www.posttoday.com Open in urlscan Pro
2001:41d0:404:200::32ab Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://posttoday.com/
Effective URL:
https://www.posttoday.com/
Submission: On January 18 via api (January 18th 2022, 9:05:54 pm UTC) from SG — Scanned from DE

Summary HTTP 208 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 57 IPs in 12 countries across 44 domains to perform 208 HTTP transactions. The main IP is 2001:41d0:404:200::32ab, located in France and belongs to OVH, FR. The main domain is www.posttoday.com. The Cisco Umbrella rank of the primary domain is 228143.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on April 13th 2020. Valid for: 2 years.

This is the only time www.posttoday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2001:c00:4618... 2001:c00:4618:2006::1122	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
4	2001:41d0:404... 2001:41d0:404:200::32ab	16276 (OVH) (OVH)
1	2a04:4e42:200... 2a04:4e42:200::645	54113 (FASTLY) (FASTLY)
58	203.154.37.199 203.154.37.199	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
2	2606:4700:10:... 2606:4700:10::ac43:1ac7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:236... 2600:9000:236e:9600:14:3d35:8f40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:ec00:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
13	203.154.37.221 203.154.37.221	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
19	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	118.67.80.91 118.67.80.91	17941 (BIT-ISLE ...) (BIT-ISLE Equinix Japan Enterprise K.K.)
1	101.32.249.128 101.32.249.128	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	2606:4700::68... 2606:4700::6811:a872	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	202.183.165.226 202.183.165.226	4750 (CSLOXINFO...) (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED)
1	52.222.236.122 52.222.236.122	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f02... 2a03:2880:f02d:110:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	93.186.225.208 93.186.225.208	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1	217.20.147.3 217.20.147.3	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2	45.60.46.141 45.60.46.141	19551 (INCAPSULA) (INCAPSULA)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	203.154.91.10 203.154.91.10	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
1	18.66.139.117 18.66.139.117	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6811:aa72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.161.16.148 195.161.16.148	8342 (RTCOMM-AS) (RTCOMM-AS)
1	18.66.122.82 18.66.122.82	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	83.222.114.188 83.222.114.188	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
1	81.222.128.214 81.222.128.214	20597 (ELTEL-AS) (ELTEL-AS)
1	185.162.95.67 185.162.95.67	41722 (MIRAN-AS ...) (MIRAN-AS Miran DC)
12	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
12	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
1	185.170.61.205 185.170.61.205	27381 (CASALE-MEDIA) (CASALE-MEDIA)
9	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
2 11	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.170.60.167 185.170.60.167	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 2	209.54.177.54 209.54.177.54	16509 (AMAZON-02) (AMAZON-02)
1	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
1 1	52.204.62.148 52.204.62.148	14618 (AMAZON-AES) (AMAZON-AES)
2 2	18.196.197.61 18.196.197.61	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:d29... 2a05:d018:d29:3605:7ea4:f1cc:2176:cd9d	16509 (AMAZON-02) (AMAZON-02)
1	185.33.220.100 185.33.220.100	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	52.30.38.36 52.30.38.36	16509 (AMAZON-02) (AMAZON-02)
1	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	51.178.20.140 51.178.20.140	16276 (OVH) (OVH)
1	169.197.150.8 169.197.150.8	398989 (DEEPINTENT) (DEEPINTENT)
2 3	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.215.102.174 52.215.102.174	16509 (AMAZON-02) (AMAZON-02)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
208	57

2 2001:c00:4618:2006::1122 (Thailand) 2 redirects

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)

posttoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:41d0:404:200::32ab (France)

ASN16276 (OVH, FR)

www.posttoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::645 (United States)

ASN54113 (FASTLY, US)

anymind360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 203.154.37.199 (Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 203-154-37-199.northern.inet.co.th

static.posttoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:1ac7 (United States)

ASN13335 (CLOUDFLARENET, US)

code.th.giraff.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:236e:9600:14:3d35:8f40:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.ptengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:ec00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 203.154.37.221 (Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 203-154-37-221.northern.inet.co.th

ads3.bangkokpost.co.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 118.67.80.91 (Nakano, Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)

collect.ptengine.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 101.32.249.128 (Singapore, Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

data.th.giraff.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:a872 (United States)

ASN13335 (CLOUDFLARENET, US)

posttoday.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eitri.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.183.165.226 (Bangkok, Thailand)

ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH)
PTR: p352-nasbkkST3.C.csloxinfo.net

cdn.thelead.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
connect.thelead.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:110:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.186.225.208 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.20.147.3 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: ip3.147.odnoklassniki.ru

connect.ok.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.60.46.141 (United States)

ASN19551 (INCAPSULA, US)

www.settrade.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 203.154.91.10 (Ban Bang Yang, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 203-154-91-10.inter.net.th

lvs.truehits.in.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-117.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:aa72 (United States)

ASN13335 (CLOUDFLARENET, US)

segment.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
location.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hit.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.161.16.148 (Russian Federation)

ASN8342 (RTCOMM-AS, RU)

a.giraff.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-82.fra60.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 83.222.114.188 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

rtb.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.222.128.214 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad14.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.162.95.67 (Russian Federation)

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: sm-server1-1.smir13.imcmdb.net

stat.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.170.61.205 (Canada)

ASN27381 (CASALE-MEDIA, CA)

a5264.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.170.60.167 (Canada)

ASN27381 (CASALE-MEDIA, CA)

a2136.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.177.54 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.236 (Denmark)

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.204.62.148 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-62-148.compute-1.amazonaws.com

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.197.61 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-197-61.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:7ea4:f1cc:2176:cd9d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.100 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.38.36 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-38-36.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.178.20.140 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.242.53 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.102.174 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.241 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	posttoday.com 2 redirects posttoday.com — Cisco Umbrella Rank: 197619 www.posttoday.com — Cisco Umbrella Rank: 228143 static.posttoday.com — Cisco Umbrella Rank: 424535	3 MB
22	adform.net track.adform.net — Cisco Umbrella Rank: 3933 s1.adform.net — Cisco Umbrella Rank: 7975 c1.adform.net — Cisco Umbrella Rank: 608	356 KB
18	googlesyndication.com 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 124 pagead2.googlesyndication.com — Cisco Umbrella Rank: 100	166 KB
17	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 stats.g.doubleclick.net — Cisco Umbrella Rank: 96 cm.g.doubleclick.net — Cisco Umbrella Rank: 197	196 KB
13	bangkokpost.co.th ads3.bangkokpost.co.th — Cisco Umbrella Rank: 380494	11 KB
11	casalemedia.com 2 redirects a5264.casalemedia.com — Cisco Umbrella Rank: 591178 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 520 a2136.casalemedia.com — Cisco Umbrella Rank: 742842 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590	13 KB
9	useinsider.com posttoday.api.useinsider.com — Cisco Umbrella Rank: 791285 segment.api.useinsider.com — Cisco Umbrella Rank: 15735 location.api.useinsider.com — Cisco Umbrella Rank: 16021 assets.api.useinsider.com — Cisco Umbrella Rank: 21159 eitri.api.useinsider.com — Cisco Umbrella Rank: 21427 log.api.useinsider.com — Cisco Umbrella Rank: 9644 hit.api.useinsider.com — Cisco Umbrella Rank: 13563	87 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	175 KB
4	giraff.io code.th.giraff.io — Cisco Umbrella Rank: 63100 data.th.giraff.io — Cisco Umbrella Rank: 60069 a.giraff.io — Cisco Umbrella Rank: 56171	45 KB
3	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 990	1 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	1 KB
3	facebook.com graph.facebook.com — Cisco Umbrella Rank: 117 www.facebook.com — Cisco Umbrella Rank: 98 an.facebook.com Failed	953 B
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 644 script.hotjar.com — Cisco Umbrella Rank: 919 vars.hotjar.com — Cisco Umbrella Rank: 1012	64 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	54 KB
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 673	1 KB
2	dyntrk.com 2 redirects gu.dyntrk.com — Cisco Umbrella Rank: 1261	850 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 524	1 KB
2	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 404 ib.adnxs.com — Cisco Umbrella Rank: 241	7 KB
2	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470 ups.analytics.yahoo.com — Cisco Umbrella Rank: 283	999 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 636	848 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 876	1 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 284	1 KB
2	uuidksinc.net s.uuidksinc.net — Cisco Umbrella Rank: 11367	481 B
2	truehits.in.th lvs.truehits.in.th — Cisco Umbrella Rank: 43562	10 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8028 www.google.de — Cisco Umbrella Rank: 5557	1 KB
2	settrade.com www.settrade.com — Cisco Umbrella Rank: 225770	37 KB
2	thelead.tech cdn.thelead.tech — Cisco Umbrella Rank: 82102 connect.thelead.tech — Cisco Umbrella Rank: 85161	11 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	114 KB
1	openx.net jp-u.openx.net — Cisco Umbrella Rank: 9444	177 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 921	44 B
1	advangelists.com 1 redirects nep.advangelists.com — Cisco Umbrella Rank: 2192	232 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 329	265 B
1	stat.media stat.media — Cisco Umbrella Rank: 20469	265 B
1	adriver.ru ssp.adriver.ru — Cisco Umbrella Rank: 13446	201 B
1	com.ru rtb.com.ru — Cisco Umbrella Rank: 29732	240 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2414	257 B
1	ok.ru connect.ok.ru — Cisco Umbrella Rank: 22099	2 KB
1	vk.com vk.com — Cisco Umbrella Rank: 5015	479 B
1	ptengine.jp collect.ptengine.jp — Cisco Umbrella Rank: 74815	235 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	53 KB
1	optad360.io get.optad360.io — Cisco Umbrella Rank: 24472	91 KB
1	ptengine.com js.ptengine.com — Cisco Umbrella Rank: 110237	25 KB
1	anymind360.com anymind360.com — Cisco Umbrella Rank: 21459	28 KB
0	everesttech.net Failed sync-tm.everesttech.net Failed
208	44

	Domain	Requested by
58	static.posttoday.com	www.posttoday.com static.posttoday.com
14	securepubads.g.doubleclick.net	anymind360.com securepubads.g.doubleclick.net www.posttoday.com www.googletagservices.com
13	ads3.bangkokpost.co.th	www.posttoday.com static.posttoday.com
12	track.adform.net	433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com s1.adform.net
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
9	s1.adform.net	track.adform.net s1.adform.net 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
6	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
5	www.googletagservices.com	static.posttoday.com securepubads.g.doubleclick.net 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
4	433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	www.posttoday.com	www.posttoday.com static.posttoday.com
3	px.owneriq.net	2 redirects ssum-sec.casalemedia.com
3	ssum-sec.casalemedia.com	1 redirects 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	pagead2.googlesyndication.com	www.googletagservices.com www.posttoday.com
2	bcp.crwdcntrl.net	1 redirects ssum-sec.casalemedia.com
2	gu.dyntrk.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	js-sec.indexww.com	ssum-sec.casalemedia.com
2	pm.w55c.net	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	cm.g.doubleclick.net	1 redirects ssum-sec.casalemedia.com
2	s.uuidksinc.net	www.posttoday.com
2	www.google.com	www.posttoday.com 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
2	log.api.useinsider.com	www.posttoday.com
2	lvs.truehits.in.th	www.posttoday.com
2	www.facebook.com	www.posttoday.com
2	www.settrade.com	www.posttoday.com
2	posttoday.api.useinsider.com	www.googletagmanager.com posttoday.api.useinsider.com
2	connect.facebook.net	www.posttoday.com connect.facebook.net
2	code.th.giraff.io	www.posttoday.com
2	posttoday.com	2 redirects
1	ib.adnxs.com	www.posttoday.com
1	jp-u.openx.net	433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
1	match.deepintent.com	ssum-sec.casalemedia.com
1	ups.analytics.yahoo.com	ssum-sec.casalemedia.com
1	secure.adnxs.com	ssum-sec.casalemedia.com
1	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
1	nep.advangelists.com	1 redirects
1	c1.adform.net	ssum-sec.casalemedia.com
1	match.adsrvr.org	ssum-sec.casalemedia.com
1	a2136.casalemedia.com	433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
1	a5264.casalemedia.com	433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
1	connect.thelead.tech	cdn.thelead.tech
1	hit.api.useinsider.com	posttoday.api.useinsider.com
1	stat.media	www.posttoday.com
1	ssp.adriver.ru	www.posttoday.com
1	rtb.com.ru	www.posttoday.com
1	www.google.de	www.posttoday.com
1	eitri.api.useinsider.com	posttoday.api.useinsider.com
1	assets.api.useinsider.com	posttoday.api.useinsider.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	vc.hotjar.io	script.hotjar.com
1	a.giraff.io	code.th.giraff.io
1	location.api.useinsider.com	posttoday.api.useinsider.com
1	segment.api.useinsider.com	posttoday.api.useinsider.com
1	vars.hotjar.com	static.hotjar.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	connect.ok.ru	code.th.giraff.io
1	vk.com	code.th.giraff.io
1	graph.facebook.com	code.th.giraff.io
1	script.hotjar.com	static.hotjar.com
1	cdn.thelead.tech	www.posttoday.com
1	static.hotjar.com	www.googletagmanager.com
1	data.th.giraff.io	code.th.giraff.io
1	collect.ptengine.jp	js.ptengine.com
1	www.googletagmanager.com	www.posttoday.com
1	get.optad360.io	www.posttoday.com
1	js.ptengine.com	www.posttoday.com
1	anymind360.com	www.posttoday.com
0	an.facebook.com Failed	www.posttoday.com
0	sync-tm.everesttech.net Failed	ssum-sec.casalemedia.com
208	72

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
line.me
www.youtube.com
property.posttoday.com
www.posttodayrepublic.com
www.bangkokpost.co.th
www.bangkokpost.com
www.postbooksonline.com
40plus.posttoday.com
www.ellethailand.com
forbesthailand.com
newsclear.co
truehits.net

Subject Issuer	Validity	Valid
*.posttoday.com AlphaSSL CA - SHA256 - G2	`2020-04-13` - `2022-05-21`	2 years	crt.sh
anymind360.com R3	`2022-01-03` - `2022-04-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-25` - `2022-10-24`	a year	crt.sh
*.ptengine.jp Amazon	`2021-08-24` - `2022-09-22`	a year	crt.sh
*.optad360.io Amazon	`2021-11-17` - `2022-12-15`	a year	crt.sh
*.bangkokpost.co.th AlphaSSL CA - SHA256 - G2	`2021-07-16` - `2022-08-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
th.giraff.io R3	`2021-11-22` - `2022-02-20`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-28` - `2022-01-26`	3 months	crt.sh
useinsider.com Cloudflare Inc ECC CA-3	`2021-09-20` - `2022-09-19`	a year	crt.sh
cdn.thelead.tech R3	`2021-11-25` - `2022-02-23`	3 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-06-09` - `2022-06-10`	2 years	crt.sh
*.ok.ru GeoTrust RSA CA 2018	`2021-02-18` - `2022-03-21`	a year	crt.sh
*.settrade.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-07` - `2022-06-07`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
lvs.truehits.in.th Sectigo RSA Domain Validation Secure Server CA	`2021-09-15` - `2022-10-14`	a year	crt.sh
giraff.io R3	`2021-12-17` - `2022-03-17`	3 months	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
uuidksinc.net R3	`2022-01-14` - `2022-04-14`	3 months	crt.sh
rtb.com.ru Sectigo RSA Domain Validation Secure Server CA	`2021-03-01` - `2022-03-07`	a year	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
stat.media R3	`2021-11-29` - `2022-02-27`	3 months	crt.sh
connect.thelead.tech R3	`2021-11-25` - `2022-02-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2021-01-13` - `2022-02-14`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2022-02-16`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-11` - `2022-07-06`	6 months	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.posttoday.com/
Frame ID: 66D59309D9C1848B6534E96CEC824619
Requests: 136 HTTP requests in this frame

Frame: https://www.posttoday.com/set.php
Frame ID: F6077FB5FCE388F40CB92A4BF2B8CB9F
Requests: 3 HTTP requests in this frame

Frame: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9C63737975E9D681E1AB40597384793D
Requests: 1 HTTP requests in this frame

Frame: https://posttoday.api.useinsider.com/worker-new.html
Frame ID: C55B927A19FAEA96443D598215535377
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Frame ID: AA92377C03376F72550E9485F25AD288
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F18E7BE6DFF089B45855CCD09394B7D2
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvAqu1vMtBg7vZG7isqcfA6PObE8KZIkhOzmv3qxGXeN7qO0uwWKulvC2Vo8kmxVwPaSvGDFmwuQ5OsDUZuNKKe9umGS3dADepZydqSuM_Ac69Fp-4XtM-Oye-zPGfi62rgZ3fAeVFQAFFGKNJqEMyDLwh3DAy-xgDpgGe9I4T9ldUkHGDCOI92VXBYghKhnFp9wQdT9vPNCgFA6zlzfGdHWqQM6KJ7M2_22Red81y7YO4VlT0CwHyo3oVGhFQP2RpPUCWVO_fbn7wpcw-xkmjhnFh_kphhh4ItTGQ7pC_yzwzYLSS-qp9ZZtf3Qhl_n4VvmH1a6hSoKGBz5bt1AXIsXNm6OSXCbkuZC6kitFOHpcYdOrBqj3ySk_jYDmdlcSAqczqvx4I3eA&sai=AMfl-YQGEjS6kA9vEbkeiZaf4FoeNCPvnfSlRiYy4aTNkAwqS4ubrZHKx4QQmBoOP4YwCY7mkqiOJGfOVhE0aiKRLPrcFqmiW7LLIO7Sm-XOaYei_lcO-avZ0KlvgqtQ3dA&sig=Cg0ArKJSzA01RtJvT9AtEAE&uach_m=[UACH]&adurl=
Frame ID: 7B6A7D3F8590852953186D8C87526003
Requests: 8 HTTP requests in this frame

Frame: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 14864A820C1DFE88646FEECA6A2245C7
Requests: 15 HTTP requests in this frame

Frame: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1F18A9476D732060730BA5421FF105B3
Requests: 17 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Frame ID: E8F4B16E716CC1538D5B6010F396317A
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Frame ID: FE11E3CE3E80681903D2B6692E630D44
Requests: 10 HTTP requests in this frame

Frame: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9B33FE00464A8D9242636D6D8514ECAB
Requests: 14 HTTP requests in this frame

Frame: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=41369f8c-6fd8-4c86-b8bb-fad81774416e
Frame ID: 0455E0A83A4C72C55CB071E39A8B8449
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ข่าว ข่าววันนี้ ข่าวเด่น ข่าวด่วน ข่าวโพสต์ทูเดย์

Page URL History Show full URLs

http://posttoday.com/ HTTP 301
https://posttoday.com/ HTTP 301
https://www.posttoday.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Insider (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.useinsider\.\w+/

