsJKAzkn-o_5RbMN_rKARSuK1ry50WtBMDizPwd088Rkj8Yr1yzyk4Z6UDkn5JkipkaTinj7RMpqz0yNasz3yGdylOhI1FP9-VPqoNpghhShVctPRg5hYy4xYR2kMT8XGsT3R46zlRWt0ph79Cl6zAGKCvqB6_5LUeZILe2mYI136NEbm2JPVNY01s29e_B6pTLppDT5NZ3BUCNruKKA4xlTfLuH5XHrp3YmyUO6mA7e38r52rLAHJVVgwGDdEzHPivzXkv2_nVBnob2EDuifKgqiDAIOK0y-neG9gU7Dn8eItOk74038AVjYhNzppOHGWkpHIiFaJD9P59GTbBiZx7g&sai=AMfl-YR5OM-ilr3wnPwMVrb2iAGbqdik2YitXACRQxzFN-8kNijjOtRNye6hEw2_Sx5Cdu-WL07vmr6K-mQe7BmX786o3l-OrQGJ5hxKVSETphgL6VsDSN_gWnhYLQcxmRw&sig=Cg0ArKJSzPp25UfRQ5FVEAE&uach_m=[UACH]&adurl=
Frame ID: 9EEE09E5B29FBCDB15E6B2CCB57C85B0
Requests: 8 HTTP requests in this frame

Frame: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 91A6CB83DA25879BCD032CE8ED746C0D
Requests: 16 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Frame ID: 0BCF4E1EF0D187BC5D668924B5A59DBB
Requests: 10 HTTP requests in this frame

Frame: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EA8773A3F98DEFDCAB8E601E9E44761B
Requests: 15 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Frame ID: EEA4207B3AE1914900AF75E2258A2858
Requests: 9 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: F521079387416DC53CF0E5217C4268DA
Requests: 2 HTTP requests in this frame

Frame: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4DAFF57CED9F36E416C8A42630F8EEBE
Requests: 16 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Frame ID: FA87247A73D18DB4FCC2F7CDA24CD8E0
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

ข่าว ข่าววันนี้ ข่าวเด่น ข่าวด่วน ข่าวโพสต์ทูเดย์

Page URL History Show full URLs

  1. http://posttoday.com/ HTTP 301
    https://posttoday.com/ HTTP 301
    https://www.posttoday.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • api\.useinsider\.\w+/


Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

218
Requests

94 %
HTTPS

35 %
IPv6

51
Domains

82
Subdomains

56
IPs

13
Countries

4631 kB
Transfer

7982 kB
Size

53
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://posttoday.com/ HTTP 301
    https://posttoday.com/ HTTP 301
    https://www.posttoday.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 125
  • https://rtb.com.ru/directadvert-sync?uid=14150766 HTTP 302
  • https://rtb.com.ru/sync?noRedirect=&sspKey=52&sspUserID=14150766 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=61e72baba62fbd6799122777&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D61e72baba62fbd6799122777%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D61e72baba62fbd6799122777%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D61e72baba62fbd6799122777%252526i%25253D4180148616126991406%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D61e72baba62fbd6799122777%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D61e72baba62fbd6799122777%2525252526nc%252525253D7970598166320752486%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D61e72baba62fbd6799122777%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252FcLXqJAsreRGVxArzn6LayQ%2525252525253Fsign%2525252525253D2547136621%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Fmc.yandex.ru%252525252525252Fwatch%252525252525252F65195605 HTTP 302
  • https://rtb.com.ru/adx-sync?r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D61e72baba62fbd6799122777%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D61e72baba62fbd6799122777%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D61e72baba62fbd6799122777%252526i%25253D4180148616126991406%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D61e72baba62fbd6799122777%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D61e72baba62fbd6799122777%2525252526nc%252525253D7970598166320752486%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D61e72baba62fbd6799122777%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252FcLXqJAsreRGVxArzn6LayQ%2525252525253Fsign%2525252525253D2547136621%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Fmc.yandex.ru%252525252525252Fwatch%252525252525252F65195605&google_gid=CAESEM-of9ZeFuAhLJIPxOE280k&google_cver=1 HTTP 302
  • https://prodmp.ru/refocus.gif?dsp_provider_id=2&uid=61e72baba62fbd6799122777&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D61e72baba62fbd6799122777%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D61e72baba62fbd6799122777%2526i%253D4180148616126991406%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D61e72baba62fbd6799122777%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D61e72baba62fbd6799122777%25252526nc%2525253D7970598166320752486%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D61e72baba62fbd6799122777%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252FcLXqJAsreRGVxArzn6LayQ%25252525253Fsign%25252525253D2547136621%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fmc.yandex.ru%2525252525252Fwatch%2525252525252F65195605 HTTP 302
  • https://counter.yadro.ru/id127/refocusdmp-id.gif?uid=61e72baba62fbd6799122777&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D61e72baba62fbd6799122777%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D61e72baba62fbd6799122777%2526i%253D4180148616126991406%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D61e72baba62fbd6799122777%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D61e72baba62fbd6799122777%25252526nc%2525253D7970598166320752486%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D61e72baba62fbd6799122777%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252FcLXqJAsreRGVxArzn6LayQ%25252525253Fsign%25252525253D2547136621%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fmc.yandex.ru%2525252525252Fwatch%2525252525252F65195605&dsp_provider_id=2 HTTP 302
  • https://x01.aidata.io/0.gif?pid=6472613&id=61e72baba62fbd6799122777&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D61e72baba62fbd6799122777%26i%3D4180148616126991406%26r%3Dhttps%253A%252F%252Fsync.1dmp.io%252Fpixel.gif%253Fcid%253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%2526pid%253Dw%2526uid%253D61e72baba62fbd6799122777%2526ru%253Dhttps%25253A%25252F%25252Fcm.p.altergeo.ru%25252Fspnd%25253Faid%25253D61e72baba62fbd6799122777%252526nc%25253D7970598166320752486%252526url%25253Dhttps%2525253A%2525252F%2525252Fadx.com.ru%2525252Fadspend-sync%2525253Fuid%2525253D61e72baba62fbd6799122777%25252526r%2525253Dhttps%252525253A%252525252F%252525252Fan.yandex.ru%252525252Fsetud%252525252Fadspend%252525252FcLXqJAsreRGVxArzn6LayQ%252525253Fsign%252525253D2547136621%2525252526location%252525253Dhttps%25252525253A%25252525252F%25252525252Fmc.yandex.ru%25252525252Fwatch%25252525252F65195605 HTTP 302
  • https://x01.aidata.io/0.gif?pid=6472613&id=61e72baba62fbd6799122777&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D61e72baba62fbd6799122777%26i%3D4180148616126991406%26r%3Dhttps%253A%252F%252Fsync.1dmp.io%252Fpixel.gif%253Fcid%253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%2526pid%253Dw%2526uid%253D61e72baba62fbd6799122777%2526ru%253Dhttps%25253A%25252F%25252Fcm.p.altergeo.ru%25252Fspnd%25253Faid%25253D61e72baba62fbd6799122777%252526nc%25253D7970598166320752486%252526url%25253Dhttps%2525253A%2525252F%2525252Fadx.com.ru%2525252Fadspend-sync%2525253Fuid%2525253D61e72baba62fbd6799122777%25252526r%2525253Dhttps%252525253A%252525252F%252525252Fan.yandex.ru%252525252Fsetud%252525252Fadspend%252525252FcLXqJAsreRGVxArzn6LayQ%252525253Fsign%252525253D2547136621%2525252526location%252525253Dhttps%25252525253A%25252525252F%25252525252Fmc.yandex.ru%25252525252Fwatch%25252525252F65195605&bounce=1 HTTP 302
  • https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=61e72baba62fbd6799122777&i=4180148616126991406&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D61e72baba62fbd6799122777%26ru%3Dhttps%253A%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D61e72baba62fbd6799122777%2526nc%253D7970598166320752486%2526url%253Dhttps%25253A%25252F%25252Fadx.com.ru%25252Fadspend-sync%25253Fuid%25253D61e72baba62fbd6799122777%252526r%25253Dhttps%2525253A%2525252F%2525252Fan.yandex.ru%2525252Fsetud%2525252Fadspend%2525252FcLXqJAsreRGVxArzn6LayQ%2525253Fsign%2525253D2547136621%25252526location%2525253Dhttps%252525253A%252525252F%252525252Fmc.yandex.ru%252525252Fwatch%252525252F65195605 HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/224/i/i?call_source=awg&a=224&e=61e72baba62fbd6799122777&i=4180148616126991406&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D61e72baba62fbd6799122777%26ru%3Dhttps%253A%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D61e72baba62fbd6799122777%2526nc%253D7970598166320752486%2526url%253Dhttps%25253A%25252F%25252Fadx.com.ru%25252Fadspend-sync%25253Fuid%25253D61e72baba62fbd6799122777%252526r%25253Dhttps%2525253A%2525252F%2525252Fan.yandex.ru%2525252Fsetud%2525252Fadspend%2525252FcLXqJAsreRGVxArzn6LayQ%2525253Fsign%2525253D2547136621%25252526location%2525253Dhttps%252525253A%252525252F%252525252Fmc.yandex.ru%252525252Fwatch%252525252F65195605 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=crossmedia_ddp&google_cm=&code=224&ts=6D4YhPcPIs7jn1A7rynv&redirect=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D61e72baba62fbd6799122777%26ru%3Dhttps%253A%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D61e72baba62fbd6799122777%2526nc%253D7970598166320752486%2526url%253Dhttps%25253A%25252F%25252Fadx.com.ru%25252Fadspend-sync%25253Fuid%25253D61e72baba62fbd6799122777%252526r%25253Dhttps%2525253A%2525252F%2525252Fan.yandex.ru%2525252Fsetud%2525252Fadspend%2525252FcLXqJAsreRGVxArzn6LayQ%2525253Fsign%2525253D2547136621%25252526location%2525253Dhttps%252525253A%252525252F%252525252Fmc.yandex.ru%252525252Fwatch%252525252F65195605 HTTP 302
  • https://dmg.digitaltarget.ru/awg/7162?a=155&e=CAESEF2JcJRtpI32PV5nY9IEV8o&ver=1&google_error=&code=224&ts=6D4YhPcPIs7jn1A7rynv&redirect=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D61e72baba62fbd6799122777%26ru%3Dhttps%253A%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D61e72baba62fbd6799122777%2526nc%253D7970598166320752486%2526url%253Dhttps%25253A%25252F%25252Fadx.com.ru%25252Fadspend-sync%25253Fuid%25253D61e72baba62fbd6799122777%252526r%25253Dhttps%2525253A%2525252F%2525252Fan.yandex.ru%2525252Fsetud%2525252Fadspend%2525252FcLXqJAsreRGVxArzn6LayQ%2525253Fsign%2525253D2547136621%25252526location%2525253Dhttps%252525253A%252525252F%252525252Fmc.yandex.ru%252525252Fwatch%252525252F65195605 HTTP 307
  • https://sync.1dmp.io/pixel.gif?cid=fe2375b0-c617-4a6d-ab2d-f9f457ba8100&pid=w&uid=61e72baba62fbd6799122777&ru=https%3A%2F%2Fcm.p.altergeo.ru%2Fspnd%3Faid%3D61e72baba62fbd6799122777%26nc%3D7970598166320752486%26url%3Dhttps%253A%252F%252Fadx.com.ru%252Fadspend-sync%253Fuid%253D61e72baba62fbd6799122777%2526r%253Dhttps%25253A%25252F%25252Fan.yandex.ru%25252Fsetud%25252Fadspend%25252FcLXqJAsreRGVxArzn6LayQ%25253Fsign%25253D2547136621%252526location%25253Dhttps%2525253A%2525252F%2525252Fmc.yandex.ru%2525252Fwatch%2525252F65195605 HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=fe2375b0-c617-4a6d-ab2d-f9f457ba8100&pid=w&uid=61e72baba62fbd6799122777&ru=https%3A%2F%2Fcm.p.altergeo.ru%2Fspnd%3Faid%3D61e72baba62fbd6799122777%26nc%3D7970598166320752486%26url%3Dhttps%253A%252F%252Fadx.com.ru%252Fadspend-sync%253Fuid%253D61e72baba62fbd6799122777%2526r%253Dhttps%25253A%25252F%25252Fan.yandex.ru%25252Fsetud%25252Fadspend%25252FcLXqJAsreRGVxArzn6LayQ%25253Fsign%25253D2547136621%252526location%25253Dhttps%2525253A%2525252F%2525252Fmc.yandex.ru%2525252Fwatch%2525252F65195605&cs=1 HTTP 302
  • https://cm.p.altergeo.ru/spnd?aid=61e72baba62fbd6799122777&nc=7970598166320752486&url=https%3A%2F%2Fadx.com.ru%2Fadspend-sync%3Fuid%3D61e72baba62fbd6799122777%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fsetud%252Fadspend%252FcLXqJAsreRGVxArzn6LayQ%253Fsign%253D2547136621%2526location%253Dhttps%25253A%25252F%25252Fmc.yandex.ru%25252Fwatch%25252F65195605 HTTP 302
  • https://cm.p.altergeo.ru/spnd?aid=61e72baba62fbd6799122777&nc=7970598166320752486&url=https%3A%2F%2Fadx.com.ru%2Fadspend-sync%3Fuid%3D61e72baba62fbd6799122777%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fsetud%252Fadspend%252FcLXqJAsreRGVxArzn6LayQ%253Fsign%253D2547136621%2526location%253Dhttps%25253A%25252F%25252Fmc.yandex.ru%25252Fwatch%25252F65195605&cc=1 HTTP 302
  • https://adx.com.ru/adspend-sync?uid=61e72baba62fbd6799122777&r=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2FcLXqJAsreRGVxArzn6LayQ%3Fsign%3D2547136621%26location%3Dhttps%253A%252F%252Fmc.yandex.ru%252Fwatch%252F65195605
Request Chain 156
  • https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Request Chain 164
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YecrrDauzNAk6TGVDp7kCAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL_Wuz8ClAFiFDL0HkgokBs&google_cver=1&gdpr=1
Request Chain 165
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YecrrDauzNAk6TGVDp7kCAAABKIAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YecrrDauzNAk6TGVDp7kCAAABKIAAAIB&dcc=t
Request Chain 166
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4587394172656973229
Request Chain 168
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-1e960894-312e-4e64-b61a-03bead310d07
Request Chain 169
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 190
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YecrrDauzNAk6TGVDp7kCAAABKIAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YecrrDauzNAk6TGVDp7kCAAABKIAAAIB&dcc=t
Request Chain 191
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=mbo_kp3pO8aC6jucmu13kJizO8eCs2_DzbMZi7M2
Request Chain 194
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 214
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=19d261e7-2bac-4500-97fe-4eabb68131f6&gdpr=1&gdpr_consent=
Request Chain 215
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YecrrDauzNAk6TGVDp7kCAAA%261186?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YecrrDauzNAk6TGVDp7kCAAA%261186?gdpr_consent=&us_privacy=&gdpr=1
Request Chain 216
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1642626348&gdpr=1

218 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.posttoday.com/
Redirect Chain
  • http://posttoday.com/
  • https://posttoday.com/
  • https://www.posttoday.com/
175 KB
28 KB
Document
General
Full URL
https://www.posttoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:404:200::32ab , France, ASN16276 (OVH, FR),
Reverse DNS
Software
bytex/1.20.2 /
Resource Hash
722e750231d59aad95a9ba4bbaebc2729d1ba22595eda94ce9ba3f68f75f4c1c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
bytex/1.20.2
date
Tue, 18 Jan 2022 21:05:45 GMT
content-type
text/html; charset=UTF-8
content-length
28094
cache-control
max-age=30, public
expires
Tue, 18 Jan 2022 21:06:02 GMT
vary
Accept-Encoding
content-encoding
gzip
x-varnish
282296708 280697570
age
12
via
1.1 varnish (Varnish/5.2)
x-cache
HIT
x-byteark-cache
BYPASS from csw-th-csl-3 hop 2 BYPASS from fr-sbg-1 hop 1
x-byteark-reqid
d5fdd1abea6a9d0810079df3b0322fa5 a7aafb3bb9d7be7e41b78245144ce087
accept-ranges
bytes

Redirect headers

Location
https://www.posttoday.com/
Server
bytex/1.14.0
Date
Tue, 18 Jan 2022 21:05:44 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
234
Connection
keep-alive
Cache-Control
max-age=300
Expires
Tue, 18 Jan 2022 21:07:24 GMT
X-Varnish
281677534 276651699
Age
199
Via
1.1 varnish (Varnish/5.2)
X-Cache
HIT
ats.js
anymind360.com/js/5482/
127 KB
28 KB
Script
General
Full URL
https://anymind360.com/js/5482/ats.js
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b9734112598bbb0fc8b5b453c37c2dbc8c9aa3902e49bccf6b144113478ceeed
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:45 GMT
content-encoding
gzip
age
51579
x-guploader-uploadid
ADPycdtcT9FiuLwt9RoJcbg9zt4TsDPQaOOaFkzA_b4_xQhVjvCq7GMfTRUy-8eMoku-5iAvrVNbdfSoiZnaawU_WeA
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
strict-transport-security
max-age=300
content-length
27913
x-served-by
cache-tyo11958-TYO, cache-hhn4062-HHN
access-control-allow-origin
*
expires
Tue, 18 Jan 2022 06:46:05 GMT
last-modified
Fri, 07 Jan 2022 06:14:54 GMT
server
UploadServer
x-timer
S1642539945.225926,VS0,VE1
etag
"7e7b4711d84d1ff0402dd619da5b0077"
vary
Accept-Encoding
x-goog-hash
crc32c=uWomUg==, md5=fntHEdhNH/BALdYZ2lsAdw==
x-goog-generation
1641536094306764
via
1.1 varnish, 1.1 varnish
access-control-expose-headers
Content-Type
cache-control
max-age=43200
x-goog-stored-content-length
27913
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
x-cache-hits
2, 1
bootstrap.min.css
static.posttoday.com/v5/assets/bootstrap/css/
152 KB
31 KB
Stylesheet
General
Full URL
https://static.posttoday.com/v5/assets/bootstrap/css/bootstrap.min.css
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
d6d38f11b1a4207f3e78042eb868b8441aa9dbd2a66704cdf7c890d45c54e379

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
gzip
age
69
x-cache
HIT
content-length
31221
access-control-allow-origin
null
last-modified
Tue, 18 Jan 2022 21:04:36 GMT
server
bytex/1.14.0
etag
W/"261cc-5d5e1a23f20a8-gzip"
vary
Accept-Encoding
x-varnish
280828876 280828592
via
1.1 varnish (Varnish/5.2)
cache-control
max-age=2592000
accept-ranges
bytes
content-type
text/css
expires
Thu, 17 Feb 2022 21:04:36 GMT
homepage.min.css
static.posttoday.com/v5/assets/css/
164 KB
45 KB
Stylesheet
General
Full URL
https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
4f3dce90491e78a544fb576daf0acf72adb27d7b499e80d3c0436469211fc14e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
gzip
age
336
x-cache
HIT
content-length
45754
access-control-allow-origin
null
last-modified
Thu, 06 Jan 2022 10:47:08 GMT
server
bytex/1.14.0
etag
"291af-5d4e7978c0739-gzip"
vary
Accept-Encoding
x-varnish
281972520 281872733
via
1.1 varnish (Varnish/5.2)
cache-control
max-age=2592000
accept-ranges
bytes
content-type
text/css
expires
Thu, 17 Feb 2022 21:00:09 GMT
owl.carousel.min.css
static.posttoday.com/v5/assets/js/plugins/owlcarousel/
3 KB
1 KB
Stylesheet
General
Full URL
https://static.posttoday.com/v5/assets/js/plugins/owlcarousel/owl.carousel.min.css
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
gzip
age
69
x-cache
HIT
content-length
1145
access-control-allow-origin
null
last-modified
Thu, 26 Mar 2020 10:20:29 GMT
server
bytex/1.14.0
etag
"d17-5a1bf55829540-gzip"
vary
Accept-Encoding
x-varnish
277471513 282231710
via
1.1 varnish (Varnish/5.2)
cache-control
max-age=2592000
accept-ranges
bytes
content-type
text/css
expires
Thu, 17 Feb 2022 21:04:36 GMT
owl.theme.default.min.css
static.posttoday.com/v5/assets/js/plugins/owlcarousel/
1013 B
818 B
Stylesheet
General
Full URL
https://static.posttoday.com/v5/assets/js/plugins/owlcarousel/owl.theme.default.min.css
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
gzip
age
47
x-cache
HIT
content-length
487
access-control-allow-origin
null
last-modified
Thu, 26 Mar 2020 10:20:29 GMT
server
bytex/1.14.0
etag
"3f5-5a1bf55829540-gzip"
vary
Accept-Encoding
x-varnish
280143219 281319323
via
1.1 varnish (Varnish/5.2)
cache-control
max-age=2592000
accept-ranges
bytes
content-type
text/css
expires
Thu, 17 Feb 2022 21:04:58 GMT
widget-posttodaycom.js
code.th.giraff.io/data/
226 KB
44 KB
Script
General
Full URL
https://code.th.giraff.io/data/widget-posttodaycom.js
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22c36221393484dc267d14346481e0780b0dac4fe2e42b64ef12dff2ee3711c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 11 Jan 2022 06:57:43 GMT
server
cloudflare
age
18
etag
W/"61dd2a67-38825"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
cf-ray
6cfac88ab8dd4df4-FRA
expires
Tue, 18 Jan 2022 21:06:27 GMT
37jtdo74.js
js.ptengine.com/
78 KB
25 KB
Script
General
Full URL
https://js.ptengine.com/37jtdo74.js
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:9600:14:3d35:8f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2d5e1fa3a474720086cf538ca07ab1c43b692f3be86f0402becca4c21f89ff2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:04:37 GMT
content-encoding
gzip
last-modified
Sun, 16 Jan 2022 15:00:46 GMT
server
AmazonS3
age
69
etag
W/"935b2b26ff12a5b1ca78af5fea00afd8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
cache-control
public,max-age=300
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
zYfEKEYRR6tygteVoobOX24mYY6dM3KIAdwD1HpxF9jFiEVO81CCSQ==
plugin.min.js
get.optad360.io/sf/285b934d-8abb-4108-86a2-2988475d1aa8/
382 KB
91 KB
Script
General
Full URL
https://get.optad360.io/sf/285b934d-8abb-4108-86a2-2988475d1aa8/plugin.min.js
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:ba00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
22ecaa4f37ea3970ea41ffbc7c7a1dc1225e7405e47b6ac1df1cbf7145938214