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

208
Requests

95 %
HTTPS

36 %
IPv6

44
Domains

72
Subdomains

57
IPs

12
Countries

4508 kB
Transfer

7864 kB
Size

50
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Posttoday

Search URL Search Domain Scan URL

URL: https://twitter.com/PostToday

Search URL Search Domain Scan URL

URL: https://www.instagram.com/posttoday_online

Search URL Search Domain Scan URL

URL: http://line.me/ti/p/@posttoday

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCcaKwzuSJCmKfpxMonvPawQ

Search URL Search Domain Scan URL

URL: https://property.posttoday.com/
Title: โครงการอสังหาฯ

Search URL Search Domain Scan URL

URL: http://www.posttodayrepublic.com/

Search URL Search Domain Scan URL

URL: https://www.bangkokpost.co.th/

Search URL Search Domain Scan URL

URL: https://www.bangkokpost.com/
Title: Bangkok Post

Search URL Search Domain Scan URL

URL: http://www.postbooksonline.com/
Title: สนพ.โพสต์บุ๊ค

Search URL Search Domain Scan URL

URL: https://40plus.posttoday.com/
Title: 40+ วัยว้าวุ่น

Search URL Search Domain Scan URL

URL: https://www.ellethailand.com/
Title: Elle

Search URL Search Domain Scan URL

URL: https://forbesthailand.com/
Title: Forbes

Search URL Search Domain Scan URL

URL: https://newsclear.co/
Title: Newsclear

Search URL Search Domain Scan URL

URL: https://truehits.net/stat.php?login=posttoday

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://posttoday.com/ HTTP 301
https://posttoday.com/ HTTP 301
https://www.posttoday.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 158

https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1

Request Chain 170

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YecrrAzFQncdRxAfvqNBVQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPwdOEzFmvYr-8VWEcyfKjY&google_cver=1&gdpr=1

Request Chain 172

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YecrrAzFQncdRxAfvqNBVQAABI8AAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YecrrAzFQncdRxAfvqNBVQAABI8AAAAB&dcc=t

Request Chain 175

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-83e519ad-7086-446c-9003-38aceeaaeced

Request Chain 176

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=iqANLQnQ1N9VFO5&gdpr=1

Request Chain 186

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAIvGk7DzlcAAEEcmY5uKQ&expiration=1643749548&gdpr=1

Request Chain 188

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 190

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6958263481291830557&uid=Q6958263481291830557&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 191

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YecrrAzFQncdRxAfvqNBVQAA%261167?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YecrrAzFQncdRxAfvqNBVQAA%261167?gdpr_consent=&us_privacy=&gdpr=1

208 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.posttoday.com/
Redirect Chain

http://posttoday.com/
https://posttoday.com/
https://www.posttoday.com/

175 KB
28 KB

375ms
212ms

Document
text/html

2001:41d0:404:200::32ab
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:404:200::32ab , France, ASN16276 (OVH, FR),
Reverse DNS
Software: bytex/1.20.2 /
Resource Hash: 722e750231d59aad95a9ba4bbaebc2729d1ba22595eda94ce9ba3f68f75f4c1c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: bytex/1.20.2
date: Tue, 18 Jan 2022 21:05:45 GMT
content-type: text/html; charset=UTF-8
content-length: 28094
cache-control: max-age=30, public
expires: Tue, 18 Jan 2022 21:05:33 GMT
vary: Accept-Encoding
content-encoding: gzip
x-varnish: 35555625 34738960
age: 41
via: 1.1 varnish (Varnish/5.2)
x-cache: HIT
x-byteark-cache: BYPASS from csw-th-csl-3 hop 2 BYPASS from fr-sbg-1 hop 1
x-byteark-reqid: 1574fdb8664b3c9713d9faa69a37c8ba 4992fc087c39721411897b78127cf0c2
accept-ranges: bytes

Redirect headers

Location: https://www.posttoday.com/
Server: bytex/1.14.0
Date: Tue, 18 Jan 2022 21:05:44 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 234
Connection: keep-alive
Cache-Control: max-age=300
Expires: Tue, 18 Jan 2022 21:07:24 GMT
X-Varnish: 281677520 276651699
Age: 199
Via: 1.1 varnish (Varnish/5.2)
X-Cache: HIT

GET
H2 200 ats.js Show response
anymind360.com/js/5482/ 127 KB
28 KB 30ms
7ms Script
application/javascript 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/5482/ats.js

Requested by

Host: www.posttoday.com
URL: https://www.posttoday.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b9734112598bbb0fc8b5b453c37c2dbc8c9aa3902e49bccf6b144113478ceeed

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:45 GMT
content-encoding: gzip
age: 51579
x-guploader-uploadid: ADPycdtcT9FiuLwt9RoJcbg9zt4TsDPQaOOaFkzA_b4_xQhVjvCq7GMfTRUy-8eMoku-5iAvrVNbdfSoiZnaawU_WeA
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
strict-transport-security: max-age=300
content-length: 27913
x-served-by: cache-tyo11958-TYO, cache-hhn4053-HHN
access-control-allow-origin: *
expires: Tue, 18 Jan 2022 06:46:05 GMT
last-modified: Fri, 07 Jan 2022 06:14:54 GMT
server: UploadServer
x-timer: S1642539945.056727,VS0,VE1
etag: "7e7b4711d84d1ff0402dd619da5b0077"
vary: Accept-Encoding
x-goog-hash: crc32c=uWomUg==, md5=fntHEdhNH/BALdYZ2lsAdw==
x-goog-generation: 1641536094306764
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Content-Type
cache-control: max-age=43200
x-goog-stored-content-length: 27913
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-cache-hits: 2, 1

GET
H2 200 bootstrap.min.css
static.posttoday.com/v5/assets/bootstrap/css/ 152 KB
31 KB 1180ms
371ms Stylesheet
text/css 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.posttoday.com/v5/assets/bootstrap/css/bootstrap.min.css
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: d6d38f11b1a4207f3e78042eb868b8441aa9dbd2a66704cdf7c890d45c54e379

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:45 GMT
content-encoding: gzip
age: 69
x-cache: HIT
content-length: 31221
access-control-allow-origin: null
last-modified: Tue, 18 Jan 2022 21:04:36 GMT
server: bytex/1.14.0
etag: W/"261cc-5d5e1a23f20a8-gzip"
vary: Accept-Encoding
x-varnish: 280565699 280828592
via: 1.1 varnish (Varnish/5.2)
cache-control: max-age=2592000
accept-ranges: bytes
content-type: text/css
expires: Thu, 17 Feb 2022 21:04:36 GMT

GET
H2 200 homepage.min.css
static.posttoday.com/v5/assets/css/ 164 KB
45 KB 1366ms
557ms Stylesheet
text/css 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 4f3dce90491e78a544fb576daf0acf72adb27d7b499e80d3c0436469211fc14e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:45 GMT
content-encoding: gzip
age: 336
x-cache: HIT
content-length: 45754
access-control-allow-origin: null
last-modified: Thu, 06 Jan 2022 10:47:08 GMT
server: bytex/1.14.0
etag: "291af-5d4e7978c0739-gzip"
vary: Accept-Encoding
x-varnish: 280565701 281872733
via: 1.1 varnish (Varnish/5.2)
cache-control: max-age=2592000
accept-ranges: bytes
content-type: text/css
expires: Thu, 17 Feb 2022 21:00:09 GMT

GET
H2 200 owl.carousel.min.css
static.posttoday.com/v5/assets/js/plugins/owlcarousel/ 3 KB
1 KB 1182ms
373ms Stylesheet
text/css 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.posttoday.com/v5/assets/js/plugins/owlcarousel/owl.carousel.min.css
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:45 GMT
content-encoding: gzip
age: 69
x-cache: HIT
content-length: 1145
access-control-allow-origin: null
last-modified: Thu, 26 Mar 2020 10:20:29 GMT
server: bytex/1.14.0
etag: "d17-5a1bf55829540-gzip"
vary: Accept-Encoding
x-varnish: 282296748 282231710
via: 1.1 varnish (Varnish/5.2)
cache-control: max-age=2592000
accept-ranges: bytes
content-type: text/css
expires: Thu, 17 Feb 2022 21:04:36 GMT

GET
H2 200 owl.theme.default.min.css
static.posttoday.com/v5/assets/js/plugins/owlcarousel/ 1013 B
818 B 1183ms
374ms Stylesheet
text/css 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.posttoday.com/v5/assets/js/plugins/owlcarousel/owl.theme.default.min.css
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:45 GMT
content-encoding: gzip
age: 47
x-cache: HIT
content-length: 487
access-control-allow-origin: null
last-modified: Thu, 26 Mar 2020 10:20:29 GMT
server: bytex/1.14.0
etag: "3f5-5a1bf55829540-gzip"
vary: Accept-Encoding
x-varnish: 278803723 281319323
via: 1.1 varnish (Varnish/5.2)
cache-control: max-age=2592000
accept-ranges: bytes
content-type: text/css
expires: Thu, 17 Feb 2022 21:04:58 GMT

GET
H2 200 widget-posttodaycom.js Show response
code.th.giraff.io/data/ 226 KB
44 KB 63ms
18ms Script
application/javascript 2606:4700:10::ac43:1ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.th.giraff.io/data/widget-posttodaycom.js
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22c36221393484dc267d14346481e0780b0dac4fe2e42b64ef12dff2ee3711c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 06:57:43 GMT
server: cloudflare
age: 18
etag: W/"61dd2a67-38825"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
cf-ray: 6cfac8896c117040-FRA
expires: Tue, 18 Jan 2022 21:06:27 GMT

GET
H2 200 37jtdo74.js Show response
js.ptengine.com/ 78 KB
25 KB 53ms
8ms Script
application/x-javascript 2600:9000:236e:9600:14:3d35:8f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ptengine.com/37jtdo74.js
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:9600:14:3d35:8f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2d5e1fa3a474720086cf538ca07ab1c43b692f3be86f0402becca4c21f89ff2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:04:37 GMT
content-encoding: gzip
last-modified: Sun, 16 Jan 2022 15:00:46 GMT
server: AmazonS3
age: 69
etag: W/"935b2b26ff12a5b1ca78af5fea00afd8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
cache-control: public,max-age=300
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: mj6RFgR9XMXURmS-B4dztVeskVBi9A3i5AuVbgxb78apqNkJ_qERTg==

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/285b934d-8abb-4108-86a2-2988475d1aa8/ 382 KB
91 KB 55ms
8ms Script
application/javascript 2600:9000:225e:ec00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/285b934d-8abb-4108-86a2-2988475d1aa8/plugin.min.js
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:ec00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 22ecaa4f37ea3970ea41ffbc7c7a1dc1225e7405e47b6ac1df1cbf7145938214

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 20:15:59 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 09:52:54 GMT
server: AmazonS3
age: 2988
etag: W/"3d74d42cc6862666f2a746295e0b1b03"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: DyqK2s5MEKlBYp4r2qpmX6MccE7lZRTzH6e8sWUWzU6XP_i9MOjSmA==

GET
H2 200 logo.svg
static.posttoday.com/v5/assets/images/ 39 KB
29 KB 352ms
347ms Image
image/svg+xml 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/v5/assets/images/logo.svg?v=2
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 9a6c61699f72d8b1b079967da693a58134229457ac8f32a39ef42bb6da57e1a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: gzip
age: 69
x-cache: HIT
content-length: 29131
access-control-allow-origin: null
last-modified: Thu, 07 Jan 2021 05:01:10 GMT
server: bytex/1.14.0
etag: "9deb-5b848540e0e20-gzip"
vary: Accept-Encoding
x-varnish: 281972526 279882132
via: 1.1 varnish (Varnish/5.2)
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
expires: Wed, 18 Jan 2023 21:04:37 GMT

GET
H2 200 logo-ptd-exclusive.svg
static.posttoday.com/v5/assets/images/icon/ 8 KB
3 KB 219ms
214ms Image
image/svg+xml 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/v5/assets/images/icon/logo-ptd-exclusive.svg?v=2
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 98156b1e259cce75cc79919f806650e15c2e2362f57f929e00dc55290bfefc68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: gzip
age: 69
x-cache: HIT
content-length: 3152
access-control-allow-origin: null
last-modified: Fri, 05 Feb 2021 16:06:41 GMT
server: bytex/1.14.0
etag: "206b-5ba990182d51f-gzip"
vary: Accept-Encoding
x-varnish: 277471517 281353269
via: 1.1 varnish (Varnish/5.2)
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
expires: Wed, 18 Jan 2023 21:04:37 GMT

GET
H2 200 logo-ptd-channel.svg
static.posttoday.com/v5/assets/images/icon/ 1 KB
937 B 394ms
390ms Image
image/svg+xml 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/v5/assets/images/icon/logo-ptd-channel.svg
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 8fcbe0885b3adebbaab7e5b0bf75bd13ccfdf4b08897b3662627a5f510e7d61d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: gzip
age: 69
x-cache: HIT
content-length: 600
access-control-allow-origin: null
last-modified: Mon, 22 Jun 2020 08:48:46 GMT
server: bytex/1.14.0
etag: "4ff-5a8a84f8a7780-gzip"
vary: Accept-Encoding
x-varnish: 281186346 279882135
via: 1.1 varnish (Varnish/5.2)
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
expires: Wed, 18 Jan 2023 21:04:37 GMT

GET
H2 200 logo-ptd-poscast.svg
static.posttoday.com/v5/assets/images/icon/ 2 KB
1 KB 361ms
357ms Image
image/svg+xml 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/v5/assets/images/icon/logo-ptd-poscast.svg
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: e75f38fb2fa126114608a97476d277c868bd9ed6b8de38ded7b3fd8e4ffe73c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: gzip
age: 47
x-cache: HIT
content-length: 902
access-control-allow-origin: null
last-modified: Mon, 22 Jun 2020 08:49:24 GMT
server: bytex/1.14.0
etag: "862-5a8a851ce4d00-gzip"
vary: Accept-Encoding
x-varnish: 280565737 281382315
via: 1.1 varnish (Varnish/5.2)
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
expires: Wed, 18 Jan 2023 21:04:59 GMT

GET
H2 200 E4E570B8B5C5351CCC19C6733F2B4ACB.jpg
static.posttoday.com/media/content/2022/01/18/ 101 KB
102 KB 396ms
392ms Image
image/jpeg 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/media/content/2022/01/18/E4E570B8B5C5351CCC19C6733F2B4ACB.jpg
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: c9cca91b748dc07f8b46d042f9ccc9eeafddbed50db75b45a01ba09f73adc280

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Tue, 18 Jan 2022 02:54:27 GMT
server: bytex/1.14.0
age: 482
etag: "194a6-5d5d263339d19"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: null
cache-control: max-age=2592000
x-varnish: 276944830 280013717
accept-ranges: bytes
content-length: 103590
expires: Thu, 17 Feb 2022 20:57:43 GMT

GET
H2 200 C4B7546140340B09698DF098D2CC872F.jpg
static.posttoday.com//media/content/2022/01/18/ 115 KB
115 KB 409ms
405ms Image
image/jpeg 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com//media/content/2022/01/18/C4B7546140340B09698DF098D2CC872F.jpg
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: e438ac631f8be89311c71f2bd535b458310cb08eca53b1a8da45176af9970e03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Mon, 17 Jan 2022 19:15:15 GMT
server: bytex/1.14.0
age: 210
etag: "1cbb3-5d5cbf8fbe7be"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: null
cache-control: max-age=2592000
x-varnish: 277471521 282102266
accept-ranges: bytes
content-length: 117683
expires: Thu, 17 Feb 2022 21:02:16 GMT

GET
H2 200 D97E2648CF57CC3DC8E6AC860BED159D.jpg
static.posttoday.com/media/content/2022/01/18/ 450 KB
451 KB 552ms
548ms Image
image/jpeg 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/media/content/2022/01/18/D97E2648CF57CC3DC8E6AC860BED159D.jpg
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 2048205493b3f66f2dbf9e268d9a3e1a0df6b676d87faff7a297470cde4ee77f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Tue, 18 Jan 2022 05:14:53 GMT
server: bytex/1.14.0
age: 238
etag: "70878-5d5d4596534ee"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: null
cache-control: max-age=2592000
x-varnish: 276653028 282200983
accept-ranges: bytes
content-length: 460920
expires: Thu, 17 Feb 2022 21:01:48 GMT

GET
H2 200 img-post_republic.jpg
static.posttoday.com/v5/assets/images/ 170 KB
171 KB 582ms
578ms Image
image/jpeg 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/v5/assets/images/img-post_republic.jpg?v=0.1
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 6fa6980399324673ac53f46837c50b75d0a40fe4f4776f2e6c3839db17de198c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Tue, 21 Dec 2021 08:43:35 GMT
server: bytex/1.14.0
age: 192
etag: "2a9dc-5d3a400331bc0"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: null
cache-control: max-age=2592000
x-varnish: 282232134 281971554
accept-ranges: bytes
content-length: 174556
expires: Thu, 17 Feb 2022 21:02:33 GMT

GET
H2 200 default-pic.jpg
static.posttoday.com/v5/assets/images/bg/ 13 KB
13 KB 584ms
580ms Image
image/jpeg 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/v5/assets/images/bg/default-pic.jpg
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: e3a1cc912d130bc0d7b87c6dce344372d5fc0bb63098978a285f462bca413d55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 26 Mar 2020 10:19:32 GMT
server: bytex/1.14.0
age: 25
etag: "347a-5a1bf521cd500"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: null
cache-control: max-age=2592000
x-varnish: 281972528 279751475
accept-ranges: bytes
content-length: 13434
expires: Thu, 17 Feb 2022 21:05:20 GMT

GET
H2 200 title.svg
static.posttoday.com/v5/assets/specials/covid19/images/ 9 KB
4 KB 582ms
578ms Image
image/svg+xml 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/v5/assets/specials/covid19/images/title.svg
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 94473eba041563e17a4b85192267136a1dd31805805a4eb33e092d16b6b13c76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: gzip
age: 192
x-cache: HIT
content-length: 3271
access-control-allow-origin: null
last-modified: Thu, 04 Jun 2020 03:33:28 GMT
server: bytex/1.14.0
etag: "224e-5a739cecbf200-gzip"
vary: Accept-Encoding
x-varnish: 281677558 278248523
via: 1.1 varnish (Varnish/5.2)
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
expires: Wed, 18 Jan 2023 21:02:33 GMT

GET
H2 200 icn-play.svg
static.posttoday.com/v5/assets/images/icon/ 449 B
630 B 582ms
579ms Image
image/svg+xml 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/v5/assets/images/icon/icn-play.svg
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 075e148cb8acb1b10069f3e3969b55163d5f893ace17b9e26ff7f4b8c9ce2e71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: gzip
age: 192
x-cache: HIT
content-length: 294
access-control-allow-origin: null
last-modified: Thu, 26 Mar 2020 10:19:33 GMT
server: bytex/1.14.0
etag: "1c1-5a1bf522c1740-gzip"
vary: Accept-Encoding
x-varnish: 280143240 280957607
via: 1.1 varnish (Varnish/5.2)
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
expires: Wed, 18 Jan 2023 21:02:33 GMT

GET
H2 200 icn-oil.svg
static.posttoday.com/v5/assets/images/icon/ 267 B
561 B 583ms
579ms Image
image/svg+xml 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/v5/assets/images/icon/icn-oil.svg?v=3
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 4d60047d766f93cf65c5a7d2128fcaa3b8a004476822b221eaea253754087e00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: gzip
age: 192
x-cache: HIT
content-length: 224
access-control-allow-origin: null
last-modified: Fri, 05 Feb 2021 16:06:41 GMT
server: bytex/1.14.0
etag: "10b-5ba990178c2ff-gzip"
vary: Accept-Encoding
x-varnish: 279882518 281940208
via: 1.1 varnish (Varnish/5.2)
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
expires: Wed, 18 Jan 2023 21:02:33 GMT

GET
H2 200 icn-gold.svg
static.posttoday.com/v5/assets/images/icon/ 988 B
721 B 582ms
579ms Image
image/svg+xml 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/v5/assets/images/icon/icn-gold.svg?v=3
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 45e7f24007b553b7cc21e8fe4c59f7d9c3e56b98c18362ef8d4007dbd3bb3a71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: gzip
age: 192
x-cache: HIT
content-length: 384
access-control-allow-origin: null
last-modified: Fri, 05 Feb 2021 16:06:40 GMT
server: bytex/1.14.0
etag: "3dc-5ba99016cdc1f-gzip"
vary: Accept-Encoding
x-varnish: 281319721 282263706
via: 1.1 varnish (Varnish/5.2)
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
expires: Wed, 18 Jan 2023 21:02:33 GMT

GET
H2 200 icn-lottery.svg
static.posttoday.com/v5/assets/images/icon/ 606 B
626 B 582ms
579ms Image
image/svg+xml 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/v5/assets/images/icon/icn-lottery.svg?v=3
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: a7241608256d88ffab1bd33bdfbf937910aa6759a1fafff64e551d4f1bda8ecb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: gzip
age: 192
x-cache: HIT
content-length: 289
access-control-allow-origin: null
last-modified: Fri, 05 Feb 2021 16:06:41 GMT
server: bytex/1.14.0
etag: "25e-5ba990178c2ff-gzip"
vary: Accept-Encoding
x-varnish: 280828878 281318482
via: 1.1 varnish (Varnish/5.2)
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
expires: Wed, 18 Jan 2023 21:02:34 GMT

GET
H2 200 icn-horoscope.svg
static.posttoday.com/v5/assets/images/icon/ 604 B
698 B 582ms
579ms Image
image/svg+xml 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/v5/assets/images/icon/icn-horoscope.svg?v=3
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: dbfb3626a3ecad483b328cf8b3ae41210c7fd27a87655cbb5f8b5195ecb7cc1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: gzip
age: 192
x-cache: HIT
content-length: 361
access-control-allow-origin: null
last-modified: Fri, 05 Feb 2021 16:06:40 GMT
server: bytex/1.14.0
etag: "25c-5ba990172046f-gzip"
vary: Accept-Encoding
x-varnish: 280992573 280862696
via: 1.1 varnish (Varnish/5.2)
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
expires: Wed, 18 Jan 2023 21:02:34 GMT

GET
H2 200 style-covid.css
static.posttoday.com/v5/assets/specials/covid19/css/ 48 KB
12 KB 366ms
365ms Stylesheet
text/css 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.posttoday.com/v5/assets/specials/covid19/css/style-covid.css?v=1014.029
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 41a7355e848938453b05976c539fcd8da0b14a8d400c6715229ce13b34fb1f1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: gzip
age: 482
x-cache: HIT
content-length: 11840
access-control-allow-origin: null
last-modified: Wed, 30 Jun 2021 12:54:35 GMT
server: bytex/1.14.0
etag: "be27-5c5fb398437fc-gzip"
vary: Accept-Encoding
x-varnish: 282232123 282198958
via: 1.1 varnish (Varnish/5.2)
cache-control: max-age=2592000
accept-ranges: bytes
content-type: text/css
expires: Thu, 17 Feb 2022 20:57:43 GMT

GET
H2 200 postgroup-logo_white.svg
static.posttoday.com/v5/assets/images/ 13 KB
5 KB 582ms
580ms Image
image/svg+xml 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/v5/assets/images/postgroup-logo_white.svg
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 5061a48f48001768acf5e74d06a12779d4dcd1bc40e356729c8f531d751d8fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: gzip
age: 592
x-cache: HIT
content-length: 5257
access-control-allow-origin: null
last-modified: Thu, 26 Mar 2020 10:19:07 GMT
server: bytex/1.14.0
etag: "35ff-5a1bf509f5cc0-gzip"
vary: Accept-Encoding
x-varnish: 281120746 282100546
via: 1.1 varnish (Varnish/5.2)
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
expires: Wed, 18 Jan 2023 20:55:53 GMT

GET
H/1.1 200
OK asyncjs.php Show response
ads3.bangkokpost.co.th/www/delivery/ 8 KB
4 KB 1450ms
216ms Script
text/javascript 203.154.37.221
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads3.bangkokpost.co.th/www/delivery/asyncjs.php
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.221 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-221.northern.inet.co.th
Software: nginx/1.10.2 /
Resource Hash: 6fd3e1b4fcf15dea30fbf3ae4de901e3d48bca5c4ff78cce29b2440c198c8e2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 21:05:47 GMT
Content-Encoding: gzip
Server: nginx/1.10.2
P3P: CP="CUR ADM OUR NOR STA NID"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: private, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
Expire: Tue, 18 Jan 2022 22:05:47 GMT

GET
H2 200 all.min.css
static.posttoday.com/v5/assets/css/ 56 KB
14 KB 194ms
194ms Stylesheet
text/css 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.posttoday.com/v5/assets/css/all.min.css
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 43f5160aa6bddeb7253e113f6f5a2e1ac41ed489f078374e63e55e95a2516368

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: gzip
age: 67
x-cache: HIT
content-length: 14070
access-control-allow-origin: null
last-modified: Tue, 18 Jan 2022 21:04:39 GMT
server: bytex/1.14.0
etag: W/"de0e-5d5e1a2408038-gzip"
vary: Accept-Encoding
x-varnish: 278803752 281483901
via: 1.1 varnish (Varnish/5.2)
cache-control: max-age=2592000
accept-ranges: bytes
content-type: text/css
expires: Thu, 17 Feb 2022 21:04:39 GMT

GET
H2 200 animate.min.css
static.posttoday.com/v5/assets/css/ 57 KB
6 KB 210ms
206ms Stylesheet
text/css 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.posttoday.com/v5/assets/css/animate.min.css
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: gzip
age: 26
x-cache: HIT
content-length: 5837
access-control-allow-origin: null
last-modified: Thu, 26 Mar 2020 10:18:53 GMT
server: bytex/1.14.0
etag: "e311-5a1bf4fc9bd40-gzip"
vary: Accept-Encoding
x-varnish: 279882516 281972255
via: 1.1 varnish (Varnish/5.2)
cache-control: max-age=2592000
accept-ranges: bytes
content-type: text/css
expires: Thu, 17 Feb 2022 21:05:19 GMT

GET
H2 200 jquery.fancybox.min.css
static.posttoday.com/v5/assets/js/plugins/facybox/ 12 KB
4 KB 211ms
206ms Stylesheet
text/css 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.posttoday.com/v5/assets/js/plugins/facybox/jquery.fancybox.min.css
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: gzip
age: 26
x-cache: HIT
content-length: 3606
access-control-allow-origin: null
last-modified: Thu, 26 Mar 2020 10:20:28 GMT
server: bytex/1.14.0
etag: "31fb-5a1bf55735300-gzip"
vary: Accept-Encoding
x-varnish: 281319719 281120656
via: 1.1 varnish (Varnish/5.2)
cache-control: max-age=2592000
accept-ranges: bytes
content-type: text/css
expires: Thu, 17 Feb 2022 21:05:19 GMT

GET
H2 200 jquery.min.js Show response
static.posttoday.com/v5/assets/js/ 82 KB
34 KB 216ms
211ms Script
application/javascript 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.posttoday.com/v5/assets/js/jquery.min.js
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: gzip
age: 130
x-cache: HIT
content-length: 34416
access-control-allow-origin: null
last-modified: Thu, 26 Mar 2020 10:19:09 GMT
server: bytex/1.14.0
etag: "14915-5a1bf50bde140-gzip"
vary: Accept-Encoding
x-varnish: 282232132 281120138
via: 1.1 varnish (Varnish/5.2)
cache-control: max-age=0
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 18 Jan 2022 21:03:36 GMT

GET
H2 200 lazysizes.min.js Show response
static.posttoday.com/v5/assets/js/ 7 KB
4 KB 211ms
206ms Script
application/javascript 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.posttoday.com/v5/assets/js/lazysizes.min.js
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 81c51567c8e62fcaee19b8c95a0ce8d206c72e89dfa871134cbef2ed31ee42e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: gzip
age: 124
x-cache: HIT
content-length: 3573
access-control-allow-origin: null
last-modified: Thu, 26 Mar 2020 10:19:10 GMT
server: bytex/1.14.0
etag: "1c43-5a1bf50cd2380-gzip"
vary: Accept-Encoding
x-varnish: 276653026 281483457
via: 1.1 varnish (Varnish/5.2)
cache-control: max-age=0
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 18 Jan 2022 21:03:41 GMT

GET
H2 200 bootstrap.min.js Show response
static.posttoday.com/v5/assets/bootstrap/js/ 57 KB
19 KB 395ms
390ms Script
application/javascript 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.posttoday.com/v5/assets/bootstrap/js/bootstrap.min.js
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: gzip
age: 120
x-cache: HIT
content-length: 19018
access-control-allow-origin: null
last-modified: Thu, 26 Mar 2020 10:19:13 GMT
server: bytex/1.14.0
etag: "e2d8-5a1bf50faea40-gzip"
vary: Accept-Encoding
x-varnish: 279553196 282102925
via: 1.1 varnish (Varnish/5.2)
cache-control: max-age=0
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 18 Jan 2022 21:03:46 GMT

GET
H2 200 owl.carousel.min.js Show response
static.posttoday.com/v5/assets/js/plugins/owlcarousel/ 43 KB
14 KB 212ms
207ms Script
application/javascript 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.posttoday.com/v5/assets/js/plugins/owlcarousel/owl.carousel.min.js
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: gzip
age: 140
x-cache: HIT
content-length: 13727
access-control-allow-origin: null
last-modified: Thu, 26 Mar 2020 10:20:29 GMT
server: bytex/1.14.0
etag: "ad36-5a1bf55829540-gzip"
vary: Accept-Encoding
x-varnish: 280143238 281319066
via: 1.1 varnish (Varnish/5.2)
cache-control: max-age=0
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 18 Jan 2022 21:03:25 GMT

GET
H2 200 homepage.min.js Show response
static.posttoday.com/v5/assets/js/ 31 KB
8 KB 213ms
208ms Script
application/javascript 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.posttoday.com/v5/assets/js/homepage.min.js?v=1014.029
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 3b2c5e3232f48afaf0db3f38d6152d4d88eac8801a1b38b3e14188b754691065

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: gzip
age: 577
x-cache: HIT
content-length: 8275
access-control-allow-origin: null
last-modified: Fri, 07 Jan 2022 08:07:38 GMT
server: bytex/1.14.0
etag: "7d43-5d4f97afc263f-gzip"
vary: Accept-Encoding
x-varnish: 281677556 281871134
via: 1.1 varnish (Varnish/5.2)
cache-control: max-age=0
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 18 Jan 2022 20:56:08 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 195ms
95ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/5482/ats.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

caedfb914856a2599d978d3c481f2702a1ef61eebbffc0e7939f0f0f77183e5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26965
x-xss-protection: 0
server: sffe
etag: "1106 / 58 of 1000 / last-modified: 1642537328"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 18 Jan 2022 21:05:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 147 KB
53 KB 137ms
52ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KC65SG8

Requested by

Host: www.posttoday.com
URL: https://www.posttoday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2a082f30e174e99ffe0951438a98b548ae364188f2ffb7f8ba9a454a52fbe8e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53878
x-xss-protection: 0
expires: Tue, 18 Jan 2022 21:05:46 GMT

POST
H/1.1 204
No Content pn Show response
collect.ptengine.jp/ 0
235 B 781ms
256ms XHR
text/plain 118.67.80.91
BIT-ISLE Equinix ...

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.ptengine.jp/pn
Requested by: Host: js.ptengine.com
URL: https://js.ptengine.com/37jtdo74.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 118.67.80.91 Nakano, Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.posttoday.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 18 Jan 2022 21:05:47 GMT
Server: openresty
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS

GET
H2 200 set.php Show response
www.posttoday.com/ Frame F607 29 KB
6 KB 355ms
354ms Document
text/html 2001:41d0:404:200::32ab
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.posttoday.com/set.php
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:404:200::32ab , France, ASN16276 (OVH, FR),
Reverse DNS
Software: bytex/1.20.2 /
Resource Hash: cbb78617d744c8b0d8b87ab234850064deafa51dc5d581918d6b13c86cc4d8bd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/

Response headers

server: bytex/1.20.2
date: Tue, 18 Jan 2022 21:05:46 GMT
content-type: text/html; charset=UTF-8
content-length: 5956
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Tue, 18 Jan 2022 21:10:46 GMT
x-varnish: 35881272
age: 0
via: 1.1 varnish (Varnish/5.2)
x-cache: MISS
x-byteark-cache: BYPASS from csw-th-tcc-2 hop 3 BYPASS from th-nbi-tot-01 hop 2 BYPASS from fr-sbg-1 hop 1
x-byteark-reqid: c57bf0a07e9bec2176e30495fa1a6361 a9587fa6ecd90038d254cc2ba3f836f7 8c14f7b42a4f270fc1923835b510affa
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2175c26f2625ea713115d2d5e8ca79244ee47c86e9dcfec7296490273b6c430

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 404 bg-wuhan.png
static.posttoday.com/v5/assets/images/ 0
0 575ms
575ms Image
text/html 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/v5/assets/images/bg-wuhan.png
Requested by: Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 404 icon-confirmed.svg
static.posttoday.com/v5/assets/images/ 0
0 574ms
574ms Image
text/html 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/v5/assets/images/icon-confirmed.svg
Requested by: Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 764 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca9aca2116420e96bd190c9c8e464ccbdd4b34f621433179a28193e6cfea1c78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a382852d715c5555d4bc5d3abf5e7d6c21a7a755604e254b129e73c562fbdfe1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Prompt-Bold.woff
static.posttoday.com/v5/assets/fonts/ 74 KB
75 KB 853ms
438ms Font
application/font-woff 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.posttoday.com/v5/assets/fonts/Prompt-Bold.woff
Requested by: Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 2885fdd84c44f8a95e9e235fe12a02825f51128378919036587582bcd940ab44

Request headers

Referer: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Origin: https://www.posttoday.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 26 Mar 2020 10:18:58 GMT
server: bytex/1.14.0
age: 94
etag: "128f8-5a1bf50160880"
x-cache: HIT
content-type: application/font-woff
access-control-allow-origin: https://www.posttoday.com
cache-control: max-age=0
x-varnish: 281319727 281483805
accept-ranges: bytes
content-length: 76024
expires: Tue, 18 Jan 2022 21:04:12 GMT

GET
H2 200 Prompt-Light.woff
static.posttoday.com/v5/assets/fonts/ 69 KB
70 KB 1095ms
679ms Font
application/font-woff 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.posttoday.com/v5/assets/fonts/Prompt-Light.woff
Requested by: Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 009ab3d50ca3651a5697f8ef010fd782f6c0c32beeef7c16ae2f91e62d9617bf

Request headers

Referer: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Origin: https://www.posttoday.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 26 Mar 2020 10:19:01 GMT
server: bytex/1.14.0
age: 149
etag: "115e0-5a1bf5043cf40"
x-cache: HIT
content-type: application/font-woff
access-control-allow-origin: https://www.posttoday.com
cache-control: max-age=0
x-varnish: 279163631 282231159
accept-ranges: bytes
content-length: 71136
expires: Tue, 18 Jan 2022 21:03:17 GMT

GET
H2 200 Prompt-SemiBold.woff
static.posttoday.com/v5/assets/fonts/ 72 KB
73 KB 1094ms
679ms Font
application/font-woff 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.posttoday.com/v5/assets/fonts/Prompt-SemiBold.woff
Requested by: Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: caf6402386047d4b5898d99b30bb020045d28a629e678ec91a5c3799dac7275b

Request headers

Referer: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Origin: https://www.posttoday.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 26 Mar 2020 10:19:03 GMT
server: bytex/1.14.0
age: 149
etag: "121e4-5a1bf506253c0"
x-cache: HIT
content-type: application/font-woff
access-control-allow-origin: https://www.posttoday.com
cache-control: max-age=0
x-varnish: 281319736 280992186
accept-ranges: bytes
content-length: 74212
expires: Tue, 18 Jan 2022 21:03:17 GMT

GET
H2 200 Prompt-ExtraBold.woff
static.posttoday.com/v5/assets/fonts/ 74 KB
74 KB 1094ms
679ms Font
application/font-woff 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.posttoday.com/v5/assets/fonts/Prompt-ExtraBold.woff
Requested by: Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 0686c2e0b058140463ba24aac3cbdb9c8c8b6daba8a56a770f282f37008ca0b9

Request headers

Referer: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Origin: https://www.posttoday.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 26 Mar 2020 10:18:59 GMT
server: bytex/1.14.0
age: 81
etag: "1284c-5a1bf50254ac0"
x-cache: HIT
content-type: application/font-woff
access-control-allow-origin: https://www.posttoday.com
cache-control: max-age=0
x-varnish: 278803765 280928550
accept-ranges: bytes
content-length: 75852
expires: Tue, 18 Jan 2022 21:04:25 GMT

GET
H2 200 Prompt-Medium.woff
static.posttoday.com/v5/assets/fonts/ 73 KB
74 KB 1093ms
679ms Font
application/font-woff 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.posttoday.com/v5/assets/fonts/Prompt-Medium.woff
Requested by: Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 4247a06a2db9b19dc18c180de3b04c5bb958f333a26761167047f8929cda047c

Request headers

Referer: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Origin: https://www.posttoday.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 26 Mar 2020 10:19:02 GMT
server: bytex/1.14.0
age: 147
etag: "12550-5a1bf50531180"
x-cache: HIT
content-type: application/font-woff
access-control-allow-origin: https://www.posttoday.com
cache-control: max-age=0
x-varnish: 279687083 281809688
accept-ranges: bytes
content-length: 75088
expires: Tue, 18 Jan 2022 21:03:19 GMT

GET
H2 200 Prompt-Regular.woff
static.posttoday.com/v5/assets/fonts/ 71 KB
72 KB 1093ms
678ms Font
application/font-woff 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.posttoday.com/v5/assets/fonts/Prompt-Regular.woff
Requested by: Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 940910ba244bf102e4c493b9bd17a454beb20a2f68d580407f2b681a3881cca4

Request headers

Referer: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Origin: https://www.posttoday.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 26 Mar 2020 10:19:02 GMT
server: bytex/1.14.0
age: 149
etag: "11dc8-5a1bf50531180"
x-cache: HIT
content-type: application/font-woff
access-control-allow-origin: https://www.posttoday.com
cache-control: max-age=0
x-varnish: 282232146 274856724
accept-ranges: bytes
content-length: 73160
expires: Tue, 18 Jan 2022 21:03:17 GMT