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 20:15:59 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 09:52:54 GMT
server
AmazonS3
age
2988
etag
W/"3d74d42cc6862666f2a746295e0b1b03"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
ZC8FoG3rLGv7NAbMjd2jP-Yjc5QzsMxD7p1Yd3JN3LB039afWMv1RA==
logo.svg
static.posttoday.com/v5/assets/images/
39 KB
29 KB
Image
General
Full URL
https://static.posttoday.com/v5/assets/images/logo.svg?v=2
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
9a6c61699f72d8b1b079967da693a58134229457ac8f32a39ef42bb6da57e1a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
gzip
age
69
x-cache
HIT
content-length
29131
access-control-allow-origin
null
last-modified
Thu, 07 Jan 2021 05:01:10 GMT
server
bytex/1.14.0
etag
"9deb-5b848540e0e20-gzip"
vary
Accept-Encoding
x-varnish
278249357 279882132
via
1.1 varnish (Varnish/5.2)
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
expires
Wed, 18 Jan 2023 21:04:37 GMT
logo-ptd-exclusive.svg
static.posttoday.com/v5/assets/images/icon/
8 KB
3 KB
Image
General
Full URL
https://static.posttoday.com/v5/assets/images/icon/logo-ptd-exclusive.svg?v=2
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
98156b1e259cce75cc79919f806650e15c2e2362f57f929e00dc55290bfefc68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
gzip
age
69
x-cache
HIT
content-length
3152
access-control-allow-origin
null
last-modified
Fri, 05 Feb 2021 16:06:41 GMT
server
bytex/1.14.0
etag
"206b-5ba990182d51f-gzip"
vary
Accept-Encoding
x-varnish
277471525 281353269
via
1.1 varnish (Varnish/5.2)
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
expires
Wed, 18 Jan 2023 21:04:37 GMT
logo-ptd-channel.svg
static.posttoday.com/v5/assets/images/icon/
1 KB
937 B
Image
General
Full URL
https://static.posttoday.com/v5/assets/images/icon/logo-ptd-channel.svg
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
8fcbe0885b3adebbaab7e5b0bf75bd13ccfdf4b08897b3662627a5f510e7d61d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
gzip
age
69
x-cache
HIT
content-length
600
access-control-allow-origin
null
last-modified
Mon, 22 Jun 2020 08:48:46 GMT
server
bytex/1.14.0
etag
"4ff-5a8a84f8a7780-gzip"
vary
Accept-Encoding
x-varnish
278803761 279882135
via
1.1 varnish (Varnish/5.2)
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
expires
Wed, 18 Jan 2023 21:04:37 GMT
logo-ptd-poscast.svg
static.posttoday.com/v5/assets/images/icon/
2 KB
1 KB
Image
General
Full URL
https://static.posttoday.com/v5/assets/images/icon/logo-ptd-poscast.svg
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
e75f38fb2fa126114608a97476d277c868bd9ed6b8de38ded7b3fd8e4ffe73c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
gzip
age
47
x-cache
HIT
content-length
902
access-control-allow-origin
null
last-modified
Mon, 22 Jun 2020 08:49:24 GMT
server
bytex/1.14.0
etag
"862-5a8a851ce4d00-gzip"
vary
Accept-Encoding
x-varnish
281677562 281382315
via
1.1 varnish (Varnish/5.2)
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
expires
Wed, 18 Jan 2023 21:04:59 GMT
E4E570B8B5C5351CCC19C6733F2B4ACB.jpg
static.posttoday.com/media/content/2022/01/18/
101 KB
102 KB
Image
General
Full URL
https://static.posttoday.com/media/content/2022/01/18/E4E570B8B5C5351CCC19C6733F2B4ACB.jpg
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
c9cca91b748dc07f8b46d042f9ccc9eeafddbed50db75b45a01ba09f73adc280

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Tue, 18 Jan 2022 02:54:27 GMT
server
bytex/1.14.0
age
482
etag
"194a6-5d5d263339d19"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
null
cache-control
max-age=2592000
x-varnish
281907425 280013717
accept-ranges
bytes
content-length
103590
expires
Thu, 17 Feb 2022 20:57:43 GMT
C4B7546140340B09698DF098D2CC872F.jpg
static.posttoday.com//media/content/2022/01/18/
115 KB
115 KB
Image
General
Full URL
https://static.posttoday.com//media/content/2022/01/18/C4B7546140340B09698DF098D2CC872F.jpg
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
e438ac631f8be89311c71f2bd535b458310cb08eca53b1a8da45176af9970e03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Mon, 17 Jan 2022 19:15:15 GMT
server
bytex/1.14.0
age
210
etag
"1cbb3-5d5cbf8fbe7be"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
null
cache-control
max-age=2592000
x-varnish
280828884 282102266
accept-ranges
bytes
content-length
117683
expires
Thu, 17 Feb 2022 21:02:16 GMT
D97E2648CF57CC3DC8E6AC860BED159D.jpg
static.posttoday.com/media/content/2022/01/18/
450 KB
451 KB
Image
General
Full URL
https://static.posttoday.com/media/content/2022/01/18/D97E2648CF57CC3DC8E6AC860BED159D.jpg
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
2048205493b3f66f2dbf9e268d9a3e1a0df6b676d87faff7a297470cde4ee77f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Tue, 18 Jan 2022 05:14:53 GMT
server
bytex/1.14.0
age
238
etag
"70878-5d5d4596534ee"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
null
cache-control
max-age=2592000
x-varnish
281941127 282200983
accept-ranges
bytes
content-length
460920
expires
Thu, 17 Feb 2022 21:01:48 GMT
img-post_republic.jpg
static.posttoday.com/v5/assets/images/
170 KB
171 KB
Image
General
Full URL
https://static.posttoday.com/v5/assets/images/img-post_republic.jpg?v=0.1
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
6fa6980399324673ac53f46837c50b75d0a40fe4f4776f2e6c3839db17de198c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Tue, 21 Dec 2021 08:43:35 GMT
server
bytex/1.14.0
age
193
etag
"2a9dc-5d3a400331bc0"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
null
cache-control
max-age=2592000
x-varnish
280828892 281971554
accept-ranges
bytes
content-length
174556
expires
Thu, 17 Feb 2022 21:02:33 GMT
default-pic.jpg
static.posttoday.com/v5/assets/images/bg/
13 KB
13 KB
Image
General
Full URL
https://static.posttoday.com/v5/assets/images/bg/default-pic.jpg
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
e3a1cc912d130bc0d7b87c6dce344372d5fc0bb63098978a285f462bca413d55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Thu, 26 Mar 2020 10:19:32 GMT
server
bytex/1.14.0
age
26
etag
"347a-5a1bf521cd500"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
null
cache-control
max-age=2592000
x-varnish
279163629 279751475
accept-ranges
bytes
content-length
13434
expires
Thu, 17 Feb 2022 21:05:20 GMT
title.svg
static.posttoday.com/v5/assets/specials/covid19/images/
9 KB
4 KB
Image
General
Full URL
https://static.posttoday.com/v5/assets/specials/covid19/images/title.svg
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
94473eba041563e17a4b85192267136a1dd31805805a4eb33e092d16b6b13c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
gzip
age
193
x-cache
HIT
content-length
3271
access-control-allow-origin
null
last-modified
Thu, 04 Jun 2020 03:33:28 GMT
server
bytex/1.14.0
etag
"224e-5a739cecbf200-gzip"
vary
Accept-Encoding
x-varnish
281677564 278248523
via
1.1 varnish (Varnish/5.2)
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
expires
Wed, 18 Jan 2023 21:02:33 GMT
icn-play.svg
static.posttoday.com/v5/assets/images/icon/
449 B
631 B
Image
General
Full URL
https://static.posttoday.com/v5/assets/images/icon/icn-play.svg
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
075e148cb8acb1b10069f3e3969b55163d5f893ace17b9e26ff7f4b8c9ce2e71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
gzip
age
193
x-cache
HIT
content-length
294
access-control-allow-origin
null
last-modified
Thu, 26 Mar 2020 10:19:33 GMT
server
bytex/1.14.0
etag
"1c1-5a1bf522c1740-gzip"
vary
Accept-Encoding
x-varnish
278803763 280957607
via
1.1 varnish (Varnish/5.2)
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
expires
Wed, 18 Jan 2023 21:02:33 GMT
icn-oil.svg
static.posttoday.com/v5/assets/images/icon/
267 B
560 B
Image
General
Full URL
https://static.posttoday.com/v5/assets/images/icon/icn-oil.svg?v=3
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
4d60047d766f93cf65c5a7d2128fcaa3b8a004476822b221eaea253754087e00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
gzip
age
192
x-cache
HIT
content-length
224
access-control-allow-origin
null
last-modified
Fri, 05 Feb 2021 16:06:41 GMT
server
bytex/1.14.0
etag
"10b-5ba990178c2ff-gzip"
vary
Accept-Encoding
x-varnish
282202231 281940208
via
1.1 varnish (Varnish/5.2)
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
expires
Wed, 18 Jan 2023 21:02:33 GMT
icn-gold.svg
static.posttoday.com/v5/assets/images/icon/
988 B
721 B
Image
General
Full URL
https://static.posttoday.com/v5/assets/images/icon/icn-gold.svg?v=3
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
45e7f24007b553b7cc21e8fe4c59f7d9c3e56b98c18362ef8d4007dbd3bb3a71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
gzip
age
192
x-cache
HIT
content-length
384
access-control-allow-origin
null
last-modified
Fri, 05 Feb 2021 16:06:40 GMT
server
bytex/1.14.0
etag
"3dc-5ba99016cdc1f-gzip"
vary
Accept-Encoding
x-varnish
278249359 282263706
via
1.1 varnish (Varnish/5.2)
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
expires
Wed, 18 Jan 2023 21:02:33 GMT
icn-lottery.svg
static.posttoday.com/v5/assets/images/icon/
606 B
626 B
Image
General
Full URL
https://static.posttoday.com/v5/assets/images/icon/icn-lottery.svg?v=3
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
a7241608256d88ffab1bd33bdfbf937910aa6759a1fafff64e551d4f1bda8ecb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
gzip
age
192
x-cache
HIT
content-length
289
access-control-allow-origin
null
last-modified
Fri, 05 Feb 2021 16:06:41 GMT
server
bytex/1.14.0
etag
"25e-5ba990178c2ff-gzip"
vary
Accept-Encoding
x-varnish
280565739 281318482
via
1.1 varnish (Varnish/5.2)
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
expires
Wed, 18 Jan 2023 21:02:34 GMT
icn-horoscope.svg
static.posttoday.com/v5/assets/images/icon/
604 B
698 B
Image
General
Full URL
https://static.posttoday.com/v5/assets/images/icon/icn-horoscope.svg?v=3
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
dbfb3626a3ecad483b328cf8b3ae41210c7fd27a87655cbb5f8b5195ecb7cc1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
gzip
age
192
x-cache
HIT
content-length
361
access-control-allow-origin
null
last-modified
Fri, 05 Feb 2021 16:06:40 GMT
server
bytex/1.14.0
etag
"25c-5ba990172046f-gzip"
vary
Accept-Encoding
x-varnish
281972530 280862696
via
1.1 varnish (Varnish/5.2)
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
expires
Wed, 18 Jan 2023 21:02:34 GMT
style-covid.css
static.posttoday.com/v5/assets/specials/covid19/css/
48 KB
12 KB
Stylesheet
General
Full URL
https://static.posttoday.com/v5/assets/specials/covid19/css/style-covid.css?v=1014.029
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
41a7355e848938453b05976c539fcd8da0b14a8d400c6715229ce13b34fb1f1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
gzip
age
482
x-cache
HIT
content-length
11840
access-control-allow-origin
null
last-modified
Wed, 30 Jun 2021 12:54:35 GMT
server
bytex/1.14.0
etag
"be27-5c5fb398437fc-gzip"
vary
Accept-Encoding
x-varnish
279882514 282198958
via
1.1 varnish (Varnish/5.2)
cache-control
max-age=2592000
accept-ranges
bytes
content-type
text/css
expires
Thu, 17 Feb 2022 20:57:43 GMT
postgroup-logo_white.svg
static.posttoday.com/v5/assets/images/
13 KB
5 KB
Image
General
Full URL
https://static.posttoday.com/v5/assets/images/postgroup-logo_white.svg
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
5061a48f48001768acf5e74d06a12779d4dcd1bc40e356729c8f531d751d8fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
gzip
age
593
x-cache
HIT
content-length
5257
access-control-allow-origin
null
last-modified
Thu, 26 Mar 2020 10:19:07 GMT
server
bytex/1.14.0
etag
"35ff-5a1bf509f5cc0-gzip"
vary
Accept-Encoding
x-varnish
280958813 282100546
via
1.1 varnish (Varnish/5.2)
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
expires
Wed, 18 Jan 2023 20:55:53 GMT
asyncjs.php
ads3.bangkokpost.co.th/www/delivery/
8 KB
4 KB
Script
General
Full URL
https://ads3.bangkokpost.co.th/www/delivery/asyncjs.php
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.221 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-221.northern.inet.co.th
Software
nginx/1.10.2 /
Resource Hash
6fd3e1b4fcf15dea30fbf3ae4de901e3d48bca5c4ff78cce29b2440c198c8e2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 21:05:47 GMT
Content-Encoding
gzip
Server
nginx/1.10.2
P3P
CP="CUR ADM OUR NOR STA NID"
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
private, max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
Expire
Tue, 18 Jan 2022 22:05:47 GMT
all.min.css
static.posttoday.com/v5/assets/css/
56 KB
14 KB
Stylesheet
General
Full URL
https://static.posttoday.com/v5/assets/css/all.min.css
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
43f5160aa6bddeb7253e113f6f5a2e1ac41ed489f078374e63e55e95a2516368

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
gzip
age
67
x-cache
HIT
content-length
14070
access-control-allow-origin
null
last-modified
Tue, 18 Jan 2022 21:04:39 GMT
server
bytex/1.14.0
etag
W/"de0e-5d5e1a2408038-gzip"
vary
Accept-Encoding
x-varnish
281907421 281483901
via
1.1 varnish (Varnish/5.2)
cache-control
max-age=2592000
accept-ranges
bytes
content-type
text/css
expires
Thu, 17 Feb 2022 21:04:39 GMT
animate.min.css
static.posttoday.com/v5/assets/css/
57 KB
6 KB
Stylesheet
General
Full URL
https://static.posttoday.com/v5/assets/css/animate.min.css
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
gzip
age
26
x-cache
HIT
content-length
5837
access-control-allow-origin
null
last-modified
Thu, 26 Mar 2020 10:18:53 GMT
server
bytex/1.14.0
etag
"e311-5a1bf4fc9bd40-gzip"
vary
Accept-Encoding
x-varnish
280828880 281972255
via
1.1 varnish (Varnish/5.2)
cache-control
max-age=2592000
accept-ranges
bytes
content-type
text/css
expires
Thu, 17 Feb 2022 21:05:19 GMT
jquery.fancybox.min.css
static.posttoday.com/v5/assets/js/plugins/facybox/
12 KB
4 KB
Stylesheet
General
Full URL
https://static.posttoday.com/v5/assets/js/plugins/facybox/jquery.fancybox.min.css
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
gzip
age
26
x-cache
HIT
content-length
3606
access-control-allow-origin
null
last-modified
Thu, 26 Mar 2020 10:20:28 GMT
server
bytex/1.14.0
etag
"31fb-5a1bf55735300-gzip"
vary
Accept-Encoding
x-varnish
281907423 281120656
via
1.1 varnish (Varnish/5.2)
cache-control
max-age=2592000
accept-ranges
bytes
content-type
text/css
expires
Thu, 17 Feb 2022 21:05:19 GMT
jquery.min.js
static.posttoday.com/v5/assets/js/
82 KB
34 KB
Script
General
Full URL
https://static.posttoday.com/v5/assets/js/jquery.min.js
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
gzip
age
130
x-cache
HIT
content-length
34416
access-control-allow-origin
null
last-modified
Thu, 26 Mar 2020 10:19:09 GMT
server
bytex/1.14.0
etag
"14915-5a1bf50bde140-gzip"
vary
Accept-Encoding
x-varnish
280828882 281120138
via
1.1 varnish (Varnish/5.2)
cache-control
max-age=0
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 18 Jan 2022 21:03:36 GMT
lazysizes.min.js
static.posttoday.com/v5/assets/js/
7 KB
4 KB
Script
General
Full URL
https://static.posttoday.com/v5/assets/js/lazysizes.min.js
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
81c51567c8e62fcaee19b8c95a0ce8d206c72e89dfa871134cbef2ed31ee42e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
gzip
age
124
x-cache
HIT
content-length
3573
access-control-allow-origin
null
last-modified
Thu, 26 Mar 2020 10:19:10 GMT
server
bytex/1.14.0
etag
"1c43-5a1bf50cd2380-gzip"
vary
Accept-Encoding
x-varnish
278803759 281483457
via
1.1 varnish (Varnish/5.2)
cache-control
max-age=0
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 18 Jan 2022 21:03:41 GMT
bootstrap.min.js
static.posttoday.com/v5/assets/bootstrap/js/
57 KB
19 KB
Script
General
Full URL
https://static.posttoday.com/v5/assets/bootstrap/js/bootstrap.min.js
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
gzip
age
120
x-cache
HIT
content-length
19018
access-control-allow-origin
null
last-modified
Thu, 26 Mar 2020 10:19:13 GMT
server
bytex/1.14.0
etag
"e2d8-5a1bf50faea40-gzip"
vary
Accept-Encoding
x-varnish
281677560 282102925
via
1.1 varnish (Varnish/5.2)
cache-control
max-age=0
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 18 Jan 2022 21:03:46 GMT
owl.carousel.min.js
static.posttoday.com/v5/assets/js/plugins/owlcarousel/
43 KB
14 KB
Script
General
Full URL
https://static.posttoday.com/v5/assets/js/plugins/owlcarousel/owl.carousel.min.js
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
gzip
age
141
x-cache
HIT
content-length
13727
access-control-allow-origin
null
last-modified
Thu, 26 Mar 2020 10:20:29 GMT
server
bytex/1.14.0
etag
"ad36-5a1bf55829540-gzip"
vary
Accept-Encoding
x-varnish
278249355 281319066
via
1.1 varnish (Varnish/5.2)
cache-control
max-age=0
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 18 Jan 2022 21:03:25 GMT
homepage.min.js
static.posttoday.com/v5/assets/js/
31 KB
8 KB
Script
General
Full URL
https://static.posttoday.com/v5/assets/js/homepage.min.js?v=1014.029
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
3b2c5e3232f48afaf0db3f38d6152d4d88eac8801a1b38b3e14188b754691065

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
gzip
age
578
x-cache
HIT
content-length
8275
access-control-allow-origin
null
last-modified
Fri, 07 Jan 2022 08:07:38 GMT
server
bytex/1.14.0
etag
"7d43-5d4f97afc263f-gzip"
vary
Accept-Encoding
x-varnish
277471523 281871134
via
1.1 varnish (Varnish/5.2)
cache-control
max-age=0
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 18 Jan 2022 20:56:08 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
78 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/5482/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
caedfb914856a2599d978d3c481f2702a1ef61eebbffc0e7939f0f0f77183e5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26965
x-xss-protection
0
server
sffe
etag
"1106 / 414 of 1000 / last-modified: 1642537328"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 18 Jan 2022 21:05:46 GMT
gtm.js
www.googletagmanager.com/
147 KB
53 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KC65SG8
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2a082f30e174e99ffe0951438a98b548ae364188f2ffb7f8ba9a454a52fbe8e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53878
x-xss-protection
0
expires
Tue, 18 Jan 2022 21:05:46 GMT
pn
collect.ptengine.jp/
0
235 B
XHR
General
Full URL
https://collect.ptengine.jp/pn
Requested by
Host: js.ptengine.com
URL: https://js.ptengine.com/37jtdo74.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.67.80.103 Nakano, Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.posttoday.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 18 Jan 2022 21:05:47 GMT
Server
openresty
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With
Access-Control-Allow-Methods
GET,POST,OPTIONS
set.php
www.posttoday.com/ Frame C5C2
29 KB
6 KB
Document
General
Full URL
https://www.posttoday.com/set.php
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:404:200::32ab , France, ASN16276 (OVH, FR),
Reverse DNS
Software
bytex/1.20.2 /
Resource Hash
cbb78617d744c8b0d8b87ab234850064deafa51dc5d581918d6b13c86cc4d8bd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/

Response headers

server
bytex/1.20.2
date
Tue, 18 Jan 2022 21:05:47 GMT
content-type
text/html; charset=UTF-8
content-length
5956
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=300
expires
Tue, 18 Jan 2022 21:10:46 GMT
x-varnish
280828889
age
0
via
1.1 varnish (Varnish/5.2)
x-cache
MISS
x-byteark-cache
BYPASS from csw-th-csl-3 hop 2 BYPASS from fr-sbg-1 hop 1
x-byteark-reqid
c153dedc63c1ae00e2d568181f46cf08 7fb566db99566c7f7e893c187b4f4924
accept-ranges
bytes
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2175c26f2625ea713115d2d5e8ca79244ee47c86e9dcfec7296490273b6c430

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
bg-wuhan.png
static.posttoday.com/v5/assets/images/
0
0
Image
General
Full URL
https://static.posttoday.com/v5/assets/images/bg-wuhan.png
Requested by
Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

icon-confirmed.svg
static.posttoday.com/v5/assets/images/
0
0
Image
General
Full URL
https://static.posttoday.com/v5/assets/images/icon-confirmed.svg
Requested by
Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

truncated
/
764 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca9aca2116420e96bd190c9c8e464ccbdd4b34f621433179a28193e6cfea1c78

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a382852d715c5555d4bc5d3abf5e7d6c21a7a755604e254b129e73c562fbdfe1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
Prompt-Bold.woff
static.posttoday.com/v5/assets/fonts/
74 KB
75 KB
Font
General
Full URL
https://static.posttoday.com/v5/assets/fonts/Prompt-Bold.woff
Requested by
Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
2885fdd84c44f8a95e9e235fe12a02825f51128378919036587582bcd940ab44

Request headers

Referer
https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Origin
https://www.posttoday.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Thu, 26 Mar 2020 10:18:58 GMT
server
bytex/1.14.0
age
95
etag
"128f8-5a1bf50160880"
x-cache
HIT
content-type
application/font-woff
access-control-allow-origin
https://www.posttoday.com
cache-control
max-age=0
x-varnish
278249363 281483805
accept-ranges
bytes
content-length
76024
expires
Tue, 18 Jan 2022 21:04:12 GMT
Prompt-Light.woff
static.posttoday.com/v5/assets/fonts/
69 KB
70 KB
Font
General
Full URL
https://static.posttoday.com/v5/assets/fonts/Prompt-Light.woff
Requested by
Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
009ab3d50ca3651a5697f8ef010fd782f6c0c32beeef7c16ae2f91e62d9617bf

Request headers

Referer
https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Origin
https://www.posttoday.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Thu, 26 Mar 2020 10:19:01 GMT
server
bytex/1.14.0
age
149
etag
"115e0-5a1bf5043cf40"
x-cache
HIT
content-type
application/font-woff
access-control-allow-origin
https://www.posttoday.com
cache-control
max-age=0
x-varnish
279163646 282231159
accept-ranges
bytes
content-length
71136
expires
Tue, 18 Jan 2022 21:03:17 GMT
Prompt-SemiBold.woff
static.posttoday.com/v5/assets/fonts/
72 KB
73 KB
Font
General
Full URL
https://static.posttoday.com/v5/assets/fonts/Prompt-SemiBold.woff
Requested by
Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
caf6402386047d4b5898d99b30bb020045d28a629e678ec91a5c3799dac7275b

Request headers

Referer
https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Origin
https://www.posttoday.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Thu, 26 Mar 2020 10:19:03 GMT
server
bytex/1.14.0
age
149
etag
"121e4-5a1bf506253c0"
x-cache
HIT
content-type
application/font-woff
access-control-allow-origin
https://www.posttoday.com
cache-control
max-age=0
x-varnish
281777187 280992186
accept-ranges
bytes
content-length
74212
expires
Tue, 18 Jan 2022 21:03:17 GMT
Prompt-ExtraBold.woff
static.posttoday.com/v5/assets/fonts/
74 KB
74 KB
Font
General
Full URL
https://static.posttoday.com/v5/assets/fonts/Prompt-ExtraBold.woff
Requested by
Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
0686c2e0b058140463ba24aac3cbdb9c8c8b6daba8a56a770f282f37008ca0b9

Request headers

Referer
https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Origin
https://www.posttoday.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Thu, 26 Mar 2020 10:18:59 GMT
server
bytex/1.14.0
age
81
etag
"1284c-5a1bf50254ac0"
x-cache
HIT
content-type
application/font-woff
access-control-allow-origin
https://www.posttoday.com
cache-control
max-age=0
x-varnish
280992596 280928550
accept-ranges
bytes
content-length
75852
expires
Tue, 18 Jan 2022 21:04:25 GMT
Prompt-Medium.woff
static.posttoday.com/v5/assets/fonts/
73 KB
74 KB
Font
General
Full URL
https://static.posttoday.com/v5/assets/fonts/Prompt-Medium.woff
Requested by
Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
4247a06a2db9b19dc18c180de3b04c5bb958f333a26761167047f8929cda047c

Request headers

Referer
https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Origin
https://www.posttoday.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Thu, 26 Mar 2020 10:19:02 GMT
server
bytex/1.14.0
age
147
etag
"12550-5a1bf50531180"
x-cache
HIT
content-type
application/font-woff
access-control-allow-origin
https://www.posttoday.com
cache-control
max-age=0
x-varnish
279553215 281809688
accept-ranges
bytes
content-length
75088
expires
Tue, 18 Jan 2022 21:03:19 GMT
Prompt-Regular.woff
static.posttoday.com/v5/assets/fonts/
71 KB
72 KB
Font
General
Full URL
https://static.posttoday.com/v5/assets/fonts/Prompt-Regular.woff
Requested by
Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
940910ba244bf102e4c493b9bd17a454beb20a2f68d580407f2b681a3881cca4

Request headers

Referer
https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Origin
https://www.posttoday.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Thu, 26 Mar 2020 10:19:02 GMT
server
bytex/1.14.0
age
149
etag
"11dc8-5a1bf50531180"
x-cache
HIT
content-type
application/font-woff
access-control-allow-origin
https://www.posttoday.com
cache-control
max-age=0
x-varnish
280762094 274856724
accept-ranges
bytes
content-length
73160
expires
Tue, 18 Jan 2022 21:03:17 GMT
Flaticon.woff2
static.posttoday.com/v5/assets/fonts/
732 B
1 KB
Font
General
Full URL
https://static.posttoday.com/v5/assets/fonts/Flaticon.woff2
Requested by
Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
97194010d2e42471b725d5b8a229160262765f434b6a0c82165e3ff35554f1eb

Request headers

Referer
https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Origin
https://www.posttoday.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Thu, 26 Mar 2020 10:18:57 GMT
server
bytex/1.14.0
age
392
etag
"2dc-5a1bf5006c640"
x-cache
HIT
x-varnish
280958819 280957078
access-control-allow-origin
https://www.posttoday.com
cache-control
max-age=0
accept-ranges
bytes
content-length
732
expires
Tue, 18 Jan 2022 20:59:15 GMT
Prompt-Italic.woff
static.posttoday.com/v5/assets/fonts/
78 KB
78 KB
Font
General
Full URL
https://static.posttoday.com/v5/assets/fonts/Prompt-Italic.woff
Requested by
Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
7efae2eab2d7f14a8938bfc77d598c75534a9a8fdcb60103d5603e12771e68fb

Request headers

Referer
https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Origin
https://www.posttoday.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Thu, 26 Mar 2020 10:19:01 GMT
server
bytex/1.14.0
age
12
etag
"13610-5a1bf5043cf40"
x-cache
HIT
content-type
application/font-woff
access-control-allow-origin
https://www.posttoday.com
cache-control
max-age=0
x-varnish
280373562 282069888
accept-ranges
bytes
content-length
79376
expires
Tue, 18 Jan 2022 21:05:34 GMT
advert.gif
code.th.giraff.io/data/
34 B
248 B
Image
General
Full URL
https://code.th.giraff.io/data/advert.gif
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
cf-cache-status
HIT
age
4
cf-polished
origFmt=gif, origSize=43
content-disposition
inline; filename="advert.webp"
content-length
34
last-modified
Thu, 21 Oct 2021 12:25:13 GMT
server
cloudflare
etag
"61715c29-2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Tue, 18 Jan 2022 21:06:42 GMT
cache-control
max-age=60
accept-ranges
bytes
cf-ray
6cfac88b6a1d4df4-FRA
cf-bgj
imgq:85,h2pri
bg-wuhan.png
static.posttoday.com/v5/assets/specials/covid19/images/
172 KB
173 KB
Image
General
Full URL
https://static.posttoday.com/v5/assets/specials/covid19/images/bg-wuhan.png
Requested by
Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/specials/covid19/css/style-covid.css?v=1014.029
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
59e2112dc4823be587500d697b9a932b0276b440a124606c49db297ca0a6ec5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.posttoday.com/v5/assets/specials/covid19/css/style-covid.css?v=1014.029
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Tue, 09 Jun 2020 02:56:30 GMT
server
bytex/1.14.0
age
64
etag
"2b191-5a79ddfccd380"
x-cache
HIT
content-type
image/png
access-control-allow-origin
null
cache-control
max-age=2592000
x-varnish
281319723 280863133
accept-ranges
bytes
content-length
176529
expires
Thu, 17 Feb 2022 21:04:42 GMT
icon-confirmed.svg
static.posttoday.com/v5/assets/specials/covid19/images/
5 KB
2 KB
Image
General
Full URL
https://static.posttoday.com/v5/assets/specials/covid19/images/icon-confirmed.svg
Requested by
Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/specials/covid19/css/style-covid.css?v=1014.029
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
d05513e2959ea11614045121e853a8e882695f0eb5d7291155106f7eec6bdf9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.posttoday.com/v5/assets/specials/covid19/css/style-covid.css?v=1014.029
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
gzip
age
481
x-cache
HIT
content-length
1402
access-control-allow-origin
null
last-modified
Fri, 27 Mar 2020 03:57:19 GMT
server
bytex/1.14.0
etag
"1422-5a1ce190a65c0-gzip"
vary
Accept-Encoding
x-varnish
280373542 282068040
via
1.1 varnish (Varnish/5.2)
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
expires
Wed, 18 Jan 2023 20:57:45 GMT
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
124eb255d92ac5357ff4362e843affd06dc1fbebbb4d48346eb909158ba4807b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
Prompt-ExtraLight.woff
static.posttoday.com/v5/assets/fonts/
70 KB
71 KB
Font
General
Full URL
https://static.posttoday.com/v5/assets/fonts/Prompt-ExtraLight.woff
Requested by
Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
d366bf0c07f62d65646fb3634fca7387ff49319dafae9c290685570fd445ba61

Request headers

Referer
https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Origin
https://www.posttoday.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Thu, 26 Mar 2020 10:19:00 GMT
server
bytex/1.14.0
age
124
etag
"118f0-5a1bf50348d00"
x-cache
HIT
content-type
application/font-woff
access-control-allow-origin
https://www.posttoday.com
cache-control
max-age=0
x-varnish
282232150 281809880
accept-ranges
bytes
content-length
71920
expires
Tue, 18 Jan 2022 21:03:42 GMT
Prompt-LightItalic.woff
static.posttoday.com/v5/assets/fonts/
76 KB
76 KB
Font
General
Full URL
https://static.posttoday.com/v5/assets/fonts/Prompt-LightItalic.woff
Requested by
Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
3ad2c2c669dba9e4621ac7680295690290253db3d7313241ee068e65684fe0b9

Request headers

Referer
https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Origin
https://www.posttoday.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Thu, 26 Mar 2020 10:19:01 GMT
server
bytex/1.14.0
age
431
etag
"12ed8-5a1bf5043cf40"
x-cache
HIT
content-type
application/font-woff
access-control-allow-origin
https://www.posttoday.com
cache-control
max-age=0
x-varnish
279687091 279161996
accept-ranges
bytes
content-length
77528
expires
Tue, 18 Jan 2022 20:58:35 GMT
posttodaycom.js
data.th.giraff.io/track/
80 B
350 B
Script
General
Full URL
https://data.th.giraff.io/track/posttodaycom.js?r=&u=https%3A%2F%2Fwww.posttoday.com%2F&rand=0.15348224053388249&v=1_107_0&vis=1&callback=cbGeo368035580&sp=h
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-posttodaycom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
43.134.100.94 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
6a40a1e04e084b581cd3f4049a011cbad11c6f4d50057fc4b3f8eaa84ddea1be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
fa-solid-900.woff2
static.posttoday.com/v5/assets/fonts/
74 KB
74 KB
Font
General
Full URL
https://static.posttoday.com/v5/assets/fonts/fa-solid-900.woff2
Requested by
Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/all.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be

Request headers

Referer
https://static.posttoday.com/v5/assets/css/all.min.css
Origin
https://www.posttoday.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Thu, 26 Mar 2020 10:18:57 GMT
server
bytex/1.14.0
age
108
etag
"127d0-5a1bf5006c640"
x-cache
HIT
x-varnish
279163633 280565369
access-control-allow-origin
https://www.posttoday.com
cache-control
max-age=0
accept-ranges
bytes
content-length
75728
expires
Tue, 18 Jan 2022 21:03:58 GMT
fa-regular-400.woff2
static.posttoday.com/v5/assets/fonts/
13 KB
14 KB
Font
General
Full URL
https://static.posttoday.com/v5/assets/fonts/fa-regular-400.woff2
Requested by
Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/all.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
0fc0a22e5e67c95d02c389a1454acc67df53e2f6a46af739f3eac7e352644751

Request headers

Referer
https://static.posttoday.com/v5/assets/css/all.min.css
Origin
https://www.posttoday.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Thu, 26 Mar 2020 10:18:56 GMT
server
bytex/1.14.0
age
114
etag
"3510-5a1bf4ff78400"
x-cache
HIT
x-varnish
278803767 278508360
access-control-allow-origin
https://www.posttoday.com
cache-control
max-age=0
accept-ranges
bytes
content-length
13584
expires
Tue, 18 Jan 2022 21:03:52 GMT
fa-brands-400.woff2
static.posttoday.com/v5/assets/fonts/
74 KB
74 KB
Font
General
Full URL
https://static.posttoday.com/v5/assets/fonts/fa-brands-400.woff2
Requested by
Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/all.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843

Request headers

Referer
https://static.posttoday.com/v5/assets/css/all.min.css
Origin
https://www.posttoday.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Thu, 26 Mar 2020 10:18:56 GMT
server
bytex/1.14.0
age
114
etag
"12648-5a1bf4ff78400"
x-cache
HIT
x-varnish
281941131 280565335
access-control-allow-origin
https://www.posttoday.com
cache-control
max-age=0
accept-ranges
bytes
content-length
75336
expires
Tue, 18 Jan 2022 21:03:52 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KC65SG8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
280
date
Tue, 18 Jan 2022 21:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 18 Jan 2022 23:01:06 GMT
hotjar-596629.js
static.hotjar.com/c/
4 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-596629.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KC65SG8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-37.fra56.r.cloudfront.net
Software
/
Resource Hash
13ace358b54fba8a340692970cd0b9b7218bae1c2cb543fb44397d857d710268
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
18
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1912
access-control-allow-origin
*
x-cache-hit
1
etag
W/e94d01804b2a54e7e73629da67bb28f2
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
cache-control
max-age=60
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
-N5yL0-bHOvDbuvLU9IjijHxdDcEOquUy-qisgHjR2aKZmWlEKx-kA==
fbevents.js
connect.facebook.net/en_US/
98 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
kTFyZXENS1fzJZUsRq2HT65Q79LT55MEsASbVdhqsWI4scfhbrIlRGN+IyqKDzpVW8JbmwpB7P7kTN2oPf6xXg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 18 Jan 2022 21:05:46 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ins.js
posttoday.api.useinsider.com/
280 KB
78 KB
Script
General
Full URL
https://posttoday.api.useinsider.com/ins.js?id=10004513
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KC65SG8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fffb9e1dd2f4243b5363d2ef1082f5fec14d1fba91bfc396d00c514b9f0a4891

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
br
cf-cache-status
HIT
age
4554
x-amz-request-id
QKJW74GQ9JVC0DZT
x-amz-id-2
X2c879volauWobw/8H9ZFbXhMR5aAylcaUkfOBUBC1GMheppKuQS9Ez1YFtUZ7EwiyKR4Y7onjY=
last-modified
Fri, 14 Jan 2022 10:54:05 GMT
server
cloudflare
etag
W/"748171b93052ac44f903336ca49de6c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=300
x-amz-version-id
1Uf5Yo6YJeorSDWXM7150GRx6wE63Rkq
cf-ray
6cfac88c3c104a7a-FRA
expires
Tue, 18 Jan 2022 21:10:46 GMT
lead-latest.js
cdn.thelead.tech/lead/
10 KB
10 KB
Script
General
Full URL
https://cdn.thelead.tech/lead/lead-latest.js
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.183.165.228 Bangkok, Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p354-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
0c70dea7f7ae178cc658f383f959806d1c2476ffaaadc90e591a5a542746e306
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
last-modified
Tue, 08 Jun 2021 09:22:42 GMT
etag
"60bf36e2-28da"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
cache-control
must-revalidate, max-age=3600
accept-ranges
bytes
content-length
10458
pubads_impl_2022011002.js
securepubads.g.doubleclick.net/gpt/
352 KB
118 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 20:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
879
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121009
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 21:10:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Jan 2023 20:51:07 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
214 B
151 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.posttoday.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
8ed1ba4855d6f4da0ac3a8e36ba72de616f5348eee28229eef311e3ac075436b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Jan 2022 21:05:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126
x-xss-protection
0
expires
Tue, 18 Jan 2022 21:05:46 GMT
modules.c89f04abde364444f21e.js
script.hotjar.com/
229 KB
61 KB
Script
General
Full URL
https://script.hotjar.com/modules.c89f04abde364444f21e.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-596629.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-122.fra56.r.cloudfront.net
Software
/
Resource Hash
fddda23f711f28038cc34b216d5278692a4a93631433d3b90540981d1422e1b9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 17:41:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
98680
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
61580
access-control-allow-origin
*
last-modified
Mon, 17 Jan 2022 17:40:09 GMT
etag
"aaca953bf181ec7c714da08b16c0fdbb"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
ZFeolCd4p4nmPYrY0HMlF1TQf3TQtRaGSfVn-M2jtFtdit8k6D9Ppw==
939928879754236
connect.facebook.net/signals/config/
305 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/939928879754236?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
04b86d6052c47bd4cde8c28ed7169f48081aef36b074fa9e1962665a661c1316
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
88863
x-xss-protection
0
pragma
public
x-fb-debug
ulzxumRoEeqLKvRPp3/EmHMKlTWEaLTskmB8cMbLDoCpsGgLhTgsqjZVNlIOOdWyo/HFtZhQk1p2cLkqjYgFbg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 18 Jan 2022 21:05:46 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
295 B
Image
General
Full URL
https://www.facebook.com/tr/?id=939928879754236&ev=PageView&dl=https%3A%2F%2Fwww.posttoday.com%2F&rl=&if=false&ts=1642539946987&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1642539946986.1380906760&it=1642539946930&coo=false&exp=p0&rqm=GET
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Tue, 18 Jan 2022 21:05:47 GMT
q0027739.js
lvs.truehits.in.th/dataa/
9 KB
9 KB
Script
General
Full URL
https://lvs.truehits.in.th/dataa/q0027739.js?v=2
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.151.144.214 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
214.144.151.203.sta.inet.co.th
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7d421659e5dd95ed52e788b547d0aea16ac0a3206a6a563d5d3d1ea4cd711938