GET
H2 200 Flaticon.woff2
static.posttoday.com/v5/assets/fonts/ 732 B
1 KB 1008ms
677ms Font
application/octet-stream 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.posttoday.com/v5/assets/fonts/Flaticon.woff2
Requested by: Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 97194010d2e42471b725d5b8a229160262765f434b6a0c82165e3ff35554f1eb

Request headers

Referer: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Origin: https://www.posttoday.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 26 Mar 2020 10:18:57 GMT
server: bytex/1.14.0
age: 391
etag: "2dc-5a1bf5006c640"
x-cache: HIT
x-varnish: 281972532 280957078
access-control-allow-origin: https://www.posttoday.com
cache-control: max-age=0
accept-ranges: bytes
content-length: 732
expires: Tue, 18 Jan 2022 20:59:15 GMT

GET
H2 200 Prompt-Italic.woff
static.posttoday.com/v5/assets/fonts/ 78 KB
78 KB 1007ms
679ms Font
application/font-woff 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.posttoday.com/v5/assets/fonts/Prompt-Italic.woff
Requested by: Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 7efae2eab2d7f14a8938bfc77d598c75534a9a8fdcb60103d5603e12771e68fb

Request headers

Referer: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Origin: https://www.posttoday.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 26 Mar 2020 10:19:01 GMT
server: bytex/1.14.0
age: 12
etag: "13610-5a1bf5043cf40"
x-cache: HIT
content-type: application/font-woff
access-control-allow-origin: https://www.posttoday.com
cache-control: max-age=0
x-varnish: 280373544 282069888
accept-ranges: bytes
content-length: 79376
expires: Tue, 18 Jan 2022 21:05:34 GMT

GET
H2 200 advert.gif
code.th.giraff.io/data/ 34 B
248 B 14ms
14ms Image
image/webp 2606:4700:10::ac43:1ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://code.th.giraff.io/data/advert.gif
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
cf-cache-status: HIT
age: 4
cf-polished: origFmt=gif, origSize=43
content-disposition: inline; filename="advert.webp"
content-length: 34
last-modified: Thu, 21 Oct 2021 12:25:13 GMT
server: cloudflare
etag: "61715c29-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 18 Jan 2022 21:06:42 GMT
cache-control: max-age=60
accept-ranges: bytes
cf-ray: 6cfac88a0d9f7040-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 bg-wuhan.png
static.posttoday.com/v5/assets/specials/covid19/images/ 172 KB
173 KB 409ms
407ms Image
image/png 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/v5/assets/specials/covid19/images/bg-wuhan.png
Requested by: Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/specials/covid19/css/style-covid.css?v=1014.029
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 59e2112dc4823be587500d697b9a932b0276b440a124606c49db297ca0a6ec5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.posttoday.com/v5/assets/specials/covid19/css/style-covid.css?v=1014.029
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Tue, 09 Jun 2020 02:56:30 GMT
server: bytex/1.14.0
age: 64
etag: "2b191-5a79ddfccd380"
x-cache: HIT
content-type: image/png
access-control-allow-origin: null
cache-control: max-age=2592000
x-varnish: 281810649 280863133
accept-ranges: bytes
content-length: 176529
expires: Thu, 17 Feb 2022 21:04:42 GMT

GET
H2 200 icon-confirmed.svg
static.posttoday.com/v5/assets/specials/covid19/images/ 5 KB
2 KB 409ms
407ms Image
image/svg+xml 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/v5/assets/specials/covid19/images/icon-confirmed.svg
Requested by: Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/specials/covid19/css/style-covid.css?v=1014.029
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: d05513e2959ea11614045121e853a8e882695f0eb5d7291155106f7eec6bdf9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.posttoday.com/v5/assets/specials/covid19/css/style-covid.css?v=1014.029
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: gzip
age: 481
x-cache: HIT
content-length: 1402
access-control-allow-origin: null
last-modified: Fri, 27 Mar 2020 03:57:19 GMT
server: bytex/1.14.0
etag: "1422-5a1ce190a65c0-gzip"
vary: Accept-Encoding
x-varnish: 281907417 282068040
via: 1.1 varnish (Varnish/5.2)
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
expires: Wed, 18 Jan 2023 20:57:45 GMT

GET
H2 200 posttodaycom.js Show response
data.th.giraff.io/track/ 80 B
351 B 507ms
165ms Script
application/javascript 101.32.249.128
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.th.giraff.io/track/posttodaycom.js?r=&u=https%3A%2F%2Fwww.posttoday.com%2F&rand=0.19085947030989092&v=1_107_0&vis=1&callback=cbGeo404527605&sp=h
Requested by: Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-posttodaycom.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 101.32.249.128 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: nginx /
Resource Hash: 40a718625059c0570de60e75c16c0320c95889ac945594cd7c797cda90431e25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
content-encoding: gzip
server: nginx
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 124eb255d92ac5357ff4362e843affd06dc1fbebbb4d48346eb909158ba4807b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Prompt-ExtraLight.woff
static.posttoday.com/v5/assets/fonts/ 70 KB
71 KB 924ms
680ms Font
application/font-woff 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.posttoday.com/v5/assets/fonts/Prompt-ExtraLight.woff
Requested by: Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: d366bf0c07f62d65646fb3634fca7387ff49319dafae9c290685570fd445ba61

Request headers

Referer: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Origin: https://www.posttoday.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 26 Mar 2020 10:19:00 GMT
server: bytex/1.14.0
age: 124
etag: "118f0-5a1bf50348d00"
x-cache: HIT
content-type: application/font-woff
access-control-allow-origin: https://www.posttoday.com
cache-control: max-age=0
x-varnish: 278249361 281809880
accept-ranges: bytes
content-length: 71920
expires: Tue, 18 Jan 2022 21:03:42 GMT

GET
H2 200 Prompt-LightItalic.woff
static.posttoday.com/v5/assets/fonts/ 76 KB
76 KB 918ms
679ms Font
application/font-woff 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.posttoday.com/v5/assets/fonts/Prompt-LightItalic.woff
Requested by: Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 3ad2c2c669dba9e4621ac7680295690290253db3d7313241ee068e65684fe0b9

Request headers

Referer: https://static.posttoday.com/v5/assets/css/homepage.min.css?v=1014.029
Origin: https://www.posttoday.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 26 Mar 2020 10:19:01 GMT
server: bytex/1.14.0
age: 431
etag: "12ed8-5a1bf5043cf40"
x-cache: HIT
content-type: application/font-woff
access-control-allow-origin: https://www.posttoday.com
cache-control: max-age=0
x-varnish: 281941129 279161996
accept-ranges: bytes
content-length: 77528
expires: Tue, 18 Jan 2022 20:58:35 GMT

GET
H2 200 fa-solid-900.woff2
static.posttoday.com/v5/assets/fonts/ 74 KB
74 KB 887ms
678ms Font
application/octet-stream 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.posttoday.com/v5/assets/fonts/fa-solid-900.woff2
Requested by: Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/all.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be

Request headers

Referer: https://static.posttoday.com/v5/assets/css/all.min.css
Origin: https://www.posttoday.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 26 Mar 2020 10:18:57 GMT
server: bytex/1.14.0
age: 108
etag: "127d0-5a1bf5006c640"
x-cache: HIT
x-varnish: 280992577 280565369
access-control-allow-origin: https://www.posttoday.com
cache-control: max-age=0
accept-ranges: bytes
content-length: 75728
expires: Tue, 18 Jan 2022 21:03:58 GMT

GET
H2 200 fa-regular-400.woff2
static.posttoday.com/v5/assets/fonts/ 13 KB
14 KB 887ms
678ms Font
application/octet-stream 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.posttoday.com/v5/assets/fonts/fa-regular-400.woff2
Requested by: Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/all.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 0fc0a22e5e67c95d02c389a1454acc67df53e2f6a46af739f3eac7e352644751

Request headers

Referer: https://static.posttoday.com/v5/assets/css/all.min.css
Origin: https://www.posttoday.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 26 Mar 2020 10:18:56 GMT
server: bytex/1.14.0
age: 114
etag: "3510-5a1bf4ff78400"
x-cache: HIT
x-varnish: 282232144 278508360
access-control-allow-origin: https://www.posttoday.com
cache-control: max-age=0
accept-ranges: bytes
content-length: 13584
expires: Tue, 18 Jan 2022 21:03:52 GMT

GET
H2 200 fa-brands-400.woff2
static.posttoday.com/v5/assets/fonts/ 74 KB
74 KB 887ms
678ms Font
application/octet-stream 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.posttoday.com/v5/assets/fonts/fa-brands-400.woff2
Requested by: Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/css/all.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843

Request headers

Referer: https://static.posttoday.com/v5/assets/css/all.min.css
Origin: https://www.posttoday.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 26 Mar 2020 10:18:56 GMT
server: bytex/1.14.0
age: 114
etag: "12648-5a1bf4ff78400"
x-cache: HIT
x-varnish: 279687081 280565335
access-control-allow-origin: https://www.posttoday.com
cache-control: max-age=0
accept-ranges: bytes
content-length: 75336
expires: Tue, 18 Jan 2022 21:03:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 122ms
37ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KC65SG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 280
date: Tue, 18 Jan 2022 21:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 18 Jan 2022 23:01:06 GMT

GET
H2 200 hotjar-596629.js Show response
static.hotjar.com/c/ 4 KB
2 KB 48ms
9ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-596629.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KC65SG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

13ace358b54fba8a340692970cd0b9b7218bae1c2cb543fb44397d857d710268

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1912
access-control-allow-origin: *
x-cache-hit: 1
etag: W/e94d01804b2a54e7e73629da67bb28f2
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
cache-control: max-age=60
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: LvC4n4ViGgaJ2odgIxX10I2ZascMdqSFHoR489MjkrQDeCthVNZqwA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 32ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.posttoday.com
URL: https://www.posttoday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: kTFyZXENS1fzJZUsRq2HT65Q79LT55MEsASbVdhqsWI4scfhbrIlRGN+IyqKDzpVW8JbmwpB7P7kTN2oPf6xXg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 18 Jan 2022 21:05:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ins.js Show response
posttoday.api.useinsider.com/ 280 KB
78 KB 61ms
32ms Script
application/javascript 2606:4700::6811:a872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://posttoday.api.useinsider.com/ins.js?id=10004513
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KC65SG8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fffb9e1dd2f4243b5363d2ef1082f5fec14d1fba91bfc396d00c514b9f0a4891

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: br
cf-cache-status: HIT
age: 4554
x-amz-request-id: QKJW74GQ9JVC0DZT
x-amz-id-2: X2c879volauWobw/8H9ZFbXhMR5aAylcaUkfOBUBC1GMheppKuQS9Ez1YFtUZ7EwiyKR4Y7onjY=
last-modified: Fri, 14 Jan 2022 10:54:05 GMT
server: cloudflare
etag: W/"748171b93052ac44f903336ca49de6c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=300
x-amz-version-id: 1Uf5Yo6YJeorSDWXM7150GRx6wE63Rkq
cf-ray: 6cfac88afd196921-FRA
expires: Tue, 18 Jan 2022 21:10:46 GMT

GET
H2 200 lead-latest.js Show response
cdn.thelead.tech/lead/ 10 KB
10 KB 700ms
196ms Script
application/javascript 202.183.165.226
CSLOXINFO-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.thelead.tech/lead/lead-latest.js

Requested by

Host: www.posttoday.com
URL: https://www.posttoday.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.183.165.226 Bangkok, Thailand, ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH),

Reverse DNS

p352-nasbkkST3.C.csloxinfo.net

Software

Resource Hash

0c70dea7f7ae178cc658f383f959806d1c2476ffaaadc90e591a5a542746e306

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
last-modified: Tue, 08 Jun 2021 09:22:42 GMT
etag: "60bf36e2-28da"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
cache-control: must-revalidate, max-age=3600
accept-ranges: bytes
content-length: 10458

GET
H2 200 pubads_impl_2022011002.js Show response
securepubads.g.doubleclick.net/gpt/ 352 KB
118 KB 37ms
36ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 20:51:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121009
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 21:10:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Jan 2023 20:51:07 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 214 B
151 B 91ms
46ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.posttoday.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

8ed1ba4855d6f4da0ac3a8e36ba72de616f5348eee28229eef311e3ac075436b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126
x-xss-protection: 0
expires: Tue, 18 Jan 2022 21:05:46 GMT

GET
H2 200 939928879754236 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 56ms
55ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/939928879754236?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

04b86d6052c47bd4cde8c28ed7169f48081aef36b074fa9e1962665a661c1316

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: ulzxumRoEeqLKvRPp3/EmHMKlTWEaLTskmB8cMbLDoCpsGgLhTgsqjZVNlIOOdWyo/HFtZhQk1p2cLkqjYgFbg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 18 Jan 2022 21:05:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.c89f04abde364444f21e.js Show response
script.hotjar.com/ 229 KB
61 KB 38ms
8ms Script
application/javascript 52.222.236.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.c89f04abde364444f21e.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-596629.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-122.fra56.r.cloudfront.net

Software

Resource Hash

fddda23f711f28038cc34b216d5278692a4a93631433d3b90540981d1422e1b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 17:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98680
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 61580
access-control-allow-origin: *
last-modified: Mon, 17 Jan 2022 17:40:09 GMT
etag: "aaca953bf181ec7c714da08b16c0fdbb"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: WA_7FhYYISKJes1pKkY00-VdAiiM1lrDUdeuOVTdIU_10QstvY4FCg==

GET
H2 200 / Show response
graph.facebook.com/ 231 B
640 B 83ms
53ms Script
text/javascript 2a03:2880:f02d:110:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fwww.posttoday.com%2F&callback=_grf_6328811391923646

Requested by

Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-posttodaycom.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:110:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

496ef69e5dea691fb66d1a05604643b36d09b484352a1e579b05363a31332c27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1004948726
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 175
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: x67LDVjJX0yufUACNtHE6GVnGZWUh+WaZlmYYA+j4NumXLoEXJW4MLL8t383I1oUqF6DU7BaDGuISF9JiWGLGw==
x-fb-trace-id: Ezr7cWrf9Ol
date: Tue, 18 Jan 2022 21:05:46 GMT
vary: Origin, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AhPXAviNoDUOMgH0KP0vCdW
cache-control: no-store
facebook-api-version: v5.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 share.php Show response
vk.com/ 21 B
479 B 127ms
45ms Script
text/html 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/share.php?act=count&url=https%3A%2F%2Fwww.posttoday.com%2F&index=0

Requested by

Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-posttodaycom.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

Software

kittenx / KPHP/7.4.109925

Resource Hash

09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: gzip
x-frontend: front512006
server: kittenx
x-powered-by: KPHP/7.4.109925
strict-transport-security: max-age=15768000
content-type: text/html; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 41

GET
H2 200 dk Show response
connect.ok.ru/ 25 B
2 KB 250ms
66ms Script
application/javascript 217.20.147.3
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fwww.posttoday.com%2F

Requested by

Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-posttodaycom.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.20.147.3 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

ip3.147.odnoklassniki.ru

Software

apache /

Resource Hash

48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me wss://ad.mail.ru .mail.ru .imgsmail.ru .mradx.net .serving-sys.com .googleapis.com .gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st .doubleverify.com .adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru .google.ru .google.com .googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' .mail.ru https://.mail.ru .imgsmail.ru .mradx.net ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st .google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru .googleapis.com .gstatic.com www.google.com www.youtube.com https://www.youtube.com .ytimg.com https://.ytimg.com .doubleverify.com .dvtps.com .doubleclick.net .googletagservices.com .googlesyndication.com .googleadservices.com .goodgame.ru https://.goodgame.ru https://.moatads.com .adlooxtracking.com .adsafeprotected.com .serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru .googletagmanager.com connect.facebook.net .google.ru .google.com .googlesyndication.com; worker-src blob: 'self'; connect-src wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
content-encoding: br
vary: Accept-Encoding
rendered-blocks: WidgetExtLike
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
x-xss-protection: 1; mode=block
pragma: no-cache
server: apache
strict-transport-security: max-age=63072000;includeSubdomains;preload
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options: nosniff
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 jquery.min.js Show response
www.settrade.com/script/ Frame F607 85 KB
34 KB 315ms
268ms Script
application/javascript 45.60.46.141
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.settrade.com/script/jquery.min.js

Requested by

Host: www.posttoday.com
URL: https://www.posttoday.com/set.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.141 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 06 Jul 2018 11:02:28 GMT
server: nginx
etag: W/"86927-1530874948000"
x-cache-status: BYPASS
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-iinfo: 10-108552399-108552401 pNNN RT(1642539946808 0) q(0 0 0 0) r(2 2) U5
x-xss-protection: 1; mode=block
cache-control: public, max-age=3600, s-maxage=100, stale-if-error=600
x-cdn: Imperva

GET
H2 200 jquery.marquee.min.js Show response
www.settrade.com/script/jquery.marquee/1.4.0/ Frame F607 6 KB
3 KB 326ms
280ms Script
application/javascript 45.60.46.141
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.settrade.com/script/jquery.marquee/1.4.0/jquery.marquee.min.js

Requested by

Host: www.posttoday.com
URL: https://www.posttoday.com/set.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.46.141 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

s /

Resource Hash

2278cada41d2bcc06dfa905b1e859133291c58dc7fb209a57f9f5d02c11a92e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 06 Oct 2017 11:04:47 GMT
server: s
etag: W/"5638-1507287887000"
x-cache-status: BYPASS
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-iinfo: 10-108552400-108552402 pNNN RT(1642539946809 0) q(0 0 0 1) r(2 2) U5
x-xss-protection: 1; mode=block
cache-control: public, max-age=3600, s-maxage=100, stale-if-error=600
x-cdn: Imperva

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 132ms
48ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.posttoday.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 134ms
49ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.posttoday.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 18 Jan 2022 21:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 494 B
298 B 1047ms
1047ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3141883913980954&correlator=487371236686628&output=ldjh&impl=fifs&eid=31061815%2C31063911&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220118&iu_parts=21622890900%3A143557018%2CTH_posttoday.com_res_home_mid2_728x90%2C970x90%2C970x250&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3&prev_iu_szs=728x90%7C970x250%7C970x90&cust_params=url%3D%252F%26ref%3Dnull&cookie_enabled=1&bc=31&abxe=1&lmt=1642539946&dt=1642539946860&dlt=1642539945011&idt=1813&frm=20&biw=1600&bih=1200&oid=2&adxs=155&adys=2415&adks=1181492040&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.posttoday.com%2F&vis=1&scr_x=0&scr_y=0&psz=1290x20&msz=1290x0&ga_vid=1112625021.1642539947&ga_sid=1642539947&ga_hid=1326624119&ga_fc=false&fws=4&ohw=1290&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

67c6bf75cea17cee4980aeee2683b2e49c591b55b607d002dbcb838bc8749c80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 268
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.posttoday.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
10 KB 1559ms
1559ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3141883913980954&correlator=487371236686628&output=ldjh&impl=fifs&eid=31061815%2C31063911&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220118&iu_parts=21622890900%3A143557018%2CTH_posttoday.com_res_home_right_sticky_300x250%2C300x600&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=300x250%7C300x600&cust_params=url%3D%252F%26ref%3Dnull&cookie_enabled=1&bc=31&abxe=1&lmt=1642539946&dt=1642539946868&dlt=1642539945011&idt=1813&frm=20&biw=1600&bih=1200&oid=2&adxs=1145&adys=3212&adks=22578380&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.posttoday.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x20&msz=300x0&ga_vid=1112625021.1642539947&ga_sid=1642539947&ga_hid=1326624119&ga_fc=false&fws=516&ohw=300&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