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
last-modified
Tue, 18 Jan 2022 21:05:00 GMT
server
nginx/1.14.0 (Ubuntu)
p3p
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
cache-control
max-age=180
content-type
application/x-javascript
content-length
9047
expires
Tue, 18 Jan 2022 21:08:47 GMT
recommended_homepage
www.posttoday.com/v5/api_c/
1 KB
1 KB
XHR
General
Full URL
https://www.posttoday.com/v5/api_c/recommended_homepage
Requested by
Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:404:200::32ab , France, ASN16276 (OVH, FR),
Reverse DNS
Software
bytex/1.20.2 /
Resource Hash
60b6eb76373a046ff8b7532d41ca8582ca523461647dcf4ab57789ae2266b939

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.posttoday.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
via
1.1 varnish (Varnish/5.2)
x-byteark-cache
BYPASS from csw-th-csl-3 hop 3, BYPASS from th-nbi-3bb-01 hop 2, BYPASS from fr-sbg-1 hop 1
content-type
application/json; charset=utf-8
server
bytex/1.20.2
age
3958
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
x-cache
HIT
x-varnish
35719320 32932367
cache-control
max-age=1800, public
x-byteark-reqid
9eec4ff853efb0a5530152fd8337e2b2, 4b10277f2e32bd060fae519a267d5269, 3dfb7cdf7b774ca425aa7869995c5eaf
content-encoding
gzip
expires
Tue, 18 Jan 2022 20:29:48 GMT
truncated
/
463 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa7068b754385abd7b6ab7417cfd1625356653a0b2a939c7aab741a8b3fc659a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
484 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b29eadf4dd579e67e64030c3bac21a6d40eceb42122c67ea046180627dafc1fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
460 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f50f6c1f9d758df436c783d2722089144a04f12c42db8f1829b90263fa625de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
graph.facebook.com/
231 B
640 B
Script
General
Full URL
https://graph.facebook.com/?id=https%3A%2F%2Fwww.posttoday.com%2F&callback=_grf_7251104720915977
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-posttodaycom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:110:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
42b5010dcaaaf65c2ca80aede609da2262cd096962f4e2b07da44172a7849be6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev
1004947784
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
175
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
aEaCwUnC8FZT0T6ZsLjFmdpAzqT+WfTFFjOgYsUY+bQofG/5kAU+jnHbA4P6T8LI7ZfzumiuWQ3sYLcuMsNOeg==
x-fb-trace-id
BctB55ZTSkV
date
Tue, 18 Jan 2022 21:05:47 GMT
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
ANk-5qIBptiN74fNLnJMRx4
cache-control
no-store
facebook-api-version
v5.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
share.php
vk.com/
21 B
479 B
Script
General
Full URL
https://vk.com/share.php?act=count&url=https%3A%2F%2Fwww.posttoday.com%2F&index=0
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-posttodaycom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-190-240-87.vk.com
Software
kittenx / KPHP/7.4.109926
Resource Hash
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
content-encoding
gzip
x-frontend
front225206
server
kittenx
x-powered-by
KPHP/7.4.109926
strict-transport-security
max-age=15768000
content-type
text/html; charset=windows-1251
access-control-expose-headers
X-Frontend
cache-control
no-store
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
41
dk
connect.ok.ru/
25 B
2 KB
Script
General
Full URL
https://connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fwww.posttoday.com%2F
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-posttodaycom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.20.155.208 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
ip208.155.odnoklassniki.ru
Software
apache /
Resource Hash
48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a
Security Headers
Name Value
Content-Security-Policy default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security max-age=63072000;includeSubdomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
content-encoding
br
vary
Accept-Encoding
rendered-blocks
WidgetExtLike
content-security-policy-report-only
default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
x-xss-protection
1; mode=block
pragma
no-cache
server
apache
strict-transport-security
max-age=63072000;includeSubdomains;preload
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-security-policy
default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options
nosniff
expires
Mon, 26 Jul 1997 05:00:00 GMT
index.min.js
static.posttoday.com/v5/assets/ads/
8 KB
3 KB
Script
General
Full URL
https://static.posttoday.com/v5/assets/ads/index.min.js?v=1014.029
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
e869100122e225887e2c7a45b0b95cd3a969b084afa234c09fdce8d6810cc72b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
content-encoding
gzip
age
108
x-cache
HIT
content-length
2974
access-control-allow-origin
null
last-modified
Tue, 18 Jan 2022 21:03:58 GMT
server
bytex/1.14.0
etag
W/"218d-5d5e1a2a70a37-gzip"
vary
Accept-Encoding
x-varnish
280992591 280863050
via
1.1 varnish (Varnish/5.2)
cache-control
max-age=0
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 18 Jan 2022 21:03:58 GMT
worker-new.html
posttoday.api.useinsider.com/ Frame 3D62
8 KB
3 KB
Document
General
Full URL
https://posttoday.api.useinsider.com/worker-new.html
Requested by
Host: posttoday.api.useinsider.com
URL: https://posttoday.api.useinsider.com/ins.js?id=10004513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e58212a834825aaa684963bfbb592ac5e3d698c44a0778bbbd101ae40f214db

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
content-type
text/html
access-control-allow-origin
*
last-modified
Fri, 14 Jan 2022 04:04:18 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
3084
expires
Thu, 03 Feb 2022 21:05:47 GMT
cache-control
public, max-age=1382400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cfac88dffe14a7a-FRA
content-encoding
br
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.posttoday.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Jan 2022 21:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.posttoday.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Jan 2022 21:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
481 B
286 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3957716641708108&correlator=3516442852622623&output=ldjh&impl=fifs&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220118&iu_parts=21622890900%3A143557018%2CTH_posttoday.com_res_home_mid2_728x90%2C970x90%2C970x250&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3&prev_iu_szs=728x90%7C970x250%7C970x90&cust_params=url%3D%252F%26ref%3Dnull&cookie_enabled=1&bc=31&abxe=1&lmt=1642539947&dt=1642539947230&dlt=1642539945190&idt=2002&frm=20&biw=1600&bih=1200&oid=2&adxs=155&adys=3945&adks=1181492040&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.posttoday.com%2F&vis=1&scr_x=0&scr_y=0&psz=1290x20&msz=1290x0&ga_vid=1568850163.1642539947&ga_sid=1642539947&ga_hid=1785313862&ga_fc=false&fws=4&ohw=1290&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
0aac6b47b00a31d9f1bd99ec52be5cf72ce126e1f8cf0d9af67153be9ddab583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
256
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.posttoday.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
22 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3957716641708108&correlator=3516442852622623&output=ldjh&impl=fifs&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220118&iu_parts=21622890900%3A143557018%2CTH_posttoday.com_res_home_right_sticky_300x250%2C300x600&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=300x250%7C300x600&cust_params=url%3D%252F%26ref%3Dnull&cookie_enabled=1&bc=31&abxe=1&lmt=1642539947&dt=1642539947237&dlt=1642539945190&idt=2002&frm=20&biw=1600&bih=1200&oid=2&adxs=1145&adys=5090&adks=22578380&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.posttoday.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x20&msz=300x0&ga_vid=1568850163.1642539947&ga_sid=1642539947&ga_hid=1785313862&ga_fc=false&fws=516&ohw=300&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
47dcdec72c2fe531bdabec9646df1bc91bae6e36d1e096e2708cd3294d2a5a96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
213202
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9479
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
327881
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.posttoday.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
22 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3957716641708108&correlator=3516442852622623&output=ldjh&impl=fifs&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220118&iu_parts=21622890900%3A143557018%2CTH_posttoday.com_res_home_right3_300x250%2C300x600&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=300x250%7C300x600&cust_params=url%3D%252F%26ref%3Dnull&cookie_enabled=1&bc=31&abxe=1&lmt=1642539947&dt=1642539947242&dlt=1642539945190&idt=2002&frm=20&biw=1600&bih=1200&oid=2&adxs=1145&adys=4287&adks=1534290013&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.posttoday.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x20&msz=300x0&ga_vid=1568850163.1642539947&ga_sid=1642539947&ga_hid=1785313862&ga_fc=false&fws=516&ohw=300&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
b48061e40613cec2153a7188e2f375e2d69961e382d6d971b53b570277ea9080
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
213202
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9474
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
327881
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.posttoday.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
468 B
279 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3957716641708108&correlator=3516442852622623&output=ldjh&impl=fifs&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220118&iu_parts=21622890900%3A143557018%2CTH_posttoday.com_res_home_right2_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cust_params=url%3D%252F%26ref%3Dnull&cookie_enabled=1&bc=31&abxe=1&lmt=1642539947&dt=1642539947248&dlt=1642539945190&idt=2002&frm=20&biw=1600&bih=1200&oid=2&adxs=1145&adys=3452&adks=1177487403&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.posttoday.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x20&msz=300x0&ga_vid=1568850163.1642539947&ga_sid=1642539947&ga_hid=1785313862&ga_fc=false&fws=4&ohw=300&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e9c27b3534eb83406df60105f6fe4c5a2c5912b37c9f947c564612de5801449d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.posttoday.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
22 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3957716641708108&correlator=3516442852622623&output=ldjh&impl=fifs&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220118&iu_parts=21622890900%3A143557018%2CTH_posttoday.com_res_home_right1_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cust_params=url%3D%252F%26ref%3Dnull&cookie_enabled=1&bc=31&abxe=1&lmt=1642539947&dt=1642539947251&dlt=1642539945190&idt=2002&frm=20&biw=1600&bih=1200&oid=2&adxs=1145&adys=1331&adks=1901929786&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.posttoday.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x20&msz=300x0&ga_vid=1568850163.1642539947&ga_sid=1642539947&ga_hid=1785313862&ga_fc=false&fws=4&ohw=300&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
fc17851a5cf699fc917a45038a3fce45682726d173580071d64d67d19cc4c85e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
213202
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9347
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
327881
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.posttoday.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
50 KB
19 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3957716641708108&correlator=3516442852622623&output=ldjh&impl=fifs&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220118&iu_parts=21622890900%3A143557018%2CTH_posttoday.com_res_home_top1_728x90%2C970x250%2C970x90%2C320x100%2C320x50&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4%2F%2F5&prev_iu_szs=728x90%7C970x250%7C970x90&cust_params=url%3D%252F%26ref%3Dnull&cookie_enabled=1&bc=31&abxe=1&lmt=1642539947&dt=1642539947253&dlt=1642539945190&idt=2002&frm=20&biw=1600&bih=1200&oid=2&adxs=155&adys=140&adks=2605546845&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.posttoday.com%2F&vis=1&scr_x=0&scr_y=0&psz=1290x20&msz=1290x0&ga_vid=1568850163.1642539947&ga_sid=1642539947&ga_hid=1785313862&ga_fc=false&fws=4&ohw=1290&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
4dcc65c74addb6600f8f6dc79258391f1232120e03e973b400fad09bab3c5228
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19755
x-xss-protection
0
google-lineitem-id
5869039674
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138377005568
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.posttoday.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9903
6 KB
4 KB
Document
General
Full URL
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 18 Jan 2022 21:05:47 GMT
expires
Wed, 18 Jan 2023 21:05:47 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
box-21ccaa45726c0f3c8c458f7a87eb2298.html
vars.hotjar.com/ Frame 218D
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-596629.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-117.fra60.r.cloudfront.net
Software
/
Resource Hash
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/

Response headers

content-type
text/html
content-length
1044
date
Mon, 08 Nov 2021 14:05:19 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"6a4e2ae376c29011d2e53de65a08d0b7"
last-modified
Tue, 01 Jun 2021 09:17:15 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
8hKQgZoRXEqj7hYFqnmz2MNRq5DRtDpHLksQjTRVhEMxPq10U7Usng==
age
6159628
16425399473284172747a23.cab010a9
segment.api.useinsider.com/v4/segments/
927 B
637 B
XHR
General
Full URL
https://segment.api.useinsider.com/v4/segments/16425399473284172747a23.cab010a9?partnerid=10004513&fields=502ec1422e9be11d76b7a1a8f6a452ce,ac9a10cde36fee9b4d5e3857f8cc16b6&
Requested by
Host: posttoday.api.useinsider.com
URL: https://posttoday.api.useinsider.com/ins.js?id=10004513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69a22727b4179b24b8061b144beb1975a5860f8fed8000080228707674a14ecb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cf-ray
6cfac88eccf62ba1-FRA
/
location.api.useinsider.com/
269 B
478 B
XHR
General
Full URL
https://location.api.useinsider.com/?v=2&pId=10004513&
Requested by
Host: posttoday.api.useinsider.com
URL: https://posttoday.api.useinsider.com/ins.js?id=10004513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e3bd4a5471e9cfb88d2638ad0631a774b09937fe39a3e9090082758a1f1ed29

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-cache, private
cf-ray
6cfac88ecbf8701b-FRA
content-type
application/json
js
www.google-analytics.com/gtm/
90 KB
36 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=OPT-P7KX86V&t=gtm4&cid=1568850163.1642539947
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
caeb4225be380b92f1d7511615621c626c73e03eddab9dfe8bc4c613ab9c8af7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36343
x-xss-protection
0
expires
Tue, 18 Jan 2022 21:05:47 GMT
7258580B60D7AB80FA44F0024AF5F59E_1000.JPG
static.posttoday.com/media/content/2022/01/18/
191 KB
191 KB
Image
General
Full URL
https://static.posttoday.com/media/content/2022/01/18/7258580B60D7AB80FA44F0024AF5F59E_1000.JPG
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
ed343b39aa0f872a793e3b8e4dba08b5dc4349872f180544efe8eb7784c29925

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Tue, 18 Jan 2022 07:50:05 GMT
server
bytex/1.14.0
age
30979
etag
"2fb4e-5d5d684708dc6"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
null
cache-control
max-age=2592000
x-varnish
281972534 226141201
accept-ranges
bytes
content-length
195406
expires
Thu, 17 Feb 2022 12:29:28 GMT
1C4ADEA36404627D03B407B9BF9F4831_1000.jpg
static.posttoday.com/media/content/2022/01/18/
152 KB
153 KB
Image
General
Full URL
https://static.posttoday.com/media/content/2022/01/18/1C4ADEA36404627D03B407B9BF9F4831_1000.jpg
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
743dffe53c5935232766363ab71dc2b8a37fd2a1dc3931f61f4f54c7e478995a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Tue, 18 Jan 2022 11:43:29 GMT
server
bytex/1.14.0
age
591
etag
"2616e-5d5d9c721bdac"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
null
cache-control
max-age=2592000
x-varnish
280762098 281969059
accept-ranges
bytes
content-length
156014
expires
Thu, 17 Feb 2022 20:55:55 GMT
4CD352F17599C3126B522E431F5049F6_1000.jpg
static.posttoday.com/media/content/2022/01/18/
73 KB
73 KB
Image
General
Full URL
https://static.posttoday.com/media/content/2022/01/18/4CD352F17599C3126B522E431F5049F6_1000.jpg
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
ea5d0df436659b13843191d1ff57859e2c75117b9332a8afa8e2422001877c99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Tue, 18 Jan 2022 11:34:36 GMT
server
bytex/1.14.0
age
591
etag
"12275-5d5d9a760b687"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
null
cache-control
max-age=2592000
x-varnish
278249370 280140882
accept-ranges
bytes
content-length
74357
expires
Thu, 17 Feb 2022 20:55:56 GMT
B123C18F9682C1DC6C4E78EEF10947C5_700.jpg
static.posttoday.com/media/content/2022/01/18/
69 KB
70 KB
Image
General
Full URL
https://static.posttoday.com/media/content/2022/01/18/B123C18F9682C1DC6C4E78EEF10947C5_700.jpg
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
937cbe2e073226ee72f9e438b21aa436d03dada97616c56c338cce8414a41827

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Tue, 18 Jan 2022 07:07:13 GMT
server
bytex/1.14.0
age
591
etag
"1149e-5d5d5eb250e5b"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
null
cache-control
max-age=2592000
x-varnish
280958821 282034946
accept-ranges
bytes
content-length
70814
expires
Thu, 17 Feb 2022 20:55:56 GMT
A041CBF539533B89478785C68035B276_700.JPG
static.posttoday.com/media/content/2022/01/18/
124 KB
124 KB
Image
General
Full URL
https://static.posttoday.com/media/content/2022/01/18/A041CBF539533B89478785C68035B276_700.JPG
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
e8e3fae3b7c8d4441fed4f4455c9380c03218f82312eeaf4a7bc3ee2b83047da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Tue, 18 Jan 2022 09:06:30 GMT
server
bytex/1.14.0
age
43156
etag
W/"1ee1f-5d5d79d32fc4b"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
null
cache-control
max-age=2592000
x-varnish
281941135 209467407
accept-ranges
bytes
content-length
126495
expires
Thu, 17 Feb 2022 09:06:30 GMT
9C48A1DE61DB4A042B3176FB8464B8C2_350.jpeg
static.posttoday.com/media/content/2022/01/18/
9 KB
10 KB
Image
General
Full URL
https://static.posttoday.com/media/content/2022/01/18/9C48A1DE61DB4A042B3176FB8464B8C2_350.jpeg
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
6dbe21e988ef4bde9e42b6733d1b28475308c5394eaeb0d19ea3d60f865a54dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Tue, 18 Jan 2022 15:58:49 GMT
server
bytex/1.14.0
age
334
etag
"24db-5d5dd584d7ce6"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
null
cache-control
max-age=2592000
x-varnish
281777189 280632477
accept-ranges
bytes
content-length
9435
expires
Thu, 17 Feb 2022 21:00:12 GMT
7FD1B4EB71B486E0784F0EF807DAEE21_350.jpg
static.posttoday.com/media/content/2022/01/18/
20 KB
20 KB
Image
General
Full URL
https://static.posttoday.com/media/content/2022/01/18/7FD1B4EB71B486E0784F0EF807DAEE21_350.jpg
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
759322b994d2111aee5195cf737fa1b54bb7c2baea27da20eee169b684591c2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Tue, 18 Jan 2022 14:27:05 GMT
server
bytex/1.14.0
age
334
etag
"4ea1-5d5dc103d5c82"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
null
cache-control
max-age=2592000
x-varnish
278803773 281939669
accept-ranges
bytes
content-length
20129
expires
Thu, 17 Feb 2022 21:00:12 GMT
041A516EA900E4A980280FB2A517FC54_350.jpg
static.posttoday.com/media/content/2022/01/18/
44 KB
44 KB
Image
General
Full URL
https://static.posttoday.com/media/content/2022/01/18/041A516EA900E4A980280FB2A517FC54_350.jpg
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
95e00d8064f0834cef0741004185456de02ce684fe46ed29d3c798ac66fc394c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Tue, 18 Jan 2022 13:55:48 GMT
server
bytex/1.14.0
age
75
etag
"ae1d-5d5dba055b802"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
null
cache-control
max-age=2592000
x-varnish
282232156 280992392
accept-ranges
bytes
content-length
44573
expires
Thu, 17 Feb 2022 21:04:31 GMT
F7411339E9D3CD8D05C0ABDEB064D8D6_350.jpg
static.posttoday.com/media/content/2022/01/18/
48 KB
49 KB
Image
General
Full URL
https://static.posttoday.com/media/content/2022/01/18/F7411339E9D3CD8D05C0ABDEB064D8D6_350.jpg
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
e9fa897c6390967a96c17c67575b425662e0d28528d9f4c70a1aa90ea5c9184c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Tue, 18 Jan 2022 13:15:42 GMT
server
bytex/1.14.0
age
75
etag
"c121-5d5db10ef06fe"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
null
cache-control
max-age=2592000
x-varnish
281319738 279882062
accept-ranges
bytes
content-length
49441
expires
Thu, 17 Feb 2022 21:04:31 GMT
jquery.min.js
www.settrade.com/script/ Frame C5C2
85 KB
34 KB
Script
General
Full URL
https://www.settrade.com/script/jquery.min.js
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/set.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.141 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 06 Jul 2018 11:02:28 GMT
server
nginx
etag
W/"86927-1530874948000"
x-cache-status
BYPASS
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
x-iinfo
9-89545797-89545799 nNNN RT(1642539947316 0) q(0 0 4 -1) r(7 7) U5
x-xss-protection
1; mode=block
cache-control
public, max-age=3600, s-maxage=100, stale-if-error=600
x-cdn
Imperva
jquery.marquee.min.js
www.settrade.com/script/jquery.marquee/1.4.0/ Frame C5C2
6 KB
3 KB
Script
General
Full URL
https://www.settrade.com/script/jquery.marquee/1.4.0/jquery.marquee.min.js
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/set.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.141 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
s /
Resource Hash
2278cada41d2bcc06dfa905b1e859133291c58dc7fb209a57f9f5d02c11a92e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 06 Oct 2017 11:04:47 GMT
server
s
etag
W/"5638-1507287887000"
x-cache-status
BYPASS
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
x-iinfo
9-89545800-89545801 pNNN RT(1642539947317 0) q(0 0 4 -1) r(7 7) U5
x-xss-protection
1; mode=block
cache-control
public, max-age=3600, s-maxage=100, stale-if-error=600
x-cdn
Imperva
hit
hit.api.useinsider.com/
16 B
154 B
XHR
General
Full URL
https://hit.api.useinsider.com/hit
Requested by
Host: posttoday.api.useinsider.com
URL: https://posttoday.api.useinsider.com/ins.js?id=10004513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://www.posttoday.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
request-id
ca42d68f-7e83-4163-b607-5cba5778ff8d
cf-ray
6cfac88f4d16701b-FRA
content-length
16
opt-in-dialog.css
assets.api.useinsider.com/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://assets.api.useinsider.com/css/opt-in-dialog.css
Requested by
Host: posttoday.api.useinsider.com
URL: https://posttoday.api.useinsider.com/ins.js?id=10004513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9f895f84701ca7fd9dd678004f9d7be765bb7c7c7b8409ea080f645d581b163

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
content-encoding
br
cf-cache-status
HIT
age
125019
cf-polished
origSize=4371
cf-bgj
minify
pragma
public
last-modified
Fri, 14 Jan 2022 04:04:18 GMT
server
cloudflare
etag
W/"61e0f642-1113"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=259200
cf-ray
6cfac88f7b1f4a7a-FRA
expires
Fri, 21 Jan 2022 21:05:47 GMT
native-push-sdk.js
eitri.api.useinsider.com/static/
10 KB
3 KB
Script
General
Full URL
https://eitri.api.useinsider.com/static/native-push-sdk.js
Requested by
Host: posttoday.api.useinsider.com
URL: https://posttoday.api.useinsider.com/ins.js?id=10004513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c2beae6b782df3108556bce9ea486d9199d2ba8a2030b793157671251db626a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
content-encoding
br
cf-cache-status
HIT
age
6846
x-amz-request-id
TBM2AAECM7SVCSAJ
x-amz-id-2
FsnpGotf+XofdQ+gPFtRKq1MMmDQAYUR+TkgiY1gxU9evO8ahCrXF1TNDfFf0bERcQXi4p69qho=
last-modified
Fri, 14 Jan 2022 10:08:13 GMT
server
cloudflare
etag
W/"ffbd6c8a99d7d3d8f9b4a92b11362553"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300
x-amz-version-id
6M2THiBr9ub5eCtjSjLcFnf8zqxI5r3Z
cf-ray
6cfac88f7b204a7a-FRA
expires
Tue, 18 Jan 2022 21:10:47 GMT
list
a.giraff.io/rtb/match/
310 B
664 B
XHR
General
Full URL
https://a.giraff.io/rtb/match/list
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-posttodaycom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
195.161.16.148 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
88b64e35a757c98dc1f37c8985aa47ebcc1aa69ef9cb19ae9f71e546dd9e17f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.posttoday.com
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
text/plain; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
visit-data
in.hotjar.com/api/v2/client/sites/596629/
146 B
321 B
XHR
General
Full URL
https://in.hotjar.com/api/v2/client/sites/596629/visit-data?sv=7
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.c89f04abde364444f21e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.125.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-125-250.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
30886bcaa4bc9292431c9ae196c0b6bbcc4e4311b4839780c91a09c771c76c6e

Request headers

Referer
https://www.posttoday.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1785313862&t=pageview&_s=1&dl=https%3A%2F%2Fwww.posttoday.com%2F&ul=en-us&de=UTF-8&dt=%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%A7%E0%B8%B1%E0%B8%99%E0%B8%99%E0%B8%B5%E0%B9%89%20%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99%20%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%94%E0%B9%88%E0%B8%A7%E0%B8%99%20%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%82%E0%B8%9E%E0%B8%AA%E0%B8%95%E0%B9%8C%E0%B8%97%E0%B8%B9%E0%B9%80%E0%B8%94%E0%B8%A2%E0%B9%8C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCjAAEADQAAAAC~&jid=1913412108&gjid=171778328&cid=1568850163.1642539947&tid=UA-8091193-2&_gid=1396206693.1642539947&_r=1&gtm=2wg1c0KC65SG8&z=772873785
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.posttoday.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 21:05:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.posttoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/
78 KB
26 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/ads/index.min.js?v=1014.029
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
caedfb914856a2599d978d3c481f2702a1ef61eebbffc0e7939f0f0f77183e5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26965
x-xss-protection
0
server
sffe
etag
"1106 / 574 of 1000 / last-modified: 1642537328"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 18 Jan 2022 21:05:47 GMT
prebid.js
www.posttoday.com/js/
104 KB
39 KB
Script
General
Full URL
https://www.posttoday.com/js/prebid.js
Requested by
Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/ads/index.min.js?v=1014.029
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:404:200::32ab , France, ASN16276 (OVH, FR),
Reverse DNS
Software
bytex/1.20.2 /
Resource Hash
dc12e547af41dc4ef092b0914eda8547959e6ce0300777ddd64b18286cf4ad92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
content-encoding
gzip
age
0
x-byteark-reqid
429ba6309dfe87b2ded505f7660b1d2b, c1c2901049a9e1c209281f6a52f2a9c6
x-cache
HIT
content-length
38970
x-byteark-cache
BYPASS from csw-th-csl-3 hop 2, BYPASS from fr-sbg-1 hop 1
last-modified
Fri, 03 Aug 2018 02:22:41 GMT
server
bytex/1.20.2
etag
"19f41-5727e9a233e40-gzip"
vary
Accept-Encoding
x-varnish
281319748 279163644
via
1.1 varnish (Varnish/5.2)
cache-control
max-age=31557600, public
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 18 Jan 2023 21:05:47 GMT
homepage.json
static.posttoday.com/v5/assets/ads/data//
3 KB
3 KB
XHR
General
Full URL
https://static.posttoday.com/v5/assets/ads/data//homepage.json?v=0.2
Requested by
Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/js/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
ebae05c63d00cd09a46fb74fdd63a91785a456f274d530e40db88104d65ffa95

Request headers

Accept
*/*
Referer
https://www.posttoday.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Tue, 07 Dec 2021 07:23:23 GMT
server
bytex/1.14.0
age
0
etag
"a14-5d2893fa4c20e"
x-cache
MISS
content-type
application/json
access-control-allow-origin
https://www.posttoday.com
cache-control
max-age=0
x-varnish
280992602
accept-ranges
bytes
content-length
2580
expires
Tue, 18 Jan 2022 21:05:47 GMT
spc.php
ads3.bangkokpost.co.th/www/delivery/
437 B
824 B
Script
General
Full URL
https://ads3.bangkokpost.co.th/www/delivery/spc.php?zones=3040&_=1642539946897
Requested by
Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.221 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-221.northern.inet.co.th
Software
nginx/1.10.2 /
Resource Hash
db6f82179e6c8f725b037652e8158bffa2773d0597fa6d7ce31c60bad26f25ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:47 GMT
Content-Encoding
gzip
Server
nginx/1.10.2
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/x-javascript; charset=UTF-8
Expires
0
spc.php
ads3.bangkokpost.co.th/www/delivery/
437 B
824 B
Script
General
Full URL
https://ads3.bangkokpost.co.th/www/delivery/spc.php?zones=4339&_=1642539946898
Requested by
Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.221 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-221.northern.inet.co.th
Software
nginx/1.10.2 /
Resource Hash
7c08cc740031f36f656ada75e3b55e2ae3a6d425ad8ee6b55b42f47d622d807b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:47 GMT
Content-Encoding
gzip
Server
nginx/1.10.2
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/x-javascript; charset=UTF-8
Expires
0
spc.php
ads3.bangkokpost.co.th/www/delivery/
437 B
823 B
Script
General
Full URL
https://ads3.bangkokpost.co.th/www/delivery/spc.php?zones=3046&_=1642539946899
Requested by
Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.221 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-221.northern.inet.co.th
Software
nginx/1.10.2 /
Resource Hash
e6bc0a7e3cf6b1fd55986f9ad51e3fe7dfb22024abb57f44a8bba0a4134d4053

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:48 GMT
Content-Encoding
gzip
Server
nginx/1.10.2
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/x-javascript; charset=UTF-8
Expires
0
spc.php
ads3.bangkokpost.co.th/www/delivery/
437 B
824 B
Script
General
Full URL
https://ads3.bangkokpost.co.th/www/delivery/spc.php?zones=3049&_=1642539946900
Requested by
Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.221 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-221.northern.inet.co.th
Software
nginx/1.10.2 /
Resource Hash
f2523dd4429b266013b3b5d0fc456ea7b64e36ddb67b1cc86dbd74c7e2293881

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:48 GMT
Content-Encoding
gzip
Server
nginx/1.10.2
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/x-javascript; charset=UTF-8
Expires
0
spc.php
ads3.bangkokpost.co.th/www/delivery/
437 B
825 B
Script
General
Full URL
https://ads3.bangkokpost.co.th/www/delivery/spc.php?zones=3046&_=1642539946901
Requested by
Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.221 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-221.northern.inet.co.th
Software
nginx/1.10.2 /
Resource Hash
723c0214c9a27b0800381189e75efa3e84e570de9c61d7da297fde6bbf3fd9fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 20:56:43 GMT
Content-Encoding
gzip
Server
nginx/1.10.2
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/x-javascript; charset=UTF-8
Expires
0
spc.php
ads3.bangkokpost.co.th/www/delivery/
437 B
824 B
Script
General
Full URL
https://ads3.bangkokpost.co.th/www/delivery/spc.php?zones=3049&_=1642539946902
Requested by
Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.221 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-221.northern.inet.co.th
Software
nginx/1.10.2 /
Resource Hash
62ca4c943f94da8f33430b114464dcb8b4eb167c1c16c226036fdc8b89946de1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:48 GMT
Content-Encoding
gzip
Server
nginx/1.10.2
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/x-javascript; charset=UTF-8
Expires
0
collect
log.api.useinsider.com/v2/
42 B
140 B
Image
General
Full URL
https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5wb3N0dG9kYXkuY29tLyIsInJlZmVyZXIiOiJodHRwczovL3d3dy5wb3N0dG9kYXkuY29tLyIsInVzZXJJZCI6IjE2NDI1Mzk5NDczMjg0MTcyNzQ3YTIzLmNhYjAxMGE5IiwicGxhdGZvcm0iOiJ3ZWIiLCJ0Ijoic3RvcmVMb2ciLCJ0eXBlIjoid2ViUHVzaCIsImxvZ1R5cGUiOiJuYXRpdmUtcGVybWlzc2lvbi1pbXByZXNzaW9uIiwiYnJvd3NlciI6IkNocm9tZSIsImlzTW9iaWxlIjpmYWxzZSwidXNlcklEIjoiMTY0MjUzOTk0NzMyODQxNzI3NDdhMjMuY2FiMDEwYTkiLCJsYW5ndWFnZSI6InRoX1RIIn0%3D&t=w&pn=posttoday
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cf-ray
6cfac88fec234a7a-FRA
content-length
42
collect
log.api.useinsider.com/v2/
42 B
95 B
Image
General
Full URL
https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5wb3N0dG9kYXkuY29tLyIsInJlZmVyZXIiOiJodHRwczovL3d3dy5wb3N0dG9kYXkuY29tLyIsInVzZXJJZCI6IjE2NDI1Mzk5NDczMjg0MTcyNzQ3YTIzLmNhYjAxMGE5IiwicGxhdGZvcm0iOiJ3ZWIiLCJ0Ijoic3RvcmVMb2ciLCJ0eXBlIjoid2ViUHVzaCIsImxvZ1R5cGUiOiJwdXNoLXJlcXVlc3QiLCJicm93c2VyIjoiQ2hyb21lIiwiaXNNb2JpbGUiOmZhbHNlLCJ1c2VySUQiOiIxNjQyNTM5OTQ3MzI4NDE3Mjc0N2EyMy5jYWIwMTBhOSIsImxhbmd1YWdlIjoidGhfVEgifQ%3D%3D&t=w&pn=posttoday
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cf-ray
6cfac8903ce14a7a-FRA
content-length
42
/
www.facebook.com/tr/ Frame 4182
0
18 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.posttoday.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.posttoday.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
date
Tue, 18 Jan 2022 21:05:47 GMT
collect
stats.g.doubleclick.net/j/
4 B
443 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-8091193-2&cid=1568850163.1642539947&jid=1913412108&gjid=171778328&_gid=1396206693.1642539947&_u=aCjAAEACQAAAAC~&z=1568059978
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.posttoday.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 18 Jan 2022 21:05:47 GMT
content-type
text/plain
access-control-allow-origin
https://www.posttoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
s.uuidksinc.net/match/246/
74 B
243 B
Image
General
Full URL
https://s.uuidksinc.net/match/246/?remote_uid=14150766
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
server
nginx/1.19.0
content-length
74
content-type
image/png
adspend-sync
adx.com.ru/
Redirect Chain
  • https://rtb.com.ru/directadvert-sync?uid=14150766
  • https://rtb.com.ru/sync?noRedirect=&sspKey=52&sspUserID=14150766
  • https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=61e72baba62fbd6799122777&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D61e72baba62fbd6799122777%26r...
  • https://rtb.com.ru/adx-sync?r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D61e72baba62fbd6799122777%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526...
  • https://prodmp.ru/refocus.gif?dsp_provider_id=2&uid=61e72baba62fbd6799122777&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D61e72baba62fbd6799122777%26dest%3Dhttps%253A%252F%252Fdmg.d...
  • https://counter.yadro.ru/id127/refocusdmp-id.gif?uid=61e72baba62fbd6799122777&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D61e72baba62fbd6799122777%26dest%3Dhttps%253A%252F%252Fdmg....
  • https://x01.aidata.io/0.gif?pid=6472613&id=61e72baba62fbd6799122777&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D61e72baba62fbd6799122777%26i%3D4180148616126991406%26r%...
  • https://x01.aidata.io/0.gif?pid=6472613&id=61e72baba62fbd6799122777&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D61e72baba62fbd6799122777%26i%3D4180148616126991406%26r%...
  • https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=61e72baba62fbd6799122777&i=4180148616126991406&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3...
  • https://dmg.digitaltarget.ru/awg/custom/224/i/i?call_source=awg&a=224&e=61e72baba62fbd6799122777&i=4180148616126991406&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f45...
  • https://cm.g.doubleclick.net/pixel?google_nid=crossmedia_ddp&google_cm=&code=224&ts=6D4YhPcPIs7jn1A7rynv&redirect=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100...
  • https://dmg.digitaltarget.ru/awg/7162?a=155&e=CAESEF2JcJRtpI32PV5nY9IEV8o&ver=1&google_error=&code=224&ts=6D4YhPcPIs7jn1A7rynv&redirect=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-...
  • https://sync.1dmp.io/pixel.gif?cid=fe2375b0-c617-4a6d-ab2d-f9f457ba8100&pid=w&uid=61e72baba62fbd6799122777&ru=https%3A%2F%2Fcm.p.altergeo.ru%2Fspnd%3Faid%3D61e72baba62fbd6799122777%26nc%3D797059816...
  • https://sync.1dmp.io/pixel.gif?cid=fe2375b0-c617-4a6d-ab2d-f9f457ba8100&pid=w&uid=61e72baba62fbd6799122777&ru=https%3A%2F%2Fcm.p.altergeo.ru%2Fspnd%3Faid%3D61e72baba62fbd6799122777%26nc%3D797059816...
  • https://cm.p.altergeo.ru/spnd?aid=61e72baba62fbd6799122777&nc=7970598166320752486&url=https%3A%2F%2Fadx.com.ru%2Fadspend-sync%3Fuid%3D61e72baba62fbd6799122777%26r%3Dhttps%253A%252F%252Fan.yandex.ru...
  • https://cm.p.altergeo.ru/spnd?aid=61e72baba62fbd6799122777&nc=7970598166320752486&url=https%3A%2F%2Fadx.com.ru%2Fadspend-sync%3Fuid%3D61e72baba62fbd6799122777%26r%3Dhttps%253A%252F%252Fan.yandex.ru...
  • https://adx.com.ru/adspend-sync?uid=61e72baba62fbd6799122777&r=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2FcLXqJAsreRGVxArzn6LayQ%3Fsign%3D2547136621%26location%3Dhttps%253A%252F%252Fmc.yandex.r...
0
0
Image
General
Full URL
https://adx.com.ru/adspend-sync?uid=61e72baba62fbd6799122777&r=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2FcLXqJAsreRGVxArzn6LayQ%3Fsign%3D2547136621%26location%3Dhttps%253A%252F%252Fmc.yandex.ru%252Fwatch%252F65195605
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Server
188.34.131.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.130.131.34.188.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:49 GMT
Server
nginx/1.16.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://adx.com.ru/adspend-sync?uid=61e72baba62fbd6799122777&r=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2FcLXqJAsreRGVxArzn6LayQ%3Fsign%3D2547136621%26location%3Dhttps%253A%252F%252Fmc.yandex.ru%252Fwatch%252F65195605
Cache-Control
max-age=0, no-cache, no-store
Connection
close
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.cgi
ssp.adriver.ru/cgi-bin/
42 B
201 B
Image
General
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=77&external_id=14150766
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad16.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 21:05:48 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
sync.gif
stat.media/counter/
43 B
265 B
Image
General
Full URL
https://stat.media/counter/sync.gif?system=directadvert&ext_uid=14150766
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.162.95.70 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
sm-server1-1.smir12.imcmdb.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:47 GMT
Server
nginx
Content-Type
image/gif
cache-control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
expires
0
/
s.uuidksinc.net/match/618/
74 B
242 B
Image
General
Full URL
https://s.uuidksinc.net/match/618/?remote_uid=14150766
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
server
nginx/1.19.0
content-length
74
content-type
image/png
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8091193-2&cid=1568850163.1642539947&jid=1913412108&_u=aCjAAEACQAAAAC~&z=781661427
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 21:05:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8091193-2&cid=1568850163.1642539947&jid=1913412108&_u=aCjAAEACQAAAAC~&z=781661427
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 21:05:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
C59F272CB55F8937880763F659249192_350.jpg
static.posttoday.com/media/content/2022/01/18/
54 KB
55 KB
Image
General
Full URL
https://static.posttoday.com/media/content/2022/01/18/C59F272CB55F8937880763F659249192_350.jpg
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-199.northern.inet.co.th
Software
bytex/1.14.0 /
Resource Hash
080836cfc3944eba3c36519331fe51e2268b4e087ccb372d7b60621a5f1a680f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
via
1.1 varnish (Varnish/5.2)
last-modified
Tue, 18 Jan 2022 13:03:49 GMT
server
bytex/1.14.0
age
74
etag
"d8b8-5d5dae6784ce3"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
null
cache-control
max-age=2592000
x-varnish
282202240 280142856
accept-ranges
bytes
content-length
55480
expires
Thu, 17 Feb 2022 21:04:32 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9EEE
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuE5samTyPqcGvTbKYsG0-JhW6aqT8U1g0ihXf13H3vklQtDUYuEIKsJKAzkn-o_5RbMN_rKARSuK1ry50WtBMDizPwd088Rkj8Yr1yzyk4Z6UDkn5JkipkaTinj7RMpqz0yNasz3yGdylOhI1FP9-VPqoNpghhShVctPRg5hYy4xYR2kMT8XGsT3R46zlRWt0ph79Cl6zAGKCvqB6_5LUeZILe2mYI136NEbm2JPVNY01s29e_B6pTLppDT5NZ3BUCNruKKA4xlTfLuH5XHrp3YmyUO6mA7e38r52rLAHJVVgwGDdEzHPivzXkv2_nVBnob2EDuifKgqiDAIOK0y-neG9gU7Dn8eItOk74038AVjYhNzppOHGWkpHIiFaJD9P59GTbBiZx7g&sai=AMfl-YR5OM-ilr3wnPwMVrb2iAGbqdik2YitXACRQxzFN-8kNijjOtRNye6hEw2_Sx5Cdu-WL07vmr6K-mQe7BmX786o3l-OrQGJ5hxKVSETphgL6VsDSN_gWnhYLQcxmRw&sig=Cg0ArKJSzPp25UfRQ5FVEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Jan 2022 21:05:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 18 Jan 2022 21:05:47 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 9EEE
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:04:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 21:04:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 9EEE
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:04:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
99
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 21:04:08 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9EEE
121 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 18 Jan 2022 21:05:47 GMT
12364622558180580055
tpc.googlesyndication.com/simgad/ Frame 9EEE
99 KB
100 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/12364622558180580055
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f4d1afe69926429f7b52428ac4df1cf1d174fd32f36de2db11cbcce81e11068
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 12:23:08 GMT
x-content-type-options
nosniff
age
31359
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101649
x-xss-protection
0
last-modified
Tue, 04 Jan 2022 03:20:31 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 18 Jan 2023 12:23:08 GMT
goggen.php
lvs.truehits.in.th/
91 B
393 B
Image
General
Full URL
https://lvs.truehits.in.th/goggen.php?hc=q0027739&rand=316104&bv=0&rf=bookmark&web=wppaF7NHyB9cj/HoOjiD3Q%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=A8816D63.1&fp=d&fv=-&truehitspage=home&truehitsurl=https%3a//www.posttoday.com/
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.151.144.214 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
214.144.151.203.sta.inet.co.th
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 21:05:47 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server
nginx/1.14.0 (Ubuntu)
content-type
image/jpeg
p3p
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
bulk
connect.thelead.tech/event/
76 B
227 B
XHR
General
Full URL
https://connect.thelead.tech/event/bulk
Requested by
Host: cdn.thelead.tech
URL: https://cdn.thelead.tech/lead/lead-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.183.165.228 Bangkok, Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p354-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
17f734d31d3067dc6504e116c3c54906de7a2df387a4ff7f5a5b979228f451fb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.posttoday.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 18 Jan 2022 21:05:48 GMT
vary
Origin
content-length
76
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json
truncated
/ Frame 9EEE
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03324c95042788335fe86882b86fba7d9dbdc2fd75b3cd18375245955ea419e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 9EEE
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGZtuul2PkfVOimvxG1OQA6o6bhuKYiq8uuGp0o9to8JhI4aHXFn0k5ucVw7N80fu83eFMuHP5_0XJPOmMiE-N-PlAJkvhdG4HMD9UOOi1SxZMSZMlRak0dGFeQsM_FgCNOhabOYyxJ9YsG-VYPMIvycDy8QKX6uGyzgjM1mDsJZ8yRv0bwslEzqcrn1Ced1niqlX_98RGsrJIAhlfIWLPRB_K_TWvXRuAmScwr3Rynes_LMx7m5p8e4wpMz_bvtUabyLKPHLxAAe2OYBfHDEHK4yCfQ4HU-KF2OuW5sHo2_skJAzQHimyNVYmOV6hqwqjal-38yoDMUDZ2cUgeF0EObDyaFhknvv9-AMv9ZLIGg4JeRgCwYOc7C8qNhRB9ZzjyADer0EkERZP&sai=AMfl-YSx5QaWp-d75COqDDzDHf522wMVFavl8YBAAtgd1b8hjkWek0R1MCuzQt-pDZ42uUvQnAPr7Ap94KHTO7P2-SwkSibImOwbMXHKVn_-qZhxBkJAIXu6jnxuyQpMFfc&sig=Cg0ArKJSzDLutoJ2QZNvEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Jan 2022 21:05:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 18 Jan 2022 21:05:47 GMT
container.html
36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 91A6
6 KB
3 KB
Document
General
Full URL
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 18 Jan 2022 21:05:47 GMT
expires
Wed, 18 Jan 2023 21:05:47 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
lg.php
ads3.bangkokpost.co.th/www/delivery/
43 B
474 B
Image
General
Full URL
https://ads3.bangkokpost.co.th/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=3040&loc=https%3A%2F%2Fwww.posttoday.com%2F&cb=e39d656504
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.221 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-221.northern.inet.co.th
Software
nginx/1.10.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 20:56:43 GMT
Server
nginx/1.10.2
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Expires
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 91A6
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CiGwGqyvnYZesI7-A7_UP28q8yAGeoaGuXKH56P6fA8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxyAEJ4AIAqAMBqgSSAk_QFm8NJxQqHE1yMqRGq4oQsiPJM4Ptc9PICD09oXNj3aJZB6NWoj4czIkXD6tqPRktm0EfulCfxthUYhB2-RfUYXYDS-U1i5O5RY_l2ZNyDW2zmioxf43ftLtwn24jy97GWdjVZ6I6wdfyiq5shJd-MeTAgaO_aQvf35K1dlzLnS6oJEDJYDGAMvG6FbT2uH48kuiut0aN3sNFfcJwDwxj5x6eGOjdkx-wTJKtD4jsTBhZ_3V4MqtGlJx3hlS7b4RSYSQuURKOKVMQs7dHhXvNHFsvkVmzGA0GYJCtuE9WGLLS2MNW6fGdH7rH8m2ekFxul8kPPEtENKY3OTrTKW1cCUBxgmTyt81yIV9jU9pujSDgBAGABtTgktrBt5O_nQGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tMzk1MDAwMTI0MTEwMjM5NIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi05MDU4MjkxODU0NDQzODgxGLbXaQ&sigh=ZflgrrozUPc&uach_m=[UACH]&cid=CAQSPwCNIrLMIOHJNs6OLKX5bXtaQcLNR5Ob_LPE82OMlyPZdasEvzkslsg5Tpc33oXvzNkHtV_3q7c80BYZ_k1LERgB
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