959c5ebe7790086f9710340dcd91c6243875ca1a9a6d74c260ca2213a288e5b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 213202
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10369
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 327881
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.posttoday.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
9 KB 1262ms
1261ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3141883913980954&correlator=487371236686628&output=ldjh&impl=fifs&eid=31061815%2C31063911&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220118&iu_parts=21622890900%3A143557018%2CTH_posttoday.com_res_home_right3_300x250%2C300x600&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=300x250%7C300x600&cust_params=url%3D%252F%26ref%3Dnull&cookie_enabled=1&bc=31&abxe=1&lmt=1642539946&dt=1642539946871&dlt=1642539945011&idt=1813&frm=20&biw=1600&bih=1200&oid=2&adxs=1145&adys=2757&adks=1534290013&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.posttoday.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x20&msz=300x0&ga_vid=1112625021.1642539947&ga_sid=1642539947&ga_hid=1326624119&ga_fc=false&fws=516&ohw=300&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

d396da88103942201281b39de7e7be387ee5dfb78de01e7f8fef818017c38efc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 213202
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9362
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 327881
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.posttoday.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 1803ms
1803ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3141883913980954&correlator=487371236686628&output=ldjh&impl=fifs&eid=31061815%2C31063911&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220118&iu_parts=21622890900%3A143557018%2CTH_posttoday.com_res_home_right2_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cust_params=url%3D%252F%26ref%3Dnull&cookie_enabled=1&bc=31&abxe=1&lmt=1642539946&dt=1642539946874&dlt=1642539945011&idt=1813&frm=20&biw=1600&bih=1200&oid=2&adxs=1145&adys=2147&adks=1177487403&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.posttoday.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x20&msz=300x0&ga_vid=1112625021.1642539947&ga_sid=1642539947&ga_hid=1326624119&ga_fc=false&fws=4&ohw=300&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

78298ec49ddf609c8173959e797066c78385a564fd11ba32d03f0c19082c6823

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 212289
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9995
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 327869
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.posttoday.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 468 B
282 B 474ms
473ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3141883913980954&correlator=487371236686628&output=ldjh&impl=fifs&eid=31061815%2C31063911&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220118&iu_parts=21622890900%3A143557018%2CTH_posttoday.com_res_home_right1_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cust_params=url%3D%252F%26ref%3Dnull&cookie_enabled=1&bc=31&abxe=1&lmt=1642539946&dt=1642539946875&dlt=1642539945011&idt=1813&frm=20&biw=1600&bih=1200&oid=2&adxs=1145&adys=891&adks=1901929786&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.posttoday.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x20&msz=300x0&ga_vid=1112625021.1642539947&ga_sid=1642539947&ga_hid=1326624119&ga_fc=false&fws=4&ohw=300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

5582b0b280d58842b657deed4801f07ea694cf30f55cfb512848a51b2920be49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 252
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.posttoday.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
19 KB 694ms
694ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3141883913980954&correlator=487371236686628&output=ldjh&impl=fifs&eid=31061815%2C31063911&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220118&iu_parts=21622890900%3A143557018%2CTH_posttoday.com_res_home_top1_728x90%2C970x250%2C970x90%2C320x100%2C320x50&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4%2F%2F5&prev_iu_szs=728x90%7C970x250%7C970x90&cust_params=url%3D%252F%26ref%3Dnull&cookie_enabled=1&bc=31&abxe=1&lmt=1642539946&dt=1642539946877&dlt=1642539945011&idt=1813&frm=20&biw=1600&bih=1200&oid=2&adxs=155&adys=140&adks=2605546845&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.posttoday.com%2F&vis=1&scr_x=0&scr_y=0&psz=1290x20&msz=1290x0&ga_vid=1112625021.1642539947&ga_sid=1642539947&ga_hid=1326624119&ga_fc=false&fws=4&ohw=1290&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

898c81582832aa91b2d0b3a6454183112dae1f9207aafd305fa3aa4a42af6f53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19757
x-xss-protection: 0
google-lineitem-id: 5869039674
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138377005568
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.posttoday.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9C63 6 KB
4 KB 203ms
78ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 18 Jan 2022 21:05:47 GMT
expires: Wed, 18 Jan 2023 21:05:47 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 24ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=939928879754236&ev=PageView&dl=https%3A%2F%2Fwww.posttoday.com%2F&rl=&if=false&ts=1642539946896&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1642539946895.315807684&it=1642539946730&coo=false&rqm=GET

Requested by

Host: www.posttoday.com
URL: https://www.posttoday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 18 Jan 2022 21:05:46 GMT

GET
H2 200 q0027739.js Show response
lvs.truehits.in.th/dataa/ 9 KB
9 KB 713ms
204ms Script
application/x-javascript 203.154.91.10
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://lvs.truehits.in.th/dataa/q0027739.js?v=2
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.91.10 Ban Bang Yang, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-91-10.inter.net.th
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 7d421659e5dd95ed52e788b547d0aea16ac0a3206a6a563d5d3d1ea4cd711938

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
last-modified: Tue, 18 Jan 2022 21:05:00 GMT
server: nginx/1.14.0 (Ubuntu)
p3p: CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
cache-control: max-age=180
content-type: application/x-javascript
content-length: 9047
expires: Tue, 18 Jan 2022 21:08:47 GMT

GET
H2 200 recommended_homepage Show response
www.posttoday.com/v5/api_c/ 1 KB
1008 B 205ms
205ms XHR
application/json 2001:41d0:404:200::32ab
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.posttoday.com/v5/api_c/recommended_homepage
Requested by: Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/js/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:404:200::32ab , France, ASN16276 (OVH, FR),
Reverse DNS
Software: bytex/1.20.2 /
Resource Hash: 4650c90ac5f9c6689b359d0a534a2685d016111b2cbcb4fc0756cc3f5ec4400e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.posttoday.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
via: 1.1 varnish (Varnish/5.2)
x-byteark-cache: BYPASS from csw-th-csl-3 hop 2, BYPASS from fr-sbg-1 hop 1
content-type: application/json; charset=utf-8
server: bytex/1.20.2
age: 64
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
x-varnish: 281319732 280863151
cache-control: max-age=1800, public
x-byteark-reqid: 7eaa9330ff67b60ab1d066c418d7948e, dfd95d13f8b8cba58c5590fe625ed080
content-encoding: gzip
expires: Tue, 18 Jan 2022 21:34:42 GMT

GET
DATA 200
OK truncated
/ 463 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa7068b754385abd7b6ab7417cfd1625356653a0b2a939c7aab741a8b3fc659a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 484 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b29eadf4dd579e67e64030c3bac21a6d40eceb42122c67ea046180627dafc1fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 460 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f50f6c1f9d758df436c783d2722089144a04f12c42db8f1829b90263fa625de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 87 KB
34 KB 100ms
53ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-P7KX86V&t=gtm4&cid=1112625021.1642539947

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e4d3da8c8ba38836f2c4d4cd54d41167e9ef8807d6ece5e8f9ad45f6af2a263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35238
x-xss-protection: 0
expires: Tue, 18 Jan 2022 21:05:47 GMT

GET
H2 200 index.min.js Show response
static.posttoday.com/v5/assets/ads/ 8 KB
3 KB 192ms
191ms Script
application/javascript 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.posttoday.com/v5/assets/ads/index.min.js?v=1014.029
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: e869100122e225887e2c7a45b0b95cd3a969b084afa234c09fdce8d6810cc72b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
content-encoding: gzip
age: 108
x-cache: HIT
content-length: 2974
access-control-allow-origin: null
last-modified: Tue, 18 Jan 2022 21:03:58 GMT
server: bytex/1.14.0
etag: W/"218d-5d5e1a2a70a37-gzip"
vary: Accept-Encoding
x-varnish: 279163635 280863050
via: 1.1 varnish (Varnish/5.2)
cache-control: max-age=0
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 18 Jan 2022 21:03:58 GMT

GET
H2 200 worker-new.html Show response
posttoday.api.useinsider.com/ Frame C55B 8 KB
3 KB 38ms
38ms Document
text/html 2606:4700::6811:a872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://posttoday.api.useinsider.com/worker-new.html
Requested by: Host: posttoday.api.useinsider.com
URL: https://posttoday.api.useinsider.com/ins.js?id=10004513
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e58212a834825aaa684963bfbb592ac5e3d698c44a0778bbbd101ae40f214db

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
content-type: text/html
access-control-allow-origin: *
last-modified: Fri, 14 Jan 2022 04:04:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3084
expires: Thu, 03 Feb 2022 21:05:47 GMT
cache-control: public, max-age=1382400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6cfac88dece06921-FRA
content-encoding: br

GET
H2 200 box-21ccaa45726c0f3c8c458f7a87eb2298.html Show response
vars.hotjar.com/ Frame AA92 2 KB
1 KB 32ms
7ms Document
text/html 18.66.139.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-596629.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-117.fra60.r.cloudfront.net
Software: /
Resource Hash: c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/

Response headers

content-type: text/html
content-length: 1044
date: Mon, 08 Nov 2021 14:05:19 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6a4e2ae376c29011d2e53de65a08d0b7"
last-modified: Tue, 01 Jun 2021 09:17:15 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: IFIRpZeBmIRFvqZjbUok0-pGKi5S8913u891G_w2DLlsKoZmfyj9sQ==
age: 6159628

GET
H2 200 16425399471325b375ac865.addad447 Show response
segment.api.useinsider.com/v4/segments/ 927 B
637 B 213ms
142ms XHR
application/json 2606:4700::6811:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://segment.api.useinsider.com/v4/segments/16425399471325b375ac865.addad447?partnerid=10004513&fields=502ec1422e9be11d76b7a1a8f6a452ce,ac9a10cde36fee9b4d5e3857f8cc16b6&
Requested by: Host: posttoday.api.useinsider.com
URL: https://posttoday.api.useinsider.com/ins.js?id=10004513
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69a22727b4179b24b8061b144beb1975a5860f8fed8000080228707674a14ecb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cf-ray: 6cfac88df894691f-FRA

GET
H2 200 / Show response
location.api.useinsider.com/ 269 B
478 B 272ms
206ms XHR
application/json 2606:4700::6811:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://location.api.useinsider.com/?v=2&pId=10004513&
Requested by: Host: posttoday.api.useinsider.com
URL: https://posttoday.api.useinsider.com/ins.js?id=10004513
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e3bd4a5471e9cfb88d2638ad0631a774b09937fe39a3e9090082758a1f1ed29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-cache, private
cf-ray: 6cfac88dfe978b95-FRA
content-type: application/json

GET
H2 200 7258580B60D7AB80FA44F0024AF5F59E_1000.JPG
static.posttoday.com/media/content/2022/01/18/ 191 KB
191 KB 188ms
187ms Image
image/jpeg 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/media/content/2022/01/18/7258580B60D7AB80FA44F0024AF5F59E_1000.JPG
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: ed343b39aa0f872a793e3b8e4dba08b5dc4349872f180544efe8eb7784c29925

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Tue, 18 Jan 2022 07:50:05 GMT
server: bytex/1.14.0
age: 30979
etag: "2fb4e-5d5d684708dc6"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: null
cache-control: max-age=2592000
x-varnish: 280373564 226141201
accept-ranges: bytes
content-length: 195406
expires: Thu, 17 Feb 2022 12:29:28 GMT

GET
H2 200 1C4ADEA36404627D03B407B9BF9F4831_1000.jpg
static.posttoday.com/media/content/2022/01/18/ 152 KB
153 KB 210ms
209ms Image
image/jpeg 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/media/content/2022/01/18/1C4ADEA36404627D03B407B9BF9F4831_1000.jpg
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 743dffe53c5935232766363ab71dc2b8a37fd2a1dc3931f61f4f54c7e478995a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Tue, 18 Jan 2022 11:43:29 GMT
server: bytex/1.14.0
age: 591
etag: "2616e-5d5d9c721bdac"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: null
cache-control: max-age=2592000
x-varnish: 278803771 281969059
accept-ranges: bytes
content-length: 156014
expires: Thu, 17 Feb 2022 20:55:55 GMT

GET
H2 200 4CD352F17599C3126B522E431F5049F6_1000.jpg
static.posttoday.com/media/content/2022/01/18/ 73 KB
73 KB 232ms
231ms Image
image/jpeg 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/media/content/2022/01/18/4CD352F17599C3126B522E431F5049F6_1000.jpg
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: ea5d0df436659b13843191d1ff57859e2c75117b9332a8afa8e2422001877c99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Tue, 18 Jan 2022 11:34:36 GMT
server: bytex/1.14.0
age: 591
etag: "12275-5d5d9a760b687"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: null
cache-control: max-age=2592000
x-varnish: 280373568 280140882
accept-ranges: bytes
content-length: 74357
expires: Thu, 17 Feb 2022 20:55:56 GMT

GET
H2 200 B123C18F9682C1DC6C4E78EEF10947C5_700.jpg
static.posttoday.com/media/content/2022/01/18/ 69 KB
70 KB 238ms
237ms Image
image/jpeg 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/media/content/2022/01/18/B123C18F9682C1DC6C4E78EEF10947C5_700.jpg
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 937cbe2e073226ee72f9e438b21aa436d03dada97616c56c338cce8414a41827

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Tue, 18 Jan 2022 07:07:13 GMT
server: bytex/1.14.0
age: 591
etag: "1149e-5d5d5eb250e5b"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: null
cache-control: max-age=2592000
x-varnish: 279163641 282034946
accept-ranges: bytes
content-length: 70814
expires: Thu, 17 Feb 2022 20:55:56 GMT

GET
H2 200 A041CBF539533B89478785C68035B276_700.JPG
static.posttoday.com/media/content/2022/01/18/ 124 KB
124 KB 245ms
244ms Image
image/jpeg 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/media/content/2022/01/18/A041CBF539533B89478785C68035B276_700.JPG
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: e8e3fae3b7c8d4441fed4f4455c9380c03218f82312eeaf4a7bc3ee2b83047da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Tue, 18 Jan 2022 09:06:30 GMT
server: bytex/1.14.0
age: 43156
etag: W/"1ee1f-5d5d79d32fc4b"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: null
cache-control: max-age=2592000
x-varnish: 282232154 209467407
accept-ranges: bytes
content-length: 126495
expires: Thu, 17 Feb 2022 09:06:30 GMT

GET
H2 200 9C48A1DE61DB4A042B3176FB8464B8C2_350.jpeg
static.posttoday.com/media/content/2022/01/18/ 9 KB
10 KB 265ms
264ms Image
image/jpeg 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/media/content/2022/01/18/9C48A1DE61DB4A042B3176FB8464B8C2_350.jpeg
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 6dbe21e988ef4bde9e42b6733d1b28475308c5394eaeb0d19ea3d60f865a54dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Tue, 18 Jan 2022 15:58:49 GMT
server: bytex/1.14.0
age: 334
etag: "24db-5d5dd584d7ce6"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: null
cache-control: max-age=2592000
x-varnish: 281941133 280632477
accept-ranges: bytes
content-length: 9435
expires: Thu, 17 Feb 2022 21:00:12 GMT

GET
H2 200 7FD1B4EB71B486E0784F0EF807DAEE21_350.jpg
static.posttoday.com/media/content/2022/01/18/ 20 KB
20 KB 275ms
274ms Image
image/jpeg 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/media/content/2022/01/18/7FD1B4EB71B486E0784F0EF807DAEE21_350.jpg
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 759322b994d2111aee5195cf737fa1b54bb7c2baea27da20eee169b684591c2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Tue, 18 Jan 2022 14:27:05 GMT
server: bytex/1.14.0
age: 334
etag: "4ea1-5d5dc103d5c82"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: null
cache-control: max-age=2592000
x-varnish: 280958817 281939669
accept-ranges: bytes
content-length: 20129
expires: Thu, 17 Feb 2022 21:00:12 GMT

GET
H2 200 041A516EA900E4A980280FB2A517FC54_350.jpg
static.posttoday.com/media/content/2022/01/18/ 44 KB
44 KB 269ms
269ms Image
image/jpeg 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/media/content/2022/01/18/041A516EA900E4A980280FB2A517FC54_350.jpg
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 95e00d8064f0834cef0741004185456de02ce684fe46ed29d3c798ac66fc394c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Tue, 18 Jan 2022 13:55:48 GMT
server: bytex/1.14.0
age: 75
etag: "ae1d-5d5dba055b802"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: null
cache-control: max-age=2592000
x-varnish: 278249365 280992392
accept-ranges: bytes
content-length: 44573
expires: Thu, 17 Feb 2022 21:04:31 GMT

GET
H2 200 F7411339E9D3CD8D05C0ABDEB064D8D6_350.jpg
static.posttoday.com/media/content/2022/01/18/ 48 KB
49 KB 265ms
265ms Image
image/jpeg 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/media/content/2022/01/18/F7411339E9D3CD8D05C0ABDEB064D8D6_350.jpg
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: e9fa897c6390967a96c17c67575b425662e0d28528d9f4c70a1aa90ea5c9184c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Tue, 18 Jan 2022 13:15:42 GMT
server: bytex/1.14.0
age: 75
etag: "c121-5d5db10ef06fe"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: null
cache-control: max-age=2592000
x-varnish: 280565741 279882062
accept-ranges: bytes
content-length: 49441
expires: Thu, 17 Feb 2022 21:04:31 GMT

GET
H2 200 list Show response
a.giraff.io/rtb/match/ 310 B
664 B 145ms
42ms XHR
text/plain 195.161.16.148
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.giraff.io/rtb/match/list
Requested by: Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-posttodaycom.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.161.16.148 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 88b64e35a757c98dc1f37c8985aa47ebcc1aa69ef9cb19ae9f71e546dd9e17f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.posttoday.com
access-control-max-age: 1728000
access-control-allow-credentials: true
content-type: text/plain; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 46ms
45ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1326624119&t=pageview&_s=1&dl=https%3A%2F%2Fwww.posttoday.com%2F&ul=en-us&de=UTF-8&dt=%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%A7%E0%B8%B1%E0%B8%99%E0%B8%99%E0%B8%B5%E0%B9%89%20%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99%20%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%94%E0%B9%88%E0%B8%A7%E0%B8%99%20%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%82%E0%B8%9E%E0%B8%AA%E0%B8%95%E0%B9%8C%E0%B8%97%E0%B8%B9%E0%B9%80%E0%B8%94%E0%B8%A2%E0%B9%8C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCjAAEADQAAAAC~&jid=2130352728&gjid=2069595857&cid=1112625021.1642539947&tid=UA-8091193-2&_gid=585440306.1642539947&_r=1&gtm=2wg1c0KC65SG8&z=1610835523

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.posttoday.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 21:05:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.posttoday.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 596629 Show response
vc.hotjar.io/sessions/ 0
257 B 98ms
60ms XHR
text/plain 18.66.122.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/596629?s=0.25&r=0.2329253141569927
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.c89f04abde364444f21e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-82.fra60.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: 9K4rQsES979UMufA0VEGdI_9V4BJeEkQL0yzxTpxKiN_T4166mzqjQ==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 58ms
18ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-8091193-2&cid=1112625021.1642539947&jid=2130352728&gjid=2069595857&_gid=585440306.1642539947&_u=aCjAAEACQAAAAC~&z=1293358225

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.posttoday.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 18 Jan 2022 21:05:47 GMT
content-type: text/plain
access-control-allow-origin: https://www.posttoday.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 opt-in-dialog.css
assets.api.useinsider.com/css/ 3 KB
1 KB 59ms
45ms Stylesheet
text/css 2606:4700::6811:a872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.api.useinsider.com/css/opt-in-dialog.css
Requested by: Host: posttoday.api.useinsider.com
URL: https://posttoday.api.useinsider.com/ins.js?id=10004513
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9f895f84701ca7fd9dd678004f9d7be765bb7c7c7b8409ea080f645d581b163

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 125019
cf-polished: origSize=4371
cf-bgj: minify
pragma: public
last-modified: Fri, 14 Jan 2022 04:04:18 GMT
server: cloudflare
etag: W/"61e0f642-1113"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=259200
cf-ray: 6cfac88e9e9f6921-FRA
expires: Fri, 21 Jan 2022 21:05:47 GMT

GET
H2 200 native-push-sdk.js Show response
eitri.api.useinsider.com/static/ 10 KB
3 KB 40ms
28ms Script
application/javascript 2606:4700::6811:a872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eitri.api.useinsider.com/static/native-push-sdk.js
Requested by: Host: posttoday.api.useinsider.com
URL: https://posttoday.api.useinsider.com/ins.js?id=10004513
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c2beae6b782df3108556bce9ea486d9199d2ba8a2030b793157671251db626a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 6846
x-amz-request-id: TBM2AAECM7SVCSAJ
x-amz-id-2: FsnpGotf+XofdQ+gPFtRKq1MMmDQAYUR+TkgiY1gxU9evO8ahCrXF1TNDfFf0bERcQXi4p69qho=
last-modified: Fri, 14 Jan 2022 10:08:13 GMT
server: cloudflare
etag: W/"ffbd6c8a99d7d3d8f9b4a92b11362553"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
x-amz-version-id: 6M2THiBr9ub5eCtjSjLcFnf8zqxI5r3Z
cf-ray: 6cfac88e9ea56921-FRA
expires: Tue, 18 Jan 2022 21:10:47 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
26 KB 92ms
77ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/ads/index.min.js?v=1014.029

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

caedfb914856a2599d978d3c481f2702a1ef61eebbffc0e7939f0f0f77183e5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26965
x-xss-protection: 0
server: sffe
etag: "1106 / 243 of 1000 / last-modified: 1642537328"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 18 Jan 2022 21:05:47 GMT

GET
H2 200 prebid.js Show response
www.posttoday.com/js/ 104 KB
39 KB 231ms
231ms Script
application/javascript 2001:41d0:404:200::32ab
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.posttoday.com/js/prebid.js
Requested by: Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/ads/index.min.js?v=1014.029
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:404:200::32ab , France, ASN16276 (OVH, FR),
Reverse DNS
Software: bytex/1.20.2 /
Resource Hash: dc12e547af41dc4ef092b0914eda8547959e6ce0300777ddd64b18286cf4ad92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
content-encoding: gzip
age: 613
x-byteark-reqid: 3337ac142890fc5b21343b448f3599d5, 626d95b18bac087c40626f951621e4c5, 1d7d47c57ab89cb96ae26f9bfd38d9d0
x-cache: HIT
content-length: 38970
x-byteark-cache: BYPASS from csw-th-csl-3 hop 3, BYPASS from th-nbi-tot-03 hop 2, BYPASS from fr-sbg-1 hop 1
last-modified: Fri, 03 Aug 2018 02:22:41 GMT
server: bytex/1.20.2
etag: "19f41-5727e9a233e40-gzip"
vary: Accept-Encoding
x-varnish: 279163643 282132907
via: 1.1 varnish (Varnish/5.2)
cache-control: max-age=31557600, public
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 18 Jan 2023 20:55:33 GMT

GET
H2 200 homepage.json Show response
static.posttoday.com/v5/assets/ads/data// 3 KB
3 KB 444ms
444ms XHR
application/json 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.posttoday.com/v5/assets/ads/data//homepage.json?v=0.2
Requested by: Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/js/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: ebae05c63d00cd09a46fb74fdd63a91785a456f274d530e40db88104d65ffa95

Request headers

Accept: */*
Referer: https://www.posttoday.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Tue, 07 Dec 2021 07:23:23 GMT
server: bytex/1.14.0
age: 0
etag: "a14-5d2893fa4c20e"
x-cache: MISS
content-type: application/json
access-control-allow-origin: https://www.posttoday.com
cache-control: max-age=0
x-varnish: 280992593
accept-ranges: bytes
content-length: 2580
expires: Tue, 18 Jan 2022 21:05:47 GMT

GET
H/1.1 200
OK spc.php Show response
ads3.bangkokpost.co.th/www/delivery/ 437 B
825 B 741ms
219ms Script
application/x-javascript 203.154.37.221
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads3.bangkokpost.co.th/www/delivery/spc.php?zones=3040&_=1642539946673
Requested by: Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.221 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-221.northern.inet.co.th
Software: nginx/1.10.2 /
Resource Hash: 475d643cbb1be6f993df720f6a784ced139b859624eacd93802d08332c85d978

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jan 2022 20:56:43 GMT
Content-Encoding: gzip
Server: nginx/1.10.2
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript; charset=UTF-8
Expires: 0

GET
H/1.1 200
OK spc.php Show response
ads3.bangkokpost.co.th/www/delivery/ 437 B
825 B 804ms
215ms Script
application/x-javascript 203.154.37.221
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads3.bangkokpost.co.th/www/delivery/spc.php?zones=4339&_=1642539946674
Requested by: Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.221 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-221.northern.inet.co.th
Software: nginx/1.10.2 /
Resource Hash: feb9c6eb8d050c8dbd37869c11d3e27482c106ec0124899776f05d64e7197ff8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jan 2022 21:05:47 GMT
Content-Encoding: gzip
Server: nginx/1.10.2
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript; charset=UTF-8
Expires: 0

GET
H/1.1 200
OK spc.php Show response
ads3.bangkokpost.co.th/www/delivery/ 437 B
824 B 802ms
204ms Script
application/x-javascript 203.154.37.221
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads3.bangkokpost.co.th/www/delivery/spc.php?zones=3046&_=1642539946675
Requested by: Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.221 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-221.northern.inet.co.th
Software: nginx/1.10.2 /
Resource Hash: 49cd935f447656faac77c91fa4a75b2f57e8c2a0934c6eed3549cf8d04ade2bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jan 2022 20:56:43 GMT
Content-Encoding: gzip
Server: nginx/1.10.2
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript; charset=UTF-8
Expires: 0

GET
H/1.1 200
OK spc.php Show response
ads3.bangkokpost.co.th/www/delivery/ 437 B
825 B 850ms
220ms Script
application/x-javascript 203.154.37.221
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads3.bangkokpost.co.th/www/delivery/spc.php?zones=3049&_=1642539946676
Requested by: Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.221 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-221.northern.inet.co.th
Software: nginx/1.10.2 /
Resource Hash: 041f17176aaa32b62cdc5f2a233eb4fa88ee9836d775bc7c3a55b09dd55522c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jan 2022 20:56:43 GMT
Content-Encoding: gzip
Server: nginx/1.10.2
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript; charset=UTF-8
Expires: 0

GET
H/1.1 200
OK spc.php Show response
ads3.bangkokpost.co.th/www/delivery/ 437 B
824 B 843ms
211ms Script
application/x-javascript 203.154.37.221
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads3.bangkokpost.co.th/www/delivery/spc.php?zones=3046&_=1642539946677
Requested by: Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.221 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-221.northern.inet.co.th
Software: nginx/1.10.2 /
Resource Hash: 53a16f3bca01a4bf8a9f5bfcdecaf6c5c68524c1a0b4e9df94fb452efb2e3e4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jan 2022 21:05:48 GMT
Content-Encoding: gzip
Server: nginx/1.10.2
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript; charset=UTF-8
Expires: 0

GET
H/1.1 200
OK spc.php Show response
ads3.bangkokpost.co.th/www/delivery/ 437 B
825 B 290ms
219ms Script
application/x-javascript 203.154.37.221
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads3.bangkokpost.co.th/www/delivery/spc.php?zones=3049&_=1642539946678
Requested by: Host: static.posttoday.com
URL: https://static.posttoday.com/v5/assets/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.221 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-221.northern.inet.co.th
Software: nginx/1.10.2 /
Resource Hash: ca95f44dc4d56a7d4d00e625c85994e0a1009b9755bb3e54a81b8d2240315733

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jan 2022 21:05:48 GMT
Content-Encoding: gzip
Server: nginx/1.10.2
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript; charset=UTF-8
Expires: 0

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
95 B 103ms
90ms Image
image/gif 2606:4700::6811:a872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5wb3N0dG9kYXkuY29tLyIsInJlZmVyZXIiOiJodHRwczovL3d3dy5wb3N0dG9kYXkuY29tLyIsInVzZXJJZCI6IjE2NDI1Mzk5NDcxMzI1YjM3NWFjODY1LmFkZGFkNDQ3IiwicGxhdGZvcm0iOiJ3ZWIiLCJ0Ijoic3RvcmVMb2ciLCJ0eXBlIjoid2ViUHVzaCIsImxvZ1R5cGUiOiJuYXRpdmUtcGVybWlzc2lvbi1pbXByZXNzaW9uIiwiYnJvd3NlciI6IkNocm9tZSIsImlzTW9iaWxlIjpmYWxzZSwidXNlcklEIjoiMTY0MjUzOTk0NzEzMjViMzc1YWM4NjUuYWRkYWQ0NDciLCJsYW5ndWFnZSI6InRoX1RIIn0%3D&t=w&pn=posttoday
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6cfac88eef736921-FRA
content-length: 42

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
140 B 49ms
48ms Image
image/gif 2606:4700::6811:a872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL3d3dy5wb3N0dG9kYXkuY29tLyIsInJlZmVyZXIiOiJodHRwczovL3d3dy5wb3N0dG9kYXkuY29tLyIsInVzZXJJZCI6IjE2NDI1Mzk5NDcxMzI1YjM3NWFjODY1LmFkZGFkNDQ3IiwicGxhdGZvcm0iOiJ3ZWIiLCJ0Ijoic3RvcmVMb2ciLCJ0eXBlIjoid2ViUHVzaCIsImxvZ1R5cGUiOiJwdXNoLXJlcXVlc3QiLCJicm93c2VyIjoiQ2hyb21lIiwiaXNNb2JpbGUiOmZhbHNlLCJ1c2VySUQiOiIxNjQyNTM5OTQ3MTMyNWIzNzVhYzg2NS5hZGRhZDQ0NyIsImxhbmd1YWdlIjoidGhfVEgifQ%3D%3D&t=w&pn=posttoday
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6cfac88f28196921-FRA
content-length: 42

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 150ms
61ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8091193-2&cid=1112625021.1642539947&jid=2130352728&_u=aCjAAEACQAAAAC~&z=1131074538

Requested by

Host: www.posttoday.com
URL: https://www.posttoday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 21:05:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 149ms
62ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8091193-2&cid=1112625021.1642539947&jid=2130352728&_u=aCjAAEACQAAAAC~&z=1131074538

Requested by

Host: www.posttoday.com
URL: https://www.posttoday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 21:05:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
s.uuidksinc.net/match/246/ 74 B
241 B 68ms
15ms Image
image/png 31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.uuidksinc.net/match/246/?remote_uid=14150766
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
server: nginx/1.19.0
content-length: 74
content-type: image/png

GET
H/1.1 204
No Content directadvert-sync
rtb.com.ru/ 0
240 B 149ms
48ms Image
text/plain 83.222.114.188
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.com.ru/directadvert-sync?uid=14150766
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.222.114.188 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 21:05:47 GMT
Cache-Control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Server: nginx/1.18.0
Connection: keep-alive
P3p: CP="rtb.com.ru does not have a P3P policy"

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ 42 B
201 B 488ms
55ms Image
image/gif 81.222.128.214
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=77&external_id=14150766
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad14.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 21:05:47 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK sync.gif
stat.media/counter/ 43 B
265 B 121ms
37ms Image
image/gif 185.162.95.67
MIRAN-AS Miran DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.media/counter/sync.gif?system=directadvert&ext_uid=14150766
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.162.95.67 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS: sm-server1-1.smir13.imcmdb.net
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
Date: Tue, 18 Jan 2022 21:05:47 GMT
Server: nginx
Content-Type: image/gif
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: 0

GET
H2 200 /
s.uuidksinc.net/match/618/ 74 B
240 B 14ms
14ms Image
image/png 31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.uuidksinc.net/match/618/?remote_uid=14150766
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
server: nginx/1.19.0
content-length: 74
content-type: image/png

POST
H2 200 hit Show response
hit.api.useinsider.com/ 16 B
129 B 97ms
94ms XHR
text/plain 2606:4700::6811:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit.api.useinsider.com/hit
Requested by: Host: posttoday.api.useinsider.com
URL: https://posttoday.api.useinsider.com/ins.js?id=10004513
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://www.posttoday.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
request-id: 64181075-dcba-4c47-974e-c46f982eb7d1
cf-ray: 6cfac88f6c4c691f-FRA
content-length: 16

POST
H3 200 / Show response
www.facebook.com/tr/ Frame F18E 0
18 B 18ms
7ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.posttoday.com
URL: https://www.posttoday.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.posttoday.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.posttoday.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Tue, 18 Jan 2022 21:05:47 GMT

GET
H2 200 C59F272CB55F8937880763F659249192_350.jpg
static.posttoday.com/media/content/2022/01/18/ 54 KB
55 KB 191ms
190ms Image
image/jpeg 203.154.37.199
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.posttoday.com/media/content/2022/01/18/C59F272CB55F8937880763F659249192_350.jpg
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.199 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-199.northern.inet.co.th
Software: bytex/1.14.0 /
Resource Hash: 080836cfc3944eba3c36519331fe51e2268b4e087ccb372d7b60621a5f1a680f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Tue, 18 Jan 2022 13:03:49 GMT
server: bytex/1.14.0
age: 74
etag: "d8b8-5d5dae6784ce3"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: null
cache-control: max-age=2592000
x-varnish: 280992600 280142856
accept-ranges: bytes
content-length: 55480
expires: Thu, 17 Feb 2022 21:04:32 GMT

POST
H2 200 bulk Show response
connect.thelead.tech/event/ 77 B
228 B 598ms
196ms XHR
application/json 202.183.165.226
CSLOXINFO-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.thelead.tech/event/bulk

Requested by

Host: cdn.thelead.tech
URL: https://cdn.thelead.tech/lead/lead-latest.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.183.165.226 Bangkok, Thailand, ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH),

Reverse DNS

p352-nasbkkST3.C.csloxinfo.net

Software

Resource Hash

00af82e07813af922e7e472b5a1a4deb3c36fb4aba67fd841ac895c96d9afc84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.posttoday.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 18 Jan 2022 21:05:48 GMT
vary: Origin
content-length: 77
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/json

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7B6A 0
0 80ms
79ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvAqu1vMtBg7vZG7isqcfA6PObE8KZIkhOzmv3qxGXeN7qO0uwWKulvC2Vo8kmxVwPaSvGDFmwuQ5OsDUZuNKKe9umGS3dADepZydqSuM_Ac69Fp-4XtM-Oye-zPGfi62rgZ3fAeVFQAFFGKNJqEMyDLwh3DAy-xgDpgGe9I4T9ldUkHGDCOI92VXBYghKhnFp9wQdT9vPNCgFA6zlzfGdHWqQM6KJ7M2_22Red81y7YO4VlT0CwHyo3oVGhFQP2RpPUCWVO_fbn7wpcw-xkmjhnFh_kphhh4ItTGQ7pC_yzwzYLSS-qp9ZZtf3Qhl_n4VvmH1a6hSoKGBz5bt1AXIsXNm6OSXCbkuZC6kitFOHpcYdOrBqj3ySk_jYDmdlcSAqczqvx4I3eA&sai=AMfl-YQGEjS6kA9vEbkeiZaf4FoeNCPvnfSlRiYy4aTNkAwqS4ubrZHKx4QQmBoOP4YwCY7mkqiOJGfOVhE0aiKRLPrcFqmiW7LLIO7Sm-XOaYei_lcO-avZ0KlvgqtQ3dA&sig=Cg0ArKJSzA01RtJvT9AtEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.posttoday.com
URL: https://www.posttoday.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 18 Jan 2022 21:05:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 18 Jan 2022 21:05:47 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 7B6A 19 KB
8 KB 125ms
39ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7881
x-xss-protection: 0
server: cafe
etag: 7605774008668088057
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 21:04:57 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 7B6A 2 KB
1 KB 85ms
44ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:04:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 21:04:08 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7B6A 121 KB
37 KB 103ms
102ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641990413359145"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Jan 2022 21:05:47 GMT

GET
H2 200 12364622558180580055
tpc.googlesyndication.com/simgad/ Frame 7B6A 99 KB
100 KB 125ms
45ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12364622558180580055

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4d1afe69926429f7b52428ac4df1cf1d174fd32f36de2db11cbcce81e11068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 12:23:08 GMT
x-content-type-options: nosniff
age: 31359
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101649
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 03:20:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 18 Jan 2023 12:23:08 GMT

GET
H2 200 goggen.php
lvs.truehits.in.th/ 91 B
393 B 199ms
199ms Image
image/jpeg 203.154.91.10
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lvs.truehits.in.th/goggen.php?hc=q0027739&rand=325044&bv=0&rf=bookmark&web=wppaF7NHyB9cj/HoOjiD3Q%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=5ECD7710.1&fp=d&fv=-&truehitspage=home&truehitsurl=https%3a//www.posttoday.com/
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.91.10 Ban Bang Yang, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-91-10.inter.net.th
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 21:05:47 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: nginx/1.14.0 (Ubuntu)
content-type: image/jpeg
p3p: CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"

GET
DATA 200
OK truncated
/ Frame 7B6A 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 091639744bb14e525868e3a77db438ded0f4979d6d978159e30e9882337ee4cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7B6A 0
0 76ms
76ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuikGIFj4Xp9KBn0z9Ofus2yCGzShz0_5ZQ4G_YqFjDBQoIyiG6jVdhPCBu2q_jLW1XiwUD3PNYMZG4RtL0-OKMsYzukp63-63XIhpYdeEg3IJiTKo9eibrDQlZu5LkfQIh1DOHqHNV4djdV11QgJJpJeNL4GGKWal8fyM5013DPPH-xYiJe5vZ28RPQ0wO4Oef3wtfGE4uH6y2plYNp0xGRABZX57dFq21ED3cXp7xUujXvW8f1I_Uz7IYJ1Fm2CEQRD9veJZl8krr84UhFqMcIFl1agOUCc5E97cAMgDIaFmSb59Vs79gtH5xK3N9041oWcVIsIFzizsPbb50DZ6Wt_HbeHHYP-3aMo_FBpI7ny9CwPT5JRp_5V_u8woYDN9SrgLOe5-Aog0&sai=AMfl-YRFP9n9AmVuaQxpeRaVmnZPaloXnfpsftiZw6u7qt6orLhEKqAnXI44pb9eHn8Oln7t97-7OvlATfHVv0EyqchVWeQQu5Mc0iTbOZaZMe5uQ1JZm0j6Vo3n1MPgXQc&sig=Cg0ArKJSzDpOuh8AQoBhEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 18 Jan 2022 21:05:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 18 Jan 2022 21:05:47 GMT