/
track.adform.net/adfscript/ Frame 91A6
985 B
1 KB
Script
General
Full URL
https://track.adform.net/adfscript/?bn=52550204;rtbwp=YecrqwAAAAAl3kPyYXizlOwk8h5XVs3hGETazA;rtbdata=ZC5IS7hTs1UpvKolT9A-TZz_fA2IM2lDnouRghVXPdQjJoHoECkZG6AJkylqFuLQx-EfRLwm_sF_d7Xicy9jm-PJDlcHuGxBe9hsTx5gWIzVP0uF5Hjl1hTw1GvQ2tdCbFRENHiuxXOIaBd2_viO3sKnsHI4BWJthZmC2sBxDE8VAsxVvZrpaKDQaY0U8xKDRBBMYXLfYQxwcXYCCQ9E_xNuTKE8DEq8xOP7EGRkIKg1
Requested by
Host: 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
URL: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8557e86b3890a73d9a5e6be2b9600a1062f68bef4ceb087d96c84f9450aab738
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 21:05:48 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
844
expires
-1
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 91A6
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
URL: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:04:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 21:04:08 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 91A6
121 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
URL: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 18 Jan 2022 21:05:48 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 91A6
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
URL: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 20:59:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
403
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 20:59:05 GMT
l
www.google.com/ads/measurement/ Frame 91A6
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQmtdQaPUxIqQYlsxk_RUw_tmgR9acXLmhXL4nm7Hv-T-4osEKFbU3e--es9BlEAVx_crB0zrbP8rfUa0DkoQG9Y7MXgA
Requested by
Host: 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
URL: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 91A6
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
URL: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 08:52:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216773
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 16 Jan 2023 08:52:55 GMT
v1
a4525.casalemedia.com/impression/ Frame 91A6
43 B
303 B
Image
General
Full URL
https://a4525.casalemedia.com/impression/v1?bidID=5b362007-2e9b-4418-86a2-0856535dcf99&traceID=c7jinas7jf0c4rfhjlvg&dspID=111&userID=&cmpro=0&ap=YecrqwAI1hcIu8A_AA8lW9d7e0W5s0CxBr0b9A
Requested by
Host: 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
URL: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.170.63.117 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:48 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=100
Content-Length
43
Expires
0
lg.php
ads3.bangkokpost.co.th/www/delivery/
43 B
474 B
Image
General
Full URL
https://ads3.bangkokpost.co.th/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=4339&loc=https%3A%2F%2Fwww.posttoday.com%2F&cb=060f31dc9f
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.221 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-221.northern.inet.co.th
Software
nginx/1.10.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 20:56:43 GMT
Server
nginx/1.10.2
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Expires
0
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 91A6
33 KB
16 KB
Script
General
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=52550204;rtbwp=YecrqwAAAAAl3kPyYXizlOwk8h5XVs3hGETazA;rtbdata=ZC5IS7hTs1UpvKolT9A-TZz_fA2IM2lDnouRghVXPdQjJoHoECkZG6AJkylqFuLQx-EfRLwm_sF_d7Xicy9jm-PJDlcHuGxBe9hsTx5gWIzVP0uF5Hjl1hTw1GvQ2tdCbFRENHiuxXOIaBd2_viO3sKnsHI4BWJthZmC2sBxDE8VAsxVvZrpaKDQaY0U8xKDRBBMYXLfYQxwcXYCCQ9E_xNuTKE8DEq8xOP7EGRkIKg1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0ae298f2509111b6eff0a258cb53fafcd63adbacfef38e453f46d7ff50edc24e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:48 GMT
content-encoding
gzip
last-modified
Tue, 18 Jan 2022 09:30:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 20 Jan 2022 00:23:53 GMT
lg.php
ads3.bangkokpost.co.th/www/delivery/
43 B
474 B
Image
General
Full URL
https://ads3.bangkokpost.co.th/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=3046&loc=https%3A%2F%2Fwww.posttoday.com%2F&cb=02c2b5ec80
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.221 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-221.northern.inet.co.th
Software
nginx/1.10.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:48 GMT
Server
nginx/1.10.2
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Expires
0
lg.php
ads3.bangkokpost.co.th/www/delivery/
43 B
474 B
Image
General
Full URL
https://ads3.bangkokpost.co.th/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=3049&loc=https%3A%2F%2Fwww.posttoday.com%2F&cb=b192e03f14
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.221 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-221.northern.inet.co.th
Software
nginx/1.10.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:48 GMT
Server
nginx/1.10.2
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Expires
0
/
track.adform.net/adfserve/ Frame 91A6
4 KB
2 KB
Script
General
Full URL
https://track.adform.net/adfserve/?bn=52550204;rtbwp=YecrqwAAAAAl3kPyYXizlOwk8h5XVs3hGETazA;rtbdata=ZC5IS7hTs1UpvKolT9A-TZz_fA2IM2lDnouRghVXPdQjJoHoECkZG6AJkylqFuLQx-EfRLwm_sF_d7Xicy9jm-PJDlcHuGxBe9hsTx5gWIzVP0uF5Hjl1hTw1GvQ2tdCbFRENHiuxXOIaBd2_viO3sKnsHI4BWJthZmC2sBxDE8VAsxVvZrpaKDQaY0U8xKDRBBMYXLfYQxwcXYCCQ9E_xNuTKE8DEq8xOP7EGRkIKg1;js=1;adfxid=1x;802;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.posttoday.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6c351f8b5cd5a563fa276a1b53019b7106cff76a3848fc19afe7c70557fef72c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 21:05:48 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2115
expires
-1
usermatch
ssum-sec.casalemedia.com/ Frame 0BCF
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Requested by
Host: 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
URL: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a71c5d2661067b10e96657767a63593233359e7781808b1ad2306319ebf396d9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|45|241|4|218|195|196
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Tue, 18 Jan 2022 21:05:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:48 GMT
Content-Length
1691
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
364
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Tue, 18 Jan 2022 21:05:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:48 GMT
Connection
keep-alive
truncated
/ Frame 91A6
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa09ce28d84010fe16efdc80d9585cb45345a1cb5f644685b1adb7978594284

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
lg.php
ads3.bangkokpost.co.th/www/delivery/
43 B
474 B
Image
General
Full URL
https://ads3.bangkokpost.co.th/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=3046&loc=https%3A%2F%2Fwww.posttoday.com%2F&cb=93b234476a
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.221 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-221.northern.inet.co.th
Software
nginx/1.10.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 20:56:43 GMT
Server
nginx/1.10.2
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Expires
0
lg.php
ads3.bangkokpost.co.th/www/delivery/
43 B
474 B
Image
General
Full URL
https://ads3.bangkokpost.co.th/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=3049&loc=https%3A%2F%2Fwww.posttoday.com%2F&cb=ebfdee1929
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.37.221 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-37-221.northern.inet.co.th
Software
nginx/1.10.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:48 GMT
Server
nginx/1.10.2
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Expires
0
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 91A6
85 KB
37 KB
Script
General
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0808dc2d2a687e420d40b158c5f88ff5241c36d014c36ee586744cfb9c5ed47e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:48 GMT
content-encoding
gzip
last-modified
Tue, 18 Jan 2022 09:30:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 20 Jan 2022 00:23:53 GMT
container.html
36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EA87
6 KB
3 KB
Document
General
Full URL
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 18 Jan 2022 21:05:47 GMT
expires
Wed, 18 Jan 2023 21:05:47 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
cm.g.doubleclick.net/ Frame 0BCF
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YecrrDauzNAk6TGVDp7kCAAABKIAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 21:05:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 0BCF
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 21:05:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 0BCF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YecrrDauzNAk6TGVDp7kCAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL_Wuz8ClAFiFDL0HkgokBs&google_cver=1&gdpr=1
43 B
1000 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL_Wuz8ClAFiFDL0HkgokBs&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 18 Jan 2022 21:05:48 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jan 2022 21:05:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL_Wuz8ClAFiFDL0HkgokBs&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 0BCF
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YecrrDauzNAk6TGVDp7kCAAABKIAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YecrrDauzNAk6TGVDp7kCAAABKIAAAIB&dcc=t
43 B
645 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YecrrDauzNAk6TGVDp7kCAAABKIAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
GWEQWPZXH7W068MQ0DFW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
B9ZPKC5VPW2GE72552DN
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YecrrDauzNAk6TGVDp7kCAAABKIAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0BCF
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4587394172656973229
43 B
992 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4587394172656973229
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 18 Jan 2022 21:05:48 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4587394172656973229
pragma
no-cache
date
Tue, 18 Jan 2022 21:05:48 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ibs:dpid=23728&dpuuid=YecrrDauzNAk6TGVDp7kCAAA%261186
dpm.demdex.net/ Frame 0BCF
0
0
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YecrrDauzNAk6TGVDp7kCAAA%261186?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.89.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-89-47.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

crum
dsum-sec.casalemedia.com/ Frame 0BCF
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-1e960894-312e-4e64-b61a-03bead310d07
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-1e960894-312e-4e64-b61a-03bead310d07
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 18 Jan 2022 21:05:48 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-1e960894-312e-4e64-b61a-03bead310d07
date
Tue, 18 Jan 2022 21:05:48 GMT
server
Apache-Coyote/1.1
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 0BCF
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 18 Jan 2022 21:05:48 GMT

Redirect headers

date
Tue, 18 Jan 2022 21:05:48 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 0BCF
43 B
424 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YecrrDauzNAk6TGVDp7kCAAABKIAAAIB?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 21:05:48 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=703
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 18 Jan 2022 21:17:31 GMT
/
track.adform.net/csimpr/ Frame 91A6
35 B
502 B
Ping
General
Full URL
https://track.adform.net/csimpr/?bn=52550204&csi=ZMIkxzdTgv4G6vwNu9WM6r6e9s9h5UTYSuJRXiRrDMrZKGWOLEEutt6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 21:05:48 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
45677497.jpg
s1.adform.net/Banners/45677497/ Frame 91A6
111 KB
111 KB
Image
General
Full URL
https://s1.adform.net/Banners/45677497/45677497.jpg?bv=2
Requested by
Host: 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
URL: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
937927d6124a09f1a7656added4230dd9cf88737328a6fae28699885d567180a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:48 GMT
last-modified
Thu, 03 Jun 2021 09:19:20 GMT
server
nginx
etag
"60b89e98-1bbe3"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
113635
adview
securepubads.g.doubleclick.net/pagead/ Frame EA87
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CWwssrCvnYZTuCPXE7_UPlPm2oAyeoaGuXKH56P6fA8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxyAEJ4AIAqAMBqgSMAk_QMvtKAYN5pd9o7vPSSv2R0HIvJqsK_z-z5yyiumEvWOH7GpyXCph4Ne2XjxMb7610ZhnRNuhPhmq1Xfnqyx4P92Gmz-ALcoo2vw9xq3PQZq_7zZRi1mVsPSzsITvBkHMk6-O906TZi9VMp3EUJWIBbclklC0mNHso6vCYxRv1sI_2aiUqktAB3MsjYu6-FlVAO7EqMMSDK3sN0P7aUqIq0SYTimCTmyprDu_eUjmswHJ7xt39YLEv9tOW_qmqFQyVko4oHMI7CupmO6qkwlkJEl-VhxBPlfU8R4NjKc8u1_0ukjUllO6dUJLEIQMRgAvLj-4024tj2gBTbbzGRtLgdZB8IocoZkZKWYDgBAGABpeOwYHg8Zvy6gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tMzk1MDAwMTI0MTEwMjM5NIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi05MDU4MjkxODU0NDQzODgxGLbXaQ&sigh=q8d29qu5Vko&uach_m=[UACH]&cid=CAQSPwCNIrLMGNVwU4hDGXZUTYrBESdd-pQ0clROVUH5gHou1VtnlLPUmPPd_XBPvohl5Pr2bHppWw2X7XAW5XtPCBgB
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

/
track.adform.net/adfscript/ Frame EA87
985 B
1 KB
Script
General
Full URL
https://track.adform.net/adfscript/?bn=46688784;rtbwp=YecrrAAAAABRQYyMcvQN7B5Q0L4ohcogkhq3aQ;rtbdata=JmhGGE0Ooy6TJg4PjleCggplbwBJ9k9VzDccunp2FXNKNEBR4U0FOihw14NzioABx-EfRLwm_sF_d7Xicy9jm-PJDlcHuGxBe9hsTx5gWIxSi6TNO92Jf4LegWiHe9xWbFRENHiuxXNDPVhGiOc9nEkxemj4r4LidAf4LW3atxd5OpygTe6no-EKCLn4n2hzFc-lf_X3KyWF7U-ypQEW5SeheoegvN1zZPSVCRcBPzE1
Requested by
Host: 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
URL: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a77d58bfbdd158e9707d0b942136a011f5c859f4bf4320202fab4187e3ca5222
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 21:05:48 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
830
expires
-1
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame EA87
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
URL: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:04:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 21:04:08 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EA87
121 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
URL: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 18 Jan 2022 21:05:48 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame EA87
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
URL: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 20:59:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
403
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 20:59:05 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame EA87
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
URL: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 08:52:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216773
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 16 Jan 2023 08:52:55 GMT
v1
a2170.casalemedia.com/impression/ Frame EA87
43 B
303 B
Image
General
Full URL
https://a2170.casalemedia.com/impression/v1?bidID=4d469093-c558-456c-a780-0a09fb884084&traceID=c7jinb4vhqeqqg7a82ag&dspID=111&userID=&cmpro=0&ap=YecrrAACNxQIu-J1AA28lNOk6b974y4g1B_2RA
Requested by
Host: 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
URL: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.170.60.201 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:48 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=100
Content-Length
43
Expires
0
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame EA87
33 KB
16 KB
Script
General
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=46688784;rtbwp=YecrrAAAAABRQYyMcvQN7B5Q0L4ohcogkhq3aQ;rtbdata=JmhGGE0Ooy6TJg4PjleCggplbwBJ9k9VzDccunp2FXNKNEBR4U0FOihw14NzioABx-EfRLwm_sF_d7Xicy9jm-PJDlcHuGxBe9hsTx5gWIxSi6TNO92Jf4LegWiHe9xWbFRENHiuxXNDPVhGiOc9nEkxemj4r4LidAf4LW3atxd5OpygTe6no-EKCLn4n2hzFc-lf_X3KyWF7U-ypQEW5SeheoegvN1zZPSVCRcBPzE1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0ae298f2509111b6eff0a258cb53fafcd63adbacfef38e453f46d7ff50edc24e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:48 GMT
content-encoding
gzip
last-modified
Tue, 18 Jan 2022 09:30:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 20 Jan 2022 00:23:53 GMT
/
track.adform.net/adfserve/ Frame EA87
4 KB
2 KB
Script
General
Full URL
https://track.adform.net/adfserve/?bn=46688784;rtbwp=YecrrAAAAABRQYyMcvQN7B5Q0L4ohcogkhq3aQ;rtbdata=JmhGGE0Ooy6TJg4PjleCggplbwBJ9k9VzDccunp2FXNKNEBR4U0FOihw14NzioABx-EfRLwm_sF_d7Xicy9jm-PJDlcHuGxBe9hsTx5gWIxSi6TNO92Jf4LegWiHe9xWbFRENHiuxXNDPVhGiOc9nEkxemj4r4LidAf4LW3atxd5OpygTe6no-EKCLn4n2hzFc-lf_X3KyWF7U-ypQEW5SeheoegvN1zZPSVCRcBPzE1;js=1;adfxid=2x;1847;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.posttoday.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6bd0e53aac407c10a77677e80a7d7ae04720dc3893cdf6676791a1817c2bb179
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 21:05:48 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2094
expires
-1
usermatch
ssum-sec.casalemedia.com/ Frame EEA4
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Requested by
Host: 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
URL: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b2c6b887bc0a62c9d7c18a8c44b4888f31a896e29bad54c722338529c1194b66

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|206|88|40|241|81|190
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Tue, 18 Jan 2022 21:05:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:48 GMT
Content-Length
1724
Connection
keep-alive
placementbid.json
an.facebook.com/v2/
0
0

prebid
ib.adnxs.com/ut/v3/
21 KB
7 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
7e01190ab4196a6f99b457959c6c7a6c0517d0bb12a8de5ae1066b7588c15443
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.posttoday.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 18 Jan 2022 21:05:48 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
981f91cb-c8b7-4ff8-8e43-3ccf8d49f661
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.posttoday.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame EA87
85 KB
37 KB
Script
General
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0808dc2d2a687e420d40b158c5f88ff5241c36d014c36ee586744cfb9c5ed47e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:48 GMT
content-encoding
gzip
last-modified
Tue, 18 Jan 2022 09:30:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 20 Jan 2022 00:23:53 GMT
getuid
secure.adnxs.com/ Frame EEA4
0
0
Image
General
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

YecrrDauzNAk6TGVDp7kCAAABKIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame EEA4
43 B
872 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YecrrDauzNAk6TGVDp7kCAAABKIAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:7ea4:f1cc:2176:cd9d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sync
ups.analytics.yahoo.com/ups/55940/ Frame EEA4
0
124 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YecrrDauzNAk6TGVDp7kCAAABKIAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:48 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame EEA4
0
0

dcm
s.amazon-adsystem.com/ Frame EEA4
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YecrrDauzNAk6TGVDp7kCAAABKIAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YecrrDauzNAk6TGVDp7kCAAABKIAAAIB&dcc=t
43 B
645 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YecrrDauzNAk6TGVDp7kCAAABKIAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
V89TGETMEWC2WD86W6A1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
S57VSRCG1Q5TRSZM6M7B
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YecrrDauzNAk6TGVDp7kCAAABKIAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame EEA4
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=mbo_kp3pO8aC6jucmu13kJizO8eCs2_DzbMZi7M2
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=mbo_kp3pO8aC6jucmu13kJizO8eCs2_DzbMZi7M2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 18 Jan 2022 21:05:48 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jan 2022 21:05:48 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=mbo_kp3pO8aC6jucmu13kJizO8eCs2_DzbMZi7M2
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
getuid
ib.adnxs.com/ Frame EEA4
0
0
Image
General
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

htw-pixel.gif
js-sec.indexww.com/ht/ Frame EEA4
43 B
424 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YecrrDauzNAk6TGVDp7kCAAABKIAAAIB?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 21:05:48 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=703
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 18 Jan 2022 21:17:31 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame F521
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B
Document
General
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.237.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-237-203.compute-1.amazonaws.com
Software
/
Resource Hash
43b601d2ebea5a69a4cceeef8ddb1f5d0125104d4d6fad0a67f7f2feeaf96ded

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Tue, 18 Jan 2022 21:05:49 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Tue, 18 Jan 2022 21:05:49 GMT
pragma
no-cache

Redirect headers

date
Tue, 18 Jan 2022 21:05:48 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
truncated
/ Frame EA87
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b82c1e0fe152ac3905e337f6f07b0687976dd355ec45947d860c658c98fd7ef9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
/
track.adform.net/csimpr/ Frame EA87
35 B
502 B
Ping
General
Full URL
https://track.adform.net/csimpr/?bn=46688784&csi=OPM-12t_CLm8ZqaXDGNvlBmD2BLkvxa5KlSJg7tudinZKGWOLEEutt6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 21:05:48 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
50911081.jpg
s1.adform.net/Banners/50911081/ Frame EA87
56 KB
56 KB
Image
General
Full URL
https://s1.adform.net/Banners/50911081/50911081.jpg?bv=1
Requested by
Host: 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
URL: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
78410e5eb70b4e9990d945c187a14f72c3e120095cd6a98854686954c358ac73
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:48 GMT
last-modified
Mon, 17 Jan 2022 15:42:50 GMT
server
nginx
etag
"61e58e7a-df0c"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
57100
container.html
36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4DAF
6 KB
3 KB
Document
General
Full URL
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 18 Jan 2022 21:05:47 GMT
expires
Wed, 18 Jan 2023 21:05:47 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 4DAF
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C5LTarCvnYYGXE6iF9u8PkeCHyASeoaGuXKH56P6fA8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxyAEJ4AIAqAMBqgSYAk_QpTfbe93wUvpyr_S96MLvIMQ1rtNdADueaVTVtXY7xkLU-2DA-77E1BWRpB-SRTP9_BisHRWsyGp6FCrh3ugY0I_xsMHwC7b0PgbhIpxRRMJH00vYc1CiQfPls9zJydTzS5FWkE8hvOpo7LZvmTFpfoh-ZnYzFVt53XupuHpQaf6NEVKrFmCBFDDInRNuBoH3wsoUrZXacyy4wJJgdpLEpAZxORmKG-F4Og9X-GOH56VN145akTQ8xKNyezSFFRKoTlkv1xulc2NPVEZKrw11vbGjHJg2L2m3tBNWudA6KxQKgFv_cxxl8CJxDgQevMJRG38aPqnn7Wad0KTQ0rCsAxyNvDJ97dshlonamUlcQZOgdly8vdPgBAGABtTgktrBt5O_nQGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tMzk1MDAwMTI0MTEwMjM5NIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi05MDU4MjkxODU0NDQzODgxGLbXaQ&sigh=CkdPnozfD-o&uach_m=[UACH]&cid=CAQSPwCNIrLMIVIZbKl5v7bCK-Xk22dav1YYOY3mfICxqJjuc05Xmv3ccQEMiydJECe-jUWLzblbeX4qsm1m80CDQRgB
Requested by
Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

/
track.adform.net/adfscript/ Frame 4DAF
985 B
1 KB
Script
General
Full URL
https://track.adform.net/adfscript/?bn=46688786;rtbwp=YecrrAAAAABQ1OO-EDPOXr-sGE0bD8ttlHsKUw;rtbdata=CNGpXbKEHMnk667M5b9cwJu9rMFJZ4UQR0Scl7XTCnt3ySC4Im4Y3xtBo-ADrQU0x-EfRLwm_sF_d7Xicy9jm-PJDlcHuGxBe9hsTx5gWIyzpDgWf2JNXIIGNGbdBCMPbFRENHiuxXPXPcL1fSee_Ekxemj4r4LigpXK7F7uviV5OpygTe6no-EKCLn4n2hzFc-lf_X3KyWF7U-ypQEW5SeheoegvN1zZPSVCRcBPzE1
Requested by
Host: 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
URL: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d141c7633e814d949724827dc300d3b44f69f953edb58cda1b5007aab9c0ccf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 21:05:48 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
836
expires
-1
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 4DAF
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
URL: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:04:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 21:04:08 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4DAF
121 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
URL: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 18 Jan 2022 21:05:48 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 4DAF
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
URL: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 20:59:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
403
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 20:59:05 GMT
l
www.google.com/ads/measurement/ Frame 4DAF
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRs3KPGqRP9DEHIvDTktS4kZtn6PoLuzqBHSwdHhcyjTjbiO-xZMQtCgP6gkxjN4fJkVggy_Sn7GriYBveyYD6sc5_J-g
Requested by
Host: 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
URL: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4DAF
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
URL: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 08:52:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216773
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 16 Jan 2023 08:52:55 GMT
v1
a4496.casalemedia.com/impression/ Frame 4DAF
43 B
303 B
Image
General
Full URL
https://a4496.casalemedia.com/impression/v1?bidID=b5c64708-44cc-4945-8b26-7d3647549ef3&traceID=c7jinb0u0igvr4kg6l20&dspID=111&userID=&cmpro=0&ap=YecrrAAEy4EH_YKoAAHwEWNWiw_ZeTECUbwW6A
Requested by
Host: 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
URL: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.170.63.88 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:48 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=100
Content-Length
43
Expires
0
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 4DAF
33 KB
16 KB
Script
General
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=46688786;rtbwp=YecrrAAAAABQ1OO-EDPOXr-sGE0bD8ttlHsKUw;rtbdata=CNGpXbKEHMnk667M5b9cwJu9rMFJZ4UQR0Scl7XTCnt3ySC4Im4Y3xtBo-ADrQU0x-EfRLwm_sF_d7Xicy9jm-PJDlcHuGxBe9hsTx5gWIyzpDgWf2JNXIIGNGbdBCMPbFRENHiuxXPXPcL1fSee_Ekxemj4r4LigpXK7F7uviV5OpygTe6no-EKCLn4n2hzFc-lf_X3KyWF7U-ypQEW5SeheoegvN1zZPSVCRcBPzE1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0ae298f2509111b6eff0a258cb53fafcd63adbacfef38e453f46d7ff50edc24e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:48 GMT
content-encoding
gzip
last-modified
Tue, 18 Jan 2022 09:30:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 20 Jan 2022 00:23:53 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9EEE
42 B
497 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvT872UY7swA-9ofCN2VprURqCozySJL0mBq-ItEg99wotb0KJ9wLmMKeMRmUVc4dckHBHIMO_ee2g8gbiXvx0KNVMWy4Clr0vy16gfv-U3ths1Mcv5&sig=Cg0ArKJSzIsZn1r1oaWtEAE&id=lidar2&mcvt=1000&p=140,200,390,1400&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220112&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2605546845&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642539947632&rpt=221&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.posttoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 21:05:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/adfserve/ Frame 4DAF
4 KB
2 KB
Script
General
Full URL
https://track.adform.net/adfserve/?bn=46688786;rtbwp=YecrrAAAAABQ1OO-EDPOXr-sGE0bD8ttlHsKUw;rtbdata=CNGpXbKEHMnk667M5b9cwJu9rMFJZ4UQR0Scl7XTCnt3ySC4Im4Y3xtBo-ADrQU0x-EfRLwm_sF_d7Xicy9jm-PJDlcHuGxBe9hsTx5gWIyzpDgWf2JNXIIGNGbdBCMPbFRENHiuxXPXPcL1fSee_Ekxemj4r4LigpXK7F7uviV5OpygTe6no-EKCLn4n2hzFc-lf_X3KyWF7U-ypQEW5SeheoegvN1zZPSVCRcBPzE1;js=1;adfxid=3x;1484;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.posttoday.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4efbf9a1c9048a2c0582bd04e04aff9160f5150af810909a43ac1b0e8369a391
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 21:05:48 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2109
expires
-1
usermatch
ssum-sec.casalemedia.com/ Frame FA87
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Requested by
Host: 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
URL: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4f2de5403c9f97ef4f22ff1ab7a0dcc34a6a19d8326c300b976fc7091a723c6e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|88|3|221|65|39|156
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Tue, 18 Jan 2022 21:05:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:48 GMT
Content-Length
1673
Connection
keep-alive
YecrrDauzNAk6TGVDp7kCAAABKIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame FA87
43 B
874 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YecrrDauzNAk6TGVDp7kCAAABKIAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:7ea4:f1cc:2176:cd9d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
getuid
secure.adnxs.com/ Frame FA87
0
0
Image
General
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame FA87
0
0

crum
dsum-sec.casalemedia.com/ Frame FA87
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=19d261e7-2bac-4500-97fe-4eabb68131f6&gdpr=1&gdpr_consent=
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=19d261e7-2bac-4500-97fe-4eabb68131f6&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:49 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 18 Jan 2022 21:05:49 GMT

Redirect headers

Date
Tue, 18 Jan 2022 21:05:48 GMT
Server
MT3 4133 baa842e master cdg-pixel-x28 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=19d261e7-2bac-4500-97fe-4eabb68131f6&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 18 Jan 2022 21:05:47 GMT
tpid=YecrrDauzNAk6TGVDp7kCAAA%261186
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame FA87
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YecrrDauzNAk6TGVDp7kCAAA%261186?gdpr_consent=&us_privacy=&gdpr=1
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YecrrDauzNAk6TGVDp7kCAAA%261186?gdpr_consent=&us_privacy=&gdpr=1
49 B
265 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YecrrDauzNAk6TGVDp7kCAAA%261186?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol
H2
Server
52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 21:05:49 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.13.203
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 18 Jan 2022 21:05:49 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YecrrDauzNAk6TGVDp7kCAAA%261186?gdpr_consent=&us_privacy=&gdpr=1
cache-control
no-cache
x-server
10.45.1.63
content-length
0
expires
0
rum
dsum.casalemedia.com/ Frame FA87
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1642626348&gdpr=1
43 B
315 B
Image
General
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1642626348&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:49 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 18 Jan 2022 21:05:49 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1642626348&gdpr=1
pragma
no-cache
date
Tue, 18 Jan 2022 21:05:48 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
casale
match.adsrvr.org/track/cmf/ Frame FA87
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 21:05:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cookiesync
bttrack.com/pixel/ Frame FA87
35 B
380 B
Image
General
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-ServerName
Track003-dc3
Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:49 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
htw-pixel.gif
js-sec.indexww.com/ht/ Frame FA87
43 B
424 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YecrrDauzNAk6TGVDp7kCAAABKIAAAIB?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 21:05:48 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=703
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 18 Jan 2022 21:17:31 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 4DAF
85 KB
37 KB
Script
General
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0808dc2d2a687e420d40b158c5f88ff5241c36d014c36ee586744cfb9c5ed47e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:48 GMT
content-encoding
gzip
last-modified
Tue, 18 Jan 2022 09:30:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 20 Jan 2022 00:23:53 GMT
truncated
/ Frame 4DAF
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4bce6f83156f4ce37fda3747516f403a5366aea995f9fb6c108669dd1ae519a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
/
track.adform.net/csimpr/ Frame 4DAF
35 B
502 B
Ping
General
Full URL
https://track.adform.net/csimpr/?bn=46688786&csi=RzsYUG6wDcMzHNNntGC_UqHJs5h3GjanKlSJg7tudinZKGWOLEEutt6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 21:05:49 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
50911082.jpg
s1.adform.net/Banners/50911082/ Frame 4DAF
134 KB
134 KB
Image
General
Full URL
https://s1.adform.net/Banners/50911082/50911082.jpg?bv=1
Requested by
Host: 36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
URL: https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
865117fac8df4908c1aab26e21e0d6fe0b1f5a660ed3e3ca3c79399816c76496
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 21:05:48 GMT
last-modified
Mon, 17 Jan 2022 15:43:58 GMT
server
nginx
etag
"61e58ebe-21769"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
137065
crum
dsum-sec.casalemedia.com/ Frame F521
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=93e2719f-a3a6-4dc0-9838-166bb9767164&expiration=1650315949
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 21:05:49 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 18 Jan 2022 21:05:49 GMT
/
track.adform.net/serving/unload/ Frame 91A6
35 B
502 B
Ping
General
Full URL
https://track.adform.net/serving/unload/?version=15&unload=0@@52550204,4371663754565992485,0|0|0|0|0|0|0|0|0||0|1|1538|86c7f587-13d9-4b4b-9b63-86e559c30b84_1|||1|0|0|qr6k3o8tYPvi5nP9TebYOumn3tQYot-A0|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 21:05:53 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame EA87
35 B
493 B
Ping
General
Full URL
https://track.adform.net/serving/unload/?version=15&unload=0@@46688784,2198923456791214980,0|0|0|0|0|0|0|0|0||0|1|1538|75140b04-5b70-4852-895c-72b26e3ae301_1|||1|0|0|pSWgDinGSOri5nP9TebYOumn3tQYot-A0|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 21:05:53 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 4DAF
35 B
502 B
Ping
General
Full URL
https://track.adform.net/serving/unload/?version=15&unload=0@@46688786,8109340894132735590,0|0|0|0|0|0|0|0|0||0|1|1538|2aa364c1-9e96-47fd-a5b0-6d9c5240a230_1|||1|0|0|zlHfzOYGBmPi5nP9TebYOumn3tQYot-A0|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 21:05:54 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
an.facebook.com
URL
https://an.facebook.com/v2/placementbid.json?placementids[]=791835647872509_791842231205184&placementids[]=791835647872509_1115550792167658&placementids[]=791835647872509_1115549222167815&adformats[]=300x250&adformats[]=300x250&adformats[]=300x250&testmode=false&pageurl=&sdk[]=5.5.web&sdk[]=5.5.web&sdk[]=5.5.web&pbv=1.10.0
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1

Verdicts & Comments Add Verdict or Comment

168 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| googletag object| sas object| adloox_pubint function| startAnymindTS object| anymindTS object| dataLayer string| base_url_asset string| g_theme_color string| content_id object| ptConfig number| _pt_lt object| _pt_sp_2 number| edc7uo string| __ptengine number| _pt_hb_interval boolean| giraffDebugInit object| giraff function| grf_change_article function| grf_run_widget object| AdSlotCollection object| WebComponents function| __CE_installPolyfill object| ShadyCSS object| regeneratorRuntime function| cbGeo368035580 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| fbq function| _fbq object| script function| $ function| jQuery object| lazySizes object| bootstrap object| ggeac object| google_js_reporting_queue object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules string| __INSIDER_SCRIPT_VERSION_posttoday__ object| g_gdpr object| g_homepagelanding object| g_maintenance object| g_survey object| g_event object| g_father_day object| g_bajrakitiyabha object| g_sirivannavari object| g_dipangkorn object| g_queen_rama_10 function| isEmail function| escape_html function| imgError function| popitup function| share_social function| dateDiffInDays function| shuffle function| supportsWebp function| parseUri function| getTruehitsName function| decode function| set_active_menu function| add_param_to_url function| is_found_str_meta_keyword function| getCxenseExcludeArticleID function| _getDataCID string| __th_page object| lazySizesConfig string| url_get string| output_recommended undefined| _grf_7251104720915977 undefined| VK undefined| ODKL function| pm function| sQuery object| spApi object| Insider undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| gaplugins object| gaData boolean| insiderOptInOverlayIsActive string| insiderOptInOverlayMessage boolean| insiderOptInInstructionMessageIsActive string| insiderOptInInstructionImage string| insiderOptInInstructionMessage object| google_optimize number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| resultUnits object| adUnits object| dataAds string| device object| slot object| pbjs string| page string| sub_page string| _device function| reloadAds function| getsize function| buildAds function| fillElementWithAd function| initAdserver function| zone_Adve object| adz function| genAds string| hash string| turlnameindex string| _hsv string| _ht string| _ctg string| _hc string| truehitsurl number| VisitorT number| onSeconds string| p_cookie function| getLogonTime function| getLogoffTime function| path_cookie function| logon_getcookie function| Tracker function| _rdId function| _toHex function| _gsc function| _Flv function| _Hash function| _ref function| collector function| th_ajax_tracker function| domain_cmp number| __thflag string| udf string| arg string| _narg string| rf string| truehitsurl_top undefined| _norec string| th_rand object| truehits_div undefined| th_img undefined| th_link function| lead function| pbjsChunk object| org function| getQueryParamValue function| FlashObject function| SWFObject object| reviveAsync object| ampInaboxIframes object| ampInaboxPendingMessages object| OA_output