GET
H/1.1 200
OK lg.php
ads3.bangkokpost.co.th/www/delivery/ 43 B
474 B 221ms
221ms Image
image/gif 203.154.37.221
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads3.bangkokpost.co.th/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=3040&loc=https%3A%2F%2Fwww.posttoday.com%2F&cb=8e912310d4
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.221 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-221.northern.inet.co.th
Software: nginx/1.10.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jan 2022 20:56:43 GMT
Server: nginx/1.10.2
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Expires: 0

GET
H/1.1 200
OK lg.php
ads3.bangkokpost.co.th/www/delivery/ 43 B
474 B 216ms
216ms Image
image/gif 203.154.37.221
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads3.bangkokpost.co.th/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=3046&loc=https%3A%2F%2Fwww.posttoday.com%2F&cb=80d64aaf68
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.221 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-221.northern.inet.co.th
Software: nginx/1.10.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jan 2022 21:05:48 GMT
Server: nginx/1.10.2
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Expires: 0

GET
H/1.1 200
OK lg.php
ads3.bangkokpost.co.th/www/delivery/ 43 B
474 B 207ms
206ms Image
image/gif 203.154.37.221
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads3.bangkokpost.co.th/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=4339&loc=https%3A%2F%2Fwww.posttoday.com%2F&cb=dc456f7fb8
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.221 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-221.northern.inet.co.th
Software: nginx/1.10.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jan 2022 20:56:43 GMT
Server: nginx/1.10.2
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Expires: 0

GET
H3 200 container.html Show response
433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1486 6 KB
3 KB 86ms
39ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 18 Jan 2022 21:05:47 GMT
expires: Wed, 18 Jan 2023 21:05:47 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK lg.php
ads3.bangkokpost.co.th/www/delivery/ 43 B
474 B 223ms
223ms Image
image/gif 203.154.37.221
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads3.bangkokpost.co.th/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=3046&loc=https%3A%2F%2Fwww.posttoday.com%2F&cb=4e34adaf16
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.221 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-221.northern.inet.co.th
Software: nginx/1.10.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jan 2022 21:05:48 GMT
Server: nginx/1.10.2
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Expires: 0

GET
H/1.1 200
OK lg.php
ads3.bangkokpost.co.th/www/delivery/ 43 B
474 B 214ms
214ms Image
image/gif 203.154.37.221
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads3.bangkokpost.co.th/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=3049&loc=https%3A%2F%2Fwww.posttoday.com%2F&cb=26a87a396b
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.221 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-221.northern.inet.co.th
Software: nginx/1.10.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jan 2022 20:56:43 GMT
Server: nginx/1.10.2
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Expires: 0

GET
H/1.1 200
OK lg.php
ads3.bangkokpost.co.th/www/delivery/ 43 B
474 B 213ms
213ms Image
image/gif 203.154.37.221
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads3.bangkokpost.co.th/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=3049&loc=https%3A%2F%2Fwww.posttoday.com%2F&cb=f77901c082
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.37.221 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-37-221.northern.inet.co.th
Software: nginx/1.10.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jan 2022 21:05:48 GMT
Server: nginx/1.10.2
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Expires: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1486 0
0 83ms
83ms Fetch
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CjQYfqyvnYfbUNIKn3gPtvZegB56hoa5cofno_p8DwI23ARABIABgleKQgqAHggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODHIAQngAgCoAwGqBJICT9DUejNeLtFSQdkZ8bm1ffFidv1_dIj8P1MQIK6Pl-ItK61IzkKuyru-KqrBGCh_7VlMHLBh3P3hPqzujWiDfIfwjRphQB02oyfSpCwg_6xSIFPKBgjZQW4lFBPj01Y_VYgYaWyyyMCInAGIII9IC7VARHH1zKeTf0cWA_XbCxsKnkwO5rDhsQQLDL7W5yrV5ciCdQk0h0JPMQ2brn-xw6CDd57_tkdpM1WmSjnmgk8cLDKsZdFCBaxG19l5hMOvemULHRWb0CTYi7irohA4evWMPz-XkpeUn2Zlf6o2tLW1Ies8Sji2LOYJwTJPdppYfM_wCuCY2Wv2zScNm2PcArWbfk6T9wg1EAvrOO9elQHEqOAEAYAGl47BgeDxm_LqAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi0zOTUwMDAxMjQxMTAyMzk0gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTkwNTgyOTE4NTQ0NDM4ODEYttdp&sigh=FJiMRse0x6E&uach_m=[UACH]&cid=CAQSPwCNIrLM6p06Xg15CvT5bpsX_iK3nVfjp-aAch8YD-KedbN6KhZBHdQmd-vAKMsDNP6dGjbjbhmxDb3Njr2ZLBgB
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 1486 985 B
1 KB 66ms
21ms Script
text/javascript 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=46688784;rtbwp=YecrrAAAAABfBlYmM5lx7YmP9ZS-CFk8DrpDJg;rtbdata=DSSzFeZbOCOyhgBvc-heF04MWn591tYNn2DaDYmPIE8bSXPe0Rwd4XDWEIRrmoeRx-EfRLwm_sF_d7Xicy9jm-PJDlcHuGxBe9hsTx5gWIxSi6TNO92Jf4LegWiHe9xWbFRENHiuxXMCTyWGG8V6SEkxemj4r4LidAf4LW3atxd5OpygTe6no-EKCLn4n2hzFc-lf_X3KyWF7U-ypQEW5aEuVBWCp8k1ZPSVCRcBPzE1

Requested by

Host: 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
URL: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

3062e35474704cb41a1a55205f0338aa7d2526b3f4f24678b315f6ffc4b60262

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 21:05:48 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 830
expires: -1

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 1486 2 KB
1 KB 97ms
47ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js

Requested by

Host: 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
URL: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 21:05:30 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 1486 15 KB
6 KB 89ms
41ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
URL: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 20:48:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1021
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 20:48:47 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 1486 22 KB
7 KB 87ms
39ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
URL: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 08:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216773
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 16 Jan 2023 08:52:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1486 121 KB
37 KB 137ms
137ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
URL: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641990413359145"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Jan 2022 21:05:48 GMT

GET
H/1.1 200
OK v1
a5264.casalemedia.com/impression/ Frame 1486 43 B
303 B 31ms
7ms Image
image/gif 185.170.61.205
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a5264.casalemedia.com/impression/v1?bidID=5eb96476-c91e-4397-a6d0-f5db6243d0a2&traceID=c7jinao9r2nto015pmmg&dspID=111&userID=&cmpro=0&ap=YecrqwANKnYKd5OCAAXe7b4xgJgxpOjE9j-ZpA
Requested by: Host: 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
URL: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.170.61.205 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jan 2022 21:05:48 GMT
Server: Apache
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=100
Content-Length: 43
Expires: 0

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 1486 33 KB
16 KB 58ms
18ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=46688784;rtbwp=YecrrAAAAABfBlYmM5lx7YmP9ZS-CFk8DrpDJg;rtbdata=DSSzFeZbOCOyhgBvc-heF04MWn591tYNn2DaDYmPIE8bSXPe0Rwd4XDWEIRrmoeRx-EfRLwm_sF_d7Xicy9jm-PJDlcHuGxBe9hsTx5gWIxSi6TNO92Jf4LegWiHe9xWbFRENHiuxXMCTyWGG8V6SEkxemj4r4LidAf4LW3atxd5OpygTe6no-EKCLn4n2hzFc-lf_X3KyWF7U-ypQEW5aEuVBWCp8k1ZPSVCRcBPzE1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0ae298f2509111b6eff0a258cb53fafcd63adbacfef38e453f46d7ff50edc24e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:48 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 09:30:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 20 Jan 2022 00:23:52 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 1486 4 KB
2 KB 23ms
22ms Script
text/javascript 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=46688784;rtbwp=YecrrAAAAABfBlYmM5lx7YmP9ZS-CFk8DrpDJg;rtbdata=DSSzFeZbOCOyhgBvc-heF04MWn591tYNn2DaDYmPIE8bSXPe0Rwd4XDWEIRrmoeRx-EfRLwm_sF_d7Xicy9jm-PJDlcHuGxBe9hsTx5gWIxSi6TNO92Jf4LegWiHe9xWbFRENHiuxXMCTyWGG8V6SEkxemj4r4LidAf4LW3atxd5OpygTe6no-EKCLn4n2hzFc-lf_X3KyWF7U-ypQEW5aEuVBWCp8k1ZPSVCRcBPzE1;js=1;adfxid=1x;10820;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.posttoday.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

baa20b3424b293a262ff447461b496382d3911b177c641b6775fcf663700f6bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 21:05:48 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2103
expires: -1

GET
H3 200 container.html Show response
433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1F18 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 18 Jan 2022 21:05:47 GMT
expires: Wed, 18 Jan 2023 21:05:47 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame E8F4
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1

2 KB
3 KB

19ms
19ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Requested by: Host: 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
URL: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: dc1824c6554dbad1db4599306ee770d637c71eae97f9ff407255e737d0fb83c3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|45|230|241|88|111|195|47
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Expires: Tue, 18 Jan 2022 21:05:48 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 18 Jan 2022 21:05:48 GMT
Content-Length: 1845
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 364
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Tue, 18 Jan 2022 21:05:48 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 18 Jan 2022 21:05:48 GMT
Connection: keep-alive

GET
DATA 200
OK truncated
/ Frame 1486 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b44d660052fee1ed7ad23e4421c8455ac0616c2aaf7522c2862e1e7645fc10d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1F18 0
0 83ms
82ms Fetch
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ChPVErCvnYcPABp6r3gOFnK-QDp6hoa5cofno_p8DwI23ARABIABgleKQgqAHggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODHIAQngAgCoAwGqBJgCT9BUEPmYv7SSmTfdo0N4ghwhScPO7L4Dh8JVpazDMpaUq7yRiA_mir6ScexnFK_z_LP5unTrt2F9s3_XkVa52aOGIUaEOL49w5MdtHo_BoUHOiavBmu2BSfSCw1t9CHJSImy26kw8cweuvwl7hX88zWf3qnYf1Y5lNrgeVxVMhy51_amWxCrbnS7-zW3MmNsL-uIWTiw17zYOutRbiAxvSSbe-mboPUQCD8xvHJrAyBEZHM_7JGftXW52tWjYvQGXBX9CBzwNK5buB3M6rsGcjIlr9UkK8kPTnzR39OHzXFzfeTQwslF-4rsNhN9tzjEt5SV8DP6E_DO976wsxvaOXjeZDgg2wh8-KgmMZZrb-xBFDvyqEIH5OAEAYAGl47BgeDxm_LqAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi0zOTUwMDAxMjQxMTAyMzk0gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTkwNTgyOTE4NTQ0NDM4ODEYttdp&sigh=jBBnRWCDIqI&uach_m=[UACH]&cid=CAQSPgCNIrLMo8_QHwCGsO5GT-B7-eOxsh6toEn8-q-spXZIOr5q6M7bjM9BTDpWdKBIOkpqm_403CCBqsBy0ih2GAE
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 1F18 985 B
1 KB 21ms
20ms Script
text/javascript 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=52550208;rtbwp=YecrrAAAAADx5cy_zoWjaMVpoGECjfKuuKxUzw;rtbdata=CNGpXbKEHMnNuCGiIay3JmRfTVMggyIfSpU9O4fKBnjZHLqH8Oocg6PrSFUHi4RYx-EfRLwm_sF_d7Xicy9jm-PJDlcHuGxBe9hsTx5gWIyBFrGj5P_ofhaLxCYZwIuFbFRENHiuxXOEc-qi_29nW0kxemj4r4LiwYJ-1TAvs0x5OpygTe6no-EKCLn4n2hzFc-lf_X3KyWF7U-ypQEW5YKLMr5O4ZVNZPSVCRcBPzE1

Requested by

Host: 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
URL: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

93f5d53bfa0db4bcbda5c24c5854c79f05fa32379c84969aba2749d208cb31ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 21:05:48 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 843
expires: -1

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 1F18 2 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js

Requested by

Host: 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
URL: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 21:05:30 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 1F18 15 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
URL: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 20:48:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1021
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 20:48:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1F18 0
0 99ms
50ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRzMTBsxAo0CuSMiF7-jlbDbQOtfnqP5OrfRKYkeqpxbX77FaLMvS2SpsaL25N--8fhKNWlxcQEFwXedIJCs7adg4t6nA
Requested by: Host: 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
URL: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 1F18 22 KB
7 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
URL: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 08:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216773
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 16 Jan 2023 08:52:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1F18 121 KB
37 KB 107ms
106ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
URL: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641990413359145"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Jan 2022 21:05:48 GMT

GET
H/1.1 200
OK v1
a2136.casalemedia.com/impression/ Frame 1F18 43 B
303 B 31ms
7ms Image
image/gif 185.170.60.167
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a2136.casalemedia.com/impression/v1?bidID=38c00a24-680a-4f82-9b6c-602dedab6da5&traceID=c7jinb0ir2jedfnjeukg&dspID=111&userID=&cmpro=0&ap=YecrrAABoEMKd5WeAAvOBQnR1NOw9H_pEHj0aA
Requested by: Host: 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
URL: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.170.60.167 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jan 2022 21:05:48 GMT
Server: Apache
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=100
Content-Length: 43
Expires: 0

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 1486 85 KB
37 KB 30ms
29ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0808dc2d2a687e420d40b158c5f88ff5241c36d014c36ee586744cfb9c5ed47e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:48 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 09:30:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 20 Jan 2022 00:23:53 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame E8F4 70 B
265 B 108ms
35ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 21:05:48 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame E8F4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YecrrAzFQncdRxAfvqNBVQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPwdOEzFmvYr-8VWEcyfKjY&google_cver=1&gdpr=1

43 B
1 KB

13ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPwdOEzFmvYr-8VWEcyfKjY&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jan 2022 21:05:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 18 Jan 2022 21:05:48 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Jan 2022 21:05:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPwdOEzFmvYr-8VWEcyfKjY&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame E8F4 170 B
502 B 132ms
50ms Image
image/png 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YecrrAzFQncdRxAfvqNBVQAABI8AAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 21:05:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame E8F4
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YecrrAzFQncdRxAfvqNBVQAABI8AAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YecrrAzFQncdRxAfvqNBVQAABI8AAAAB&dcc=t

43 B
645 B

100ms
100ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YecrrAzFQncdRxAfvqNBVQAABI8AAAAB&dcc=t

Requested by

Protocol

HTTP/1.1

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jan 2022 21:05:48 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: A8YEY4THNY0KT13CTDK1
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 18 Jan 2022 21:05:48 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: E0RF20S3V67RFNMFHHZM
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YecrrAzFQncdRxAfvqNBVQAABI8AAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame E8F4 0
0

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame E8F4 0
331 B 82ms
19ms Image
text/plain 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=29&gdpr=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 21:05:48 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame E8F4
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-83e519ad-7086-446c-9003-38aceeaaeced

43 B
1 KB

14ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-83e519ad-7086-446c-9003-38aceeaaeced
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jan 2022 21:05:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 18 Jan 2022 21:05:48 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-83e519ad-7086-446c-9003-38aceeaaeced
date: Tue, 18 Jan 2022 21:05:48 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame E8F4
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=iqANLQnQ1N9VFO5&gdpr=1

43 B
988 B

16ms
16ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=iqANLQnQ1N9VFO5&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jan 2022 21:05:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 18 Jan 2022 21:05:48 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 18 Jan 2022 21:05:48 GMT
Server: PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-0f57142fe7121e10b@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=iqANLQnQ1N9VFO5&gdpr=1
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame E8F4 43 B
424 B 27ms
7ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YecrrAzFQncdRxAfvqNBVQAABI8AAAAB?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 21:05:48 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "da1f1d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=703
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 18 Jan 2022 21:17:31 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 1F18 33 KB
16 KB 44ms
43ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=52550208;rtbwp=YecrrAAAAADx5cy_zoWjaMVpoGECjfKuuKxUzw;rtbdata=CNGpXbKEHMnNuCGiIay3JmRfTVMggyIfSpU9O4fKBnjZHLqH8Oocg6PrSFUHi4RYx-EfRLwm_sF_d7Xicy9jm-PJDlcHuGxBe9hsTx5gWIyBFrGj5P_ofhaLxCYZwIuFbFRENHiuxXOEc-qi_29nW0kxemj4r4LiwYJ-1TAvs0x5OpygTe6no-EKCLn4n2hzFc-lf_X3KyWF7U-ypQEW5YKLMr5O4ZVNZPSVCRcBPzE1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0ae298f2509111b6eff0a258cb53fafcd63adbacfef38e453f46d7ff50edc24e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:48 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 09:30:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 20 Jan 2022 00:23:52 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 1486 35 B
494 B 22ms
21ms Ping
image/gif 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=46688784&csi=gfBe8Q_xDx6a2JIQmL3igfzVQtcBCnkWSuJRXiRrDMrZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 21:05:48 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 45677523.jpg
s1.adform.net/Banners/45677523/ Frame 1486 64 KB
64 KB 22ms
22ms Image
image/jpeg 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/45677523/45677523.jpg?bv=2

Requested by

Host: 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
URL: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ed71863744f9de012f6eb6b40b80de5e5e1b1e0ebd827b78c9d1998a2ebfbceb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:48 GMT
last-modified: Thu, 03 Jun 2021 09:18:14 GMT
server: nginx
etag: "60b89e56-ffcf"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 65487

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 1F18 4 KB
2 KB 21ms
21ms Script
text/javascript 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=52550208;rtbwp=YecrrAAAAADx5cy_zoWjaMVpoGECjfKuuKxUzw;rtbdata=CNGpXbKEHMnNuCGiIay3JmRfTVMggyIfSpU9O4fKBnjZHLqH8Oocg6PrSFUHi4RYx-EfRLwm_sF_d7Xicy9jm-PJDlcHuGxBe9hsTx5gWIyBFrGj5P_ofhaLxCYZwIuFbFRENHiuxXOEc-qi_29nW0kxemj4r4LiwYJ-1TAvs0x5OpygTe6no-EKCLn4n2hzFc-lf_X3KyWF7U-ypQEW5YKLMr5O4ZVNZPSVCRcBPzE1;js=1;adfxid=2x;2859;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.posttoday.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4789103b86b2a3999aa656dc4cdc7b829460a72a7e1a2d34e7d5a25bb11cdab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 21:05:48 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2110
expires: -1