53 Cookies

Domain/Path Name / Value
.posttoday.com/ Name: pt_37jtdo74
Value: uid=7/Z/pz0frDO-kvrAR-fJJQ&nid=1&vid=1TPf1ZJid6sMXxUKD9W3IA&vn=1&pvn=1&sact=1642539946632&to_flag=0&pl=dOhQAhMg2VPLKlJNP0SUdw*pt*1642539946632
.posttoday.com/ Name: pt_s_37jtdo74
Value: vt=1642539946632&cad=
www.posttoday.com/ Name: _grf_vis
Value: 1
.posttoday.com/ Name: _fbp
Value: fb.1.1642539946986.1380906760
.vk.com/ Name: remixlang
Value: 6
.posttoday.com/ Name: _ga
Value: GA1.2.1568850163.1642539947
.posttoday.com/ Name: _gid
Value: GA1.2.1396206693.1642539947
.th.giraff.io/ Name: gid
Value: rBYQBWHnK6tZ2jXeA9rvAg==
.posttoday.api.useinsider.com/ Name: insdrPushCookieStatus
Value: true
www.posttoday.com/ Name: _grf_uid
Value: 14150766
www.posttoday.com/ Name: _grf_cm
Value: 1
.posttoday.com/ Name: _hjSessionUser_596629
Value: eyJpZCI6IjY1ZTUwYWUwLTYzMGQtNTA4Yy04MmUxLWRmMTNmODgxYzg4YSIsImNyZWF0ZWQiOjE2NDI1Mzk5NDY5NjMsImV4aXN0aW5nIjpmYWxzZX0=
.posttoday.com/ Name: _hjFirstSeen
Value: 1
www.posttoday.com/ Name: _hjIncludedInSessionSample
Value: 1
.posttoday.com/ Name: _hjSession_596629
Value: eyJpZCI6IjYxNmVlYjM3LTlkZGYtNGY5YS04YzRmLWFmNjVlMDY0Zjk4OCIsImNyZWF0ZWQiOjE2NDI1Mzk5NDc0NTAsImluU2FtcGxlIjp0cnVlfQ==
www.posttoday.com/ Name: _hjIncludedInPageviewSample
Value: 1
.posttoday.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.posttoday.com/ Name: _gat_UA-8091193-2
Value: 1
.posttoday.api.useinsider.com/ Name: push-request-sent
Value: true
.posttoday.api.useinsider.com/ Name: native-permission-impression
Value: true
.uuidksinc.net/ Name: jcsuuid
Value: X7Gg9kIRIwOBUpwODAm3
.truehits.in.th/ Name: ck3rdparty
Value: 1
.posttoday.com/ Name: _cbclose
Value: 1
.posttoday.com/ Name: _cbclose3975
Value: 1
.posttoday.com/ Name: _uid3975
Value: A8816D63.1
.posttoday.com/ Name: _ctout3975
Value: 1
www.posttoday.com/ Name: verify
Value: test
.doubleclick.net/ Name: IDE
Value: AHWqTUmygi-QfQrb0fmjztFD4SkyWbexoulAvW3j70M6iegK8bFIO8SJWkkXZuGVKZI
rtb.com.ru/ Name: as-user
Value: 61e72baba62fbd6799122777
.truehits.in.th/ Name: truehitsid
Value: wOmHjr9O
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
prodmp.ru/ Name: rai
Value: d24093632c56c3b4cf11ffc0a798a697
.posttoday.com/ Name: ka_iid
Value: TQwQegKNsJ9buxanseGSs5
.posttoday.com/ Name: ka_sid
Value: fcPPsK8UuHQa1S7TJqRgs
.casalemedia.com/ Name: CMID
Value: YecrrDauzNAk6TGVDp7kCAAA
.casalemedia.com/ Name: CMPS
Value: 3270
.casalemedia.com/ Name: CMPRO
Value: 1186
.aidata.io/ Name: __upin
Value: LqYQNONA6xGoWLqnH/SYsQ
.aidata.io/ Name: __upints
Value: 1642539948
.turn.com/ Name: uid
Value: 4587394172656973229
.quantserve.com/ Name: d
Value: EEMBDQGdJbjvsQA
.quantserve.com/ Name: mc
Value: 61e72bac-aa95f-578ab-85fb8
.adnxs.com/ Name: icu
Value: ChgIrcRHEAoYASABKAEwrNecjwY4AUABSAEQrNecjwYYAA..
.adnxs.com/ Name: uuid2
Value: 3749146220578690726
.dmg.digitaltarget.ru/ Name: viuserid
Value: l8Cd5QnPEzxPiBv7r9rJ
.eqads.com/ Name: EQUser
Value: UID=93e2719f-a3a6-4dc0-9838-166bb9767164
.yahoo.com/ Name: A3
Value: d=AQABBKwr52ECEHHxGsUgScSy-2vOdV-aTl0FEgEBAQF96GHxYQAAAAAA_SMAAA&S=AQAAAinPcPk09XQJzDFUxKwkS3c
.mathtag.com/ Name: uuid
Value: 19d261e7-2bac-4500-97fe-4eabb68131f6
.1dmp.io/ Name: uid
Value: 69656311-78a2-11ec-acfd-901b0e8b2a6e
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.posttoday.com/ Name: __gads
Value: ID=7c20c397e0e65fc6-2285699422cd0058:T=1642539947:S=ALNI_MZ0d74b0F_1i3N4fYJhNi8FVjc2pg
.casalemedia.com/ Name: CMRUM3
Value: 2d61e72bac2760CAESEL_Wuz8ClAFiFDL0HkgokBs&c361e72bac2760av-1e960894-312e-4e64-b61a-03bead310d07&4161e72bac05a0&2761e72bac0b40&0361e72bac276019d261e7-2bac-4500-97fe-4eabb68131f6&2e61e72bac05a0&0461e72bac05a0&5161e72bac2760mbo_kp3pO8aC6jucmu13kJizO8eCs2_DzbMZi7M2&da61e72bac2760&f161e72bac05a0&9c61e72bac05a00&dd61e72bac2760&c461e72bac05a0&5861e72bac05a0&e661e72bac2760&4961e72bac05a0&2861e72bad276093e2719f-a3a6-4dc0-9838-166bb9767164
.casalemedia.com/ Name: CMST
Value: YecrrGHnK60A

8 Console Messages

Source Level URL
Text
network error URL: https://static.posttoday.com/v5/assets/images/bg-wuhan.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://static.posttoday.com/v5/assets/images/icon-confirmed.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://www.posttoday.com/
Message:
Access to XMLHttpRequest at 'https://an.facebook.com/v2/placementbid.json?placementids[]=791835647872509_791842231205184&placementids[]=791835647872509_1115550792167658&placementids[]=791835647872509_1115549222167815&adformats[]=300x250&adformats[]=300x250&adformats[]=300x250&testmode=false&pageurl=&sdk[]=5.5.web&sdk[]=5.5.web&sdk[]=5.5.web&pbv=1.10.0' from origin 'https://www.posttoday.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://an.facebook.com/v2/placementbid.json?placementids[]=791835647872509_791842231205184&placementids[]=791835647872509_1115550792167658&placementids[]=791835647872509_1115549222167815&adformats[]=300x250&adformats[]=300x250&adformats[]=300x250&testmode=false&pageurl=&sdk[]=5.5.web&sdk[]=5.5.web&sdk[]=5.5.web&pbv=1.10.0
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://adx.com.ru/adspend-sync?uid=61e72baba62fbd6799122777&r=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2FcLXqJAsreRGVxArzn6LayQ%3Fsign%3D2547136621%26location%3Dhttps%253A%252F%252Fmc.yandex.ru%252Fwatch%252F65195605
Message:
Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

36f66aea7ed444e82e302ecd9211b5af.safeframe.googlesyndication.com
a.giraff.io
a2170.casalemedia.com
a4496.casalemedia.com
a4525.casalemedia.com
ad.turn.com
ads3.bangkokpost.co.th
adservice.google.com
adservice.google.de
adx.com.ru
an.facebook.com
anymind360.com
assets.api.useinsider.com
bcp.crwdcntrl.net
bttrack.com
casale-match.dotomi.com
cdn.thelead.tech
cm.g.doubleclick.net
cm.p.altergeo.ru
code.th.giraff.io
collect.ptengine.jp
connect.facebook.net
connect.ok.ru
connect.thelead.tech
counter.yadro.ru
data.th.giraff.io
dmg.digitaltarget.ru
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eitri.api.useinsider.com
get.optad360.io
graph.facebook.com
gu.dyntrk.com
hit.api.useinsider.com
ib.adnxs.com
in.hotjar.com
js-sec.indexww.com
js.ptengine.com
location.api.useinsider.com
log.api.useinsider.com
lvs.truehits.in.th
match.adsrvr.org
nep.advangelists.com
pagead2.googlesyndication.com
pixel.quantserve.com
posttoday.api.useinsider.com
posttoday.com
pr-bh.ybp.yahoo.com
prodmp.ru
rtb.com.ru
s.amazon-adsystem.com
s.uuidksinc.net
s1.adform.net
script.hotjar.com
secure.adnxs.com
securepubads.g.doubleclick.net
segment.api.useinsider.com
ssp.adriver.ru
ssum-sec.casalemedia.com
stat.media
static.hotjar.com
static.posttoday.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1dmp.io
sync.mathtag.com
tpc.googlesyndication.com
track.adform.net
um2.eqads.com
ups.analytics.yahoo.com
vars.hotjar.com
vk.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.posttoday.com
www.settrade.com
x01.aidata.io
an.facebook.com
sync-tm.everesttech.net
118.67.80.103
136.243.148.229
138.201.139.144
142.250.185.162
142.250.186.130
18.156.0.31
18.66.139.117
18.66.97.37
185.15.175.131
185.162.95.70
185.170.60.201
185.170.63.117
185.170.63.88
185.29.134.248
185.33.220.242
185.33.220.243
188.34.131.130
192.132.33.46
193.106.95.134
195.161.16.148
2.18.234.21
2001:41d0:404:200::32ab
2001:678:cb4:bbbb::11
2001:c00:4618:2006::1122
202.183.165.228
203.151.144.214
203.154.37.199
203.154.37.221
217.20.155.208
2600:9000:225e:ba00:11:a4de:2580:93a1
2600:9000:236e:9600:14:3d35:8f40:93a1
2606:4700:10::6816:4f7b
2606:4700::6811:a772
2606:4700::6811:aa72
2620:116:800d:21:ee05:6a01:4b41:8c89
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2002
2a00:1450:400c:c06::9c
2a02:fa8:8806:20::2010
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f02d:110:face:b00c:0:2
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42::645
2a05:d018:d29:3605:7ea4:f1cc:2176:cd9d
31.220.27.134
34.243.89.47
35.71.131.137
37.157.4.23
37.157.6.236
43.134.100.94
45.60.46.141
51.178.20.140
52.0.35.69
52.17.84.146
52.209.125.250
52.222.236.122
52.45.237.203
52.46.130.91
81.222.128.216
83.222.114.190
87.240.190.78
88.212.201.204
89.108.120.76
009ab3d50ca3651a5697f8ef010fd782f6c0c32beeef7c16ae2f91e62d9617bf
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
03324c95042788335fe86882b86fba7d9dbdc2fd75b3cd18375245955ea419e1
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
04b86d6052c47bd4cde8c28ed7169f48081aef36b074fa9e1962665a661c1316
0686c2e0b058140463ba24aac3cbdb9c8c8b6daba8a56a770f282f37008ca0b9
075e148cb8acb1b10069f3e3969b55163d5f893ace17b9e26ff7f4b8c9ce2e71
080836cfc3944eba3c36519331fe51e2268b4e087ccb372d7b60621a5f1a680f
0808dc2d2a687e420d40b158c5f88ff5241c36d014c36ee586744cfb9c5ed47e
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0aac6b47b00a31d9f1bd99ec52be5cf72ce126e1f8cf0d9af67153be9ddab583
0ae298f2509111b6eff0a258cb53fafcd63adbacfef38e453f46d7ff50edc24e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c70dea7f7ae178cc658f383f959806d1c2476ffaaadc90e591a5a542746e306
0fc0a22e5e67c95d02c389a1454acc67df53e2f6a46af739f3eac7e352644751
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
124eb255d92ac5357ff4362e843affd06dc1fbebbb4d48346eb909158ba4807b
13ace358b54fba8a340692970cd0b9b7218bae1c2cb543fb44397d857d710268
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17f734d31d3067dc6504e116c3c54906de7a2df387a4ff7f5a5b979228f451fb
1c2beae6b782df3108556bce9ea486d9199d2ba8a2030b793157671251db626a
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
2048205493b3f66f2dbf9e268d9a3e1a0df6b676d87faff7a297470cde4ee77f
2278cada41d2bcc06dfa905b1e859133291c58dc7fb209a57f9f5d02c11a92e5
22c36221393484dc267d14346481e0780b0dac4fe2e42b64ef12dff2ee3711c2
22ecaa4f37ea3970ea41ffbc7c7a1dc1225e7405e47b6ac1df1cbf7145938214
2885fdd84c44f8a95e9e235fe12a02825f51128378919036587582bcd940ab44
2a082f30e174e99ffe0951438a98b548ae364188f2ffb7f8ba9a454a52fbe8e7
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30886bcaa4bc9292431c9ae196c0b6bbcc4e4311b4839780c91a09c771c76c6e
3ad2c2c669dba9e4621ac7680295690290253db3d7313241ee068e65684fe0b9
3b2c5e3232f48afaf0db3f38d6152d4d88eac8801a1b38b3e14188b754691065
3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
3f50f6c1f9d758df436c783d2722089144a04f12c42db8f1829b90263fa625de
41a7355e848938453b05976c539fcd8da0b14a8d400c6715229ce13b34fb1f1b
4247a06a2db9b19dc18c180de3b04c5bb958f333a26761167047f8929cda047c
42b5010dcaaaf65c2ca80aede609da2262cd096962f4e2b07da44172a7849be6
43b601d2ebea5a69a4cceeef8ddb1f5d0125104d4d6fad0a67f7f2feeaf96ded
43f5160aa6bddeb7253e113f6f5a2e1ac41ed489f078374e63e55e95a2516368
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
45e7f24007b553b7cc21e8fe4c59f7d9c3e56b98c18362ef8d4007dbd3bb3a71
47dcdec72c2fe531bdabec9646df1bc91bae6e36d1e096e2708cd3294d2a5a96
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a
4bce6f83156f4ce37fda3747516f403a5366aea995f9fb6c108669dd1ae519a7
4d60047d766f93cf65c5a7d2128fcaa3b8a004476822b221eaea253754087e00
4dcc65c74addb6600f8f6dc79258391f1232120e03e973b400fad09bab3c5228
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4efbf9a1c9048a2c0582bd04e04aff9160f5150af810909a43ac1b0e8369a391
4f2de5403c9f97ef4f22ff1ab7a0dcc34a6a19d8326c300b976fc7091a723c6e
4f3dce90491e78a544fb576daf0acf72adb27d7b499e80d3c0436469211fc14e
5061a48f48001768acf5e74d06a12779d4dcd1bc40e356729c8f531d751d8fa7
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
59e2112dc4823be587500d697b9a932b0276b440a124606c49db297ca0a6ec5e
5e3bd4a5471e9cfb88d2638ad0631a774b09937fe39a3e9090082758a1f1ed29
60b6eb76373a046ff8b7532d41ca8582ca523461647dcf4ab57789ae2266b939
62ca4c943f94da8f33430b114464dcb8b4eb167c1c16c226036fdc8b89946de1
69a22727b4179b24b8061b144beb1975a5860f8fed8000080228707674a14ecb
6a40a1e04e084b581cd3f4049a011cbad11c6f4d50057fc4b3f8eaa84ddea1be
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bd0e53aac407c10a77677e80a7d7ae04720dc3893cdf6676791a1817c2bb179
6c351f8b5cd5a563fa276a1b53019b7106cff76a3848fc19afe7c70557fef72c
6dbe21e988ef4bde9e42b6733d1b28475308c5394eaeb0d19ea3d60f865a54dd
6fa6980399324673ac53f46837c50b75d0a40fe4f4776f2e6c3839db17de198c
6fd3e1b4fcf15dea30fbf3ae4de901e3d48bca5c4ff78cce29b2440c198c8e2c
722e750231d59aad95a9ba4bbaebc2729d1ba22595eda94ce9ba3f68f75f4c1c
723c0214c9a27b0800381189e75efa3e84e570de9c61d7da297fde6bbf3fd9fe
743dffe53c5935232766363ab71dc2b8a37fd2a1dc3931f61f4f54c7e478995a
759322b994d2111aee5195cf737fa1b54bb7c2baea27da20eee169b684591c2a
78410e5eb70b4e9990d945c187a14f72c3e120095cd6a98854686954c358ac73
7c08cc740031f36f656ada75e3b55e2ae3a6d425ad8ee6b55b42f47d622d807b
7d421659e5dd95ed52e788b547d0aea16ac0a3206a6a563d5d3d1ea4cd711938
7e01190ab4196a6f99b457959c6c7a6c0517d0bb12a8de5ae1066b7588c15443
7e58212a834825aaa684963bfbb592ac5e3d698c44a0778bbbd101ae40f214db
7efae2eab2d7f14a8938bfc77d598c75534a9a8fdcb60103d5603e12771e68fb
81c51567c8e62fcaee19b8c95a0ce8d206c72e89dfa871134cbef2ed31ee42e4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8557e86b3890a73d9a5e6be2b9600a1062f68bef4ceb087d96c84f9450aab738
865117fac8df4908c1aab26e21e0d6fe0b1f5a660ed3e3ca3c79399816c76496
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
88b64e35a757c98dc1f37c8985aa47ebcc1aa69ef9cb19ae9f71e546dd9e17f9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ed1ba4855d6f4da0ac3a8e36ba72de616f5348eee28229eef311e3ac075436b
8f4d1afe69926429f7b52428ac4df1cf1d174fd32f36de2db11cbcce81e11068
8fcbe0885b3adebbaab7e5b0bf75bd13ccfdf4b08897b3662627a5f510e7d61d
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
937927d6124a09f1a7656added4230dd9cf88737328a6fae28699885d567180a
937cbe2e073226ee72f9e438b21aa436d03dada97616c56c338cce8414a41827
940910ba244bf102e4c493b9bd17a454beb20a2f68d580407f2b681a3881cca4
94473eba041563e17a4b85192267136a1dd31805805a4eb33e092d16b6b13c76
95e00d8064f0834cef0741004185456de02ce684fe46ed29d3c798ac66fc394c
97194010d2e42471b725d5b8a229160262765f434b6a0c82165e3ff35554f1eb
98156b1e259cce75cc79919f806650e15c2e2362f57f929e00dc55290bfefc68
9a6c61699f72d8b1b079967da693a58134229457ac8f32a39ef42bb6da57e1a8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a382852d715c5555d4bc5d3abf5e7d6c21a7a755604e254b129e73c562fbdfe1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a71c5d2661067b10e96657767a63593233359e7781808b1ad2306319ebf396d9
a7241608256d88ffab1bd33bdfbf937910aa6759a1fafff64e551d4f1bda8ecb
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a77d58bfbdd158e9707d0b942136a011f5c859f4bf4320202fab4187e3ca5222
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b29eadf4dd579e67e64030c3bac21a6d40eceb42122c67ea046180627dafc1fd
b2c6b887bc0a62c9d7c18a8c44b4888f31a896e29bad54c722338529c1194b66
b48061e40613cec2153a7188e2f375e2d69961e382d6d971b53b570277ea9080
b82c1e0fe152ac3905e337f6f07b0687976dd355ec45947d860c658c98fd7ef9
b9734112598bbb0fc8b5b453c37c2dbc8c9aa3902e49bccf6b144113478ceeed
b9f895f84701ca7fd9dd678004f9d7be765bb7c7c7b8409ea080f645d581b163
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9cca91b748dc07f8b46d042f9ccc9eeafddbed50db75b45a01ba09f73adc280
ca9aca2116420e96bd190c9c8e464ccbdd4b34f621433179a28193e6cfea1c78
caa09ce28d84010fe16efdc80d9585cb45345a1cb5f644685b1adb7978594284
caeb4225be380b92f1d7511615621c626c73e03eddab9dfe8bc4c613ab9c8af7
caedfb914856a2599d978d3c481f2702a1ef61eebbffc0e7939f0f0f77183e5e
caf6402386047d4b5898d99b30bb020045d28a629e678ec91a5c3799dac7275b
cbb78617d744c8b0d8b87ab234850064deafa51dc5d581918d6b13c86cc4d8bd
d05513e2959ea11614045121e853a8e882695f0eb5d7291155106f7eec6bdf9e
d141c7633e814d949724827dc300d3b44f69f953edb58cda1b5007aab9c0ccf9
d2d5e1fa3a474720086cf538ca07ab1c43b692f3be86f0402becca4c21f89ff2
d366bf0c07f62d65646fb3634fca7387ff49319dafae9c290685570fd445ba61
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843
d6d38f11b1a4207f3e78042eb868b8441aa9dbd2a66704cdf7c890d45c54e379
db6f82179e6c8f725b037652e8158bffa2773d0597fa6d7ce31c60bad26f25ca
dbfb3626a3ecad483b328cf8b3ae41210c7fd27a87655cbb5f8b5195ecb7cc1f
dc12e547af41dc4ef092b0914eda8547959e6ce0300777ddd64b18286cf4ad92
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2175c26f2625ea713115d2d5e8ca79244ee47c86e9dcfec7296490273b6c430
e3a1cc912d130bc0d7b87c6dce344372d5fc0bb63098978a285f462bca413d55
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e438ac631f8be89311c71f2bd535b458310cb08eca53b1a8da45176af9970e03
e6bc0a7e3cf6b1fd55986f9ad51e3fe7dfb22024abb57f44a8bba0a4134d4053
e75f38fb2fa126114608a97476d277c868bd9ed6b8de38ded7b3fd8e4ffe73c3
e869100122e225887e2c7a45b0b95cd3a969b084afa234c09fdce8d6810cc72b
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
e8e3fae3b7c8d4441fed4f4455c9380c03218f82312eeaf4a7bc3ee2b83047da
e9c27b3534eb83406df60105f6fe4c5a2c5912b37c9f947c564612de5801449d
e9fa897c6390967a96c17c67575b425662e0d28528d9f4c70a1aa90ea5c9184c
ea5d0df436659b13843191d1ff57859e2c75117b9332a8afa8e2422001877c99
ebae05c63d00cd09a46fb74fdd63a91785a456f274d530e40db88104d65ffa95
ed343b39aa0f872a793e3b8e4dba08b5dc4349872f180544efe8eb7784c29925
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2523dd4429b266013b3b5d0fc456ea7b64e36ddb67b1cc86dbd74c7e2293881
fa7068b754385abd7b6ab7417cfd1625356653a0b2a939c7aab741a8b3fc659a
fc17851a5cf699fc917a45038a3fce45682726d173580071d64d67d19cc4c85e
fddda23f711f28038cc34b216d5278692a4a93631433d3b90540981d1422e1b9
fffb9e1dd2f4243b5363d2ef1082f5fec14d1fba91bfc396d00c514b9f0a4891