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame FE11 2 KB
3 KB 18ms
18ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Requested by: Host: 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
URL: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 35b43182d645970f9115ab9e6d5448c5a9123dcb0fa1b5ba11ad77a50b78f67c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 73|46|130|206|196|176|31|221
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Expires: Tue, 18 Jan 2022 21:05:48 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 18 Jan 2022 21:05:48 GMT
Content-Length: 1551
Connection: keep-alive

GET
DATA 200
OK truncated
/ Frame 1F18 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f22848f3d56bfcdc113ca469e84be99e79e5185b1233d9a9713759bf9c6ccfbd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 YecrrAzFQncdRxAfvqNBVQAABI8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame FE11 43 B
875 B 97ms
32ms Image
image/gif 2a05:d018:d29:3605:7ea4:f1cc:2176:cd9d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YecrrAzFQncdRxAfvqNBVQAABI8AAAAB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:7ea4:f1cc:2176:cd9d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:48 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame FE11 0
0 61ms
29ms Image
text/html 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame FE11
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAIvGk7DzlcAAEEcmY5uKQ&expiration=1643749548&gdpr=1

43 B
1 KB

15ms
15ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAIvGk7DzlcAAEEcmY5uKQ&expiration=1643749548&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jan 2022 21:05:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 18 Jan 2022 21:05:48 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAIvGk7DzlcAAEEcmY5uKQ&expiration=1643749548&gdpr=1
Date: Tue, 18 Jan 2022 21:05:48 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55940/ Frame FE11 0
124 B 36ms
11ms Image
text/plain 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YecrrAzFQncdRxAfvqNBVQAABI8AAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:48 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame FE11
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
315 B

11ms
11ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jan 2022 21:05:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 18 Jan 2022 21:05:48 GMT

Redirect headers

date: Tue, 18 Jan 2022 21:05:48 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H2 200 113
match.deepintent.com/usersync/ Frame FE11 0
44 B 285ms
92ms Image
text/plain 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:48 GMT
content-length: 0
server: c

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame FE11
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6958263481291830557&uid=Q6958263481291830557&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

7ms
6ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol: HTTP/1.1
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 21:05:48 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Tue, 18 Jan 2022 21:05:48 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2

200

tpid=YecrrAzFQncdRxAfvqNBVQAA%261167
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame FE11
Redirect Chain

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YecrrAzFQncdRxAfvqNBVQAA%261167?gdpr_consent=&us_privacy=&gdpr=1
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YecrrAzFQncdRxAfvqNBVQAA%261167?gdpr_consent=&us_privacy=&gdpr=1

49 B
732 B

44ms
44ms

Image
image/gif

52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YecrrAzFQncdRxAfvqNBVQAA%261167?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol: H2
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 21:05:48 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.24.66
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 18 Jan 2022 21:05:48 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YecrrAzFQncdRxAfvqNBVQAA%261167?gdpr_consent=&us_privacy=&gdpr=1
cache-control: no-cache
x-server: 10.45.29.218
content-length: 0
expires: 0

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame FE11 43 B
424 B 8ms
7ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YecrrAzFQncdRxAfvqNBVQAABI8AAAAB?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 21:05:48 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "da1f1d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=703
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 18 Jan 2022 21:17:31 GMT

GET
H3 200 container.html Show response
433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9B33 6 KB
3 KB 39ms
38ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 18 Jan 2022 21:05:47 GMT
expires: Wed, 18 Jan 2023 21:05:47 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 1F18 85 KB
37 KB 22ms
21ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0808dc2d2a687e420d40b158c5f88ff5241c36d014c36ee586744cfb9c5ed47e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:48 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 09:30:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 20 Jan 2022 00:23:53 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 1F18 35 B
503 B 21ms
20ms Ping
image/gif 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=52550208&csi=nU7vjiOT9ELFH3WcotLA1KUwud0a4433KlSJg7tudinZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 21:05:48 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 50911081.jpg
s1.adform.net/Banners/50911081/ Frame 1F18 56 KB
56 KB 20ms
20ms Image
image/jpeg 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/50911081/50911081.jpg?bv=1

Requested by

Host: 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
URL: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

78410e5eb70b4e9990d945c187a14f72c3e120095cd6a98854686954c358ac73

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:48 GMT
last-modified: Mon, 17 Jan 2022 15:42:50 GMT
server: nginx
etag: "61e58e7a-df0c"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 57100

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9B33 0
0 84ms
83ms Fetch
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBmSorCvnYfXDGMyS3gPDsJnwCobK5Z5chIHg9s4CwI23ARABIABgleKQgqAHggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODHIAQngAgCoAwGqBKgCT9C41ip_E-A4uuouy9hDDuAIBfKVK_4NfyqTu-ytAMO29UmRMkqBv7fCyK4g2J2324jCkl6LG27vGNQ2WNIZJATbMspGk-uriAyblyBmXX2o9r2jUb4TYxsBICiTQz5AptqU1J0BadWcU9mkwLUVRLR724rpXZvOImvz1iCfLaPjnxRVbZtWa0kjYdjfafmfO0UBJIewQjKPFQkzwHZA0WGeCYs4BAIEbnvExK9UnVjiQvX4GbL94v5gFYm7jWU8l6sog5mpkF0s5nam_1dxYvOT_kvycjwsbLX28OHIMyalC0cLaaWdzL-JSA83LEp4SlXYmcdMaeTmEw3vS51bEwB_37ZaRM52_HyqwDWIOtoSd__Xw9BNrNlqEo3bH9ZJgxnjOCPMc-bgBAGABo3C69DG682GngGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tMzk1MDAwMTI0MTEwMjM5NIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi05MDU4MjkxODU0NDQzODgxGLbXaQ&sigh=9CJPlIEgOgs&uach_m=[UACH]&cid=CAQSPgCNIrLMGJG1JPOKKYVD4dtaoveIaHxR92CRiNQ0fLlb6uiLceqqo20E7RIUrICiq4B2AEhoPfZXekDCqpNuGAE&tpd=AGWhJmuBGTRFt-gZKG9GW5ptfk8VVGxns-o3MWz0paNgvhvvn2obldTT-83OUZMuLaAggLnhtNSyH8OuYBuoY1bIQCB1oYb0BEY5V3Y4xSIjNHv3WISYKv7MuHA-PlYxnCKQ58g9Wi0g5hC82GcExH-FGoeNgl2cxaDdrjDw9P2QZG38WLQ1lZYuAfgfRYWolhzi6uWg7mRYltiK_CXBNyN3yNKP8GZGg_NOjtiwkCs_zrsEZqMF3FbyhJyXylPHq3JlxZ7-hRWbXb12umxI8mN1-J8quQbUPL1OUf6DUTgPyrrO_6dGRqB-srCp6O6bYCARktU1wIGUJ8UGUO39ka8b9XkWC_y0M72mHk-UGIG3Xhu2ByS9P1bz2xrANB3UfbMjnDqnpOILPyWGQ72LRgJjcxV_ZErMlmOj-ZaLPkyHEHGYzAUHE9dyTV6-7PaLJaMjNMpSd_1r6wcJbMmecuH-NSEFn7D5y9y3AgtppYEKGM6nHWWGYMawe_aIsBBaGDTCwEKVHICw9LQDAcaPZVTj-S9nG7yIHp_b88_0qElO-2zueQQlaWjnK-i_BZVphqMG0jcs042f4CgSEZbgtpWaf9qb9_gvebi7rpiMFNjD5Qxo-GLlewR6QCp1ymvGARB_RclvFjpbBZbYib2nR0m6NXc0hf6zv5crvDh2egbbIUCjaUNk0FfeXFz9ULqUV7fiZ9Uu-MtUqIPhJCAfVBHQC8OSBlegr7W02wtckXqcR_ZI9tA-8M5Fobsy36VkC58SdbyB6S69ynL9wPZn67e3X1QVOKiilts6dY30K70WezGy91BYJK3uZOpVjvG2FL6tMd3SmrF4j0F9SYHIoa4a2sgen-xhPEu1HIpZGkWr_VBoz_h6aWcgDydcZJ_zmIKAP7DnWAyisEkhqrQmJWmDFqdAs2vIh6pleFJ8CBcq87nhIOSpGsESg0HWzYmxlf_WzqyC
Requested by: Host: www.posttoday.com
URL: https://www.posttoday.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 9B33 1019 B
1 KB 23ms
21ms Script
text/javascript 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=52550208;rtbwp=AAABfm8CmjbJdjSgNRKXzbYjKG9LOgB1HwcmXw-jHOPoCkU6yKwirPOW070DT4DnK3GmRlV0;rtbdata=X8YhxlDcBAxJxxQ8qV455_wJf2P44zSoxvb5nbCXVi2VH8Z2tPNxwb21n2vSChMBx-EfRLwm_sF_d7Xicy9jm-PJDlcHuGxBe9hsTx5gWIyb0l7T9yuTrHmkS0ZHGec2WKy0_Gk4SlgJsZCeFKSRPEX-0wJPhnOWvXXVAFLVymYeEnx9trl5ZQ_ULTHR8r5jwY17SWppRpFw16cRSJXab3c8TI8qqnubpL7ASyC9FII1

Requested by

Host: 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
URL: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4dfa3242e71686516c2c489dfaa6427bf0c27b183b5acd14bec31259aad55151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 21:05:48 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 886
expires: -1

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 9B33 2 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js

Requested by

Host: 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
URL: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 21:05:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B33 121 KB
37 KB 123ms
122ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
URL: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641990413359145"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Jan 2022 21:05:48 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 9B33 15 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
URL: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 20:48:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1021
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 20:48:47 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 9B33 22 KB
7 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
URL: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 08:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216773
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 16 Jan 2023 08:52:55 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 9B33 33 KB
16 KB 21ms
21ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=52550208;rtbwp=AAABfm8CmjbJdjSgNRKXzbYjKG9LOgB1HwcmXw-jHOPoCkU6yKwirPOW070DT4DnK3GmRlV0;rtbdata=X8YhxlDcBAxJxxQ8qV455_wJf2P44zSoxvb5nbCXVi2VH8Z2tPNxwb21n2vSChMBx-EfRLwm_sF_d7Xicy9jm-PJDlcHuGxBe9hsTx5gWIyb0l7T9yuTrHmkS0ZHGec2WKy0_Gk4SlgJsZCeFKSRPEX-0wJPhnOWvXXVAFLVymYeEnx9trl5ZQ_ULTHR8r5jwY17SWppRpFw16cRSJXab3c8TI8qqnubpL7ASyC9FII1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0ae298f2509111b6eff0a258cb53fafcd63adbacfef38e453f46d7ff50edc24e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:48 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 09:30:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 20 Jan 2022 00:23:52 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 9B33 4 KB
2 KB 21ms
21ms Script
text/javascript 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=52550208;rtbwp=AAABfm8CmjbJdjSgNRKXzbYjKG9LOgB1HwcmXw-jHOPoCkU6yKwirPOW070DT4DnK3GmRlV0;rtbdata=X8YhxlDcBAxJxxQ8qV455_wJf2P44zSoxvb5nbCXVi2VH8Z2tPNxwb21n2vSChMBx-EfRLwm_sF_d7Xicy9jm-PJDlcHuGxBe9hsTx5gWIyb0l7T9yuTrHmkS0ZHGec2WKy0_Gk4SlgJsZCeFKSRPEX-0wJPhnOWvXXVAFLVymYeEnx9trl5ZQ_ULTHR8r5jwY17SWppRpFw16cRSJXab3c8TI8qqnubpL7ASyC9FII1;js=1;adfxid=3x;10545;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.posttoday.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e43665cec3565148d5fd76a80288a849431a522cd7c82ac9d3dc9bc7aaca70ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 21:05:48 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2153
expires: -1

GET
H2 200 pd Show response
jp-u.openx.net/w/1.0/ Frame 0455 0
177 B 60ms
21ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=41369f8c-6fd8-4c86-b8bb-fad81774416e
Requested by: Host: 433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
URL: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.0.0
date: Tue, 18 Jan 2022 21:05:48 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7B6A 42 B
497 B 163ms
79ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstsg-Y4ZxhWsYpTEG286cbLgR_OocqYAudTPp666L97DNOvcXTeF3oAlUbnKy7CfL2XBR7n3Tf18iszD8N9OJO76lxIhDN5PcrLAmIV9zpwrjOJL2mp&sig=Cg0ArKJSzF3dawzyiPb-EAE&id=lidar2&mcvt=1000&p=140,200,390,1400&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220112&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2605546845&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642539947593&rpt=229&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.posttoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 21:05:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 9B33 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 125c919e4a9f41dab7954a4bec6b7cad6d0deb04742168e54fcbf0fa5a84a781

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 9B33 85 KB
37 KB 25ms
25ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0808dc2d2a687e420d40b158c5f88ff5241c36d014c36ee586744cfb9c5ed47e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:48 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 09:30:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 20 Jan 2022 00:23:53 GMT

GET
H2 200 45677523.jpg
s1.adform.net/Banners/45677523/ Frame 9B33 64 KB
64 KB 20ms
20ms Image
image/jpeg 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/45677523/45677523.jpg?bv=2

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ed71863744f9de012f6eb6b40b80de5e5e1b1e0ebd827b78c9d1998a2ebfbceb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:05:48 GMT
last-modified: Thu, 03 Jun 2021 09:18:14 GMT
server: nginx
etag: "60b89e56-ffcf"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 65487

POST
H2 200 /
track.adform.net/csimpr/ Frame 9B33 35 B
503 B 20ms
20ms Ping
image/gif 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=52550208&csi=boZarlj1L9VjLErrsuVsb3d5DYmBSaGQSuJRXiRrDMrZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 21:05:48 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F18 0
442 B 161ms
77ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?v=3&s=pagead&action=load3pas&it=fb.1622,e2e.2079,fs.1583,reqs.1584,ress.1622,rese.1623&srt=40&e=&id=csi_pagead&gqid=&qqid=CMPGi5GavPUCFZ6VdwodBc4L4g&rt=lb.149,ol.457

Requested by

Host: www.posttoday.com
URL: https://www.posttoday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 21:05:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET placementbid.json
an.facebook.com/v2/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 21 KB
7 KB 175ms
146ms XHR
application/json 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.posttoday.com
URL: https://www.posttoday.com/js/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

7bcd803e6a6fa16afd41765ac77b036c331958489f73f6df8c040d1d24406f6d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.posttoday.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 18 Jan 2022 21:05:49 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 03e6c7b5-9cff-4a65-8606-23c74639d27c
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.posttoday.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 1486 35 B
503 B 20ms
20ms Ping
image/gif 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@46688784,4897882783024833196,0|0|0|0|0|0|0|0|0||0|1|1538|cfbbf6f6-2911-4c07-8b1d-2622108a982a_1|||1|0|0|pSWgDinGSOri5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 21:05:53 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 1F18 35 B
503 B 21ms
20ms Ping
image/gif 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@52550208,4728964787310960122,0|0|0|0|0|0|0|0|0||0|1|1538|2852dad1-51a9-4823-8e83-76c46f410daa_1|||1|0|0|HgdOgH1fkFfi5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 21:05:53 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 9B33 35 B
503 B 20ms
20ms Ping
image/gif 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@52550208,9100257560751940479,0|0|0|0|0|0|0|0|0||0|1|346|9f7511f7-bce7-4122-8845-482e19bb96dc_1|||1|0|0|HgdOgH1fkFfi5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 21:05:53 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1

Domain: an.facebook.com
URL: https://an.facebook.com/v2/placementbid.json?placementids[]=791835647872509_791842231205184&placementids[]=791835647872509_1115550792167658&placementids[]=791835647872509_1115549222167815&adformats[]=300x250&adformats[]=300x250&adformats[]=300x250&testmode=false&pageurl=&sdk[]=5.5.web&sdk[]=5.5.web&sdk[]=5.5.web&pbv=1.10.0

Verdicts & Comments Add Verdict or Comment

168 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.posttoday.com/	1970-01-21 00:15:39	Name: pt_37jtdo74 Value: uid=gqy1JoPoMY-tUWjcGpy9Aw&nid=1&vid=DybT27iB3/ghdBW0tYc6Mw&vn=1&pvn=1&sact=1642539946408&to_flag=0&pl=dOhQAhMg2VPLKlJNP0SUdwpt1642539946408
.posttoday.com/	1969-12-31 23:59:59	Name: pt_s_37jtdo74 Value: vt=1642539946408&cad=
www.posttoday.com/	1969-12-31 23:59:59	Name: _grf_vis Value: 1
.posttoday.com/	1970-01-20 02:25:15	Name: _fbp Value: fb.1.1642539946895.315807684
.vk.com/	1970-01-20 09:06:10	Name: remixlang Value: 6
.posttoday.com/	1970-01-20 17:46:51	Name: _ga Value: GA1.2.1112625021.1642539947
.posttoday.com/	1970-01-20 00:17:06	Name: _gid Value: GA1.2.585440306.1642539947
.th.giraff.io/	1970-01-20 09:01:15	Name: gid Value: rBYAEWHnK6uG6HHPDwS3Ag==
www.posttoday.com/	1970-01-20 09:01:15	Name: _grf_uid Value: 14150766
www.posttoday.com/	1970-01-20 00:17:06	Name: _grf_cm Value: 1
.posttoday.com/	1970-01-20 00:15:40	Name: _gat_UA-8091193-2 Value: 1
.posttoday.api.useinsider.com/	1970-01-20 00:17:06	Name: insdrPushCookieStatus Value: true
.posttoday.com/	1970-01-20 09:01:15	Name: _hjSessionUser_596629 Value: eyJpZCI6ImYzYTAyOGM2LWNlYTQtNTcxOS1iYjE1LWY0Y2Y2MzlhOTkzMCIsImNyZWF0ZWQiOjE2NDI1Mzk5NDY4MTEsImV4aXN0aW5nIjpmYWxzZX0=
.posttoday.com/	1970-01-20 00:15:41	Name: _hjFirstSeen Value: 1
www.posttoday.com/	1970-01-20 00:15:40	Name: _hjIncludedInSessionSample Value: 1
.posttoday.com/	1970-01-20 00:15:41	Name: _hjSession_596629 Value: eyJpZCI6IjJhMmNjYmY3LTBhYWUtNDBmYS1hYTA0LTFiMzM3MzgwYzRjZiIsImNyZWF0ZWQiOjE2NDI1Mzk5NDcyNjIsImluU2FtcGxlIjp0cnVlfQ==
.posttoday.com/	1970-01-20 00:15:41	Name: _hjAbsoluteSessionInProgress Value: 1
.posttoday.api.useinsider.com/	1970-01-20 00:17:06	Name: push-request-sent Value: true
.posttoday.api.useinsider.com/	1970-01-20 08:54:03	Name: native-permission-impression Value: true
.truehits.in.th/	1969-12-31 23:59:59	Name: ck3rdparty Value: 1
.posttoday.com/	1969-12-31 23:59:59	Name: _cbclose Value: 1
.posttoday.com/	1969-12-31 23:59:59	Name: _cbclose3975 Value: 1
.posttoday.com/	1970-01-25 20:29:45	Name: _uid3975 Value: 5ECD7710.1
.posttoday.com/	1970-01-20 00:15:41	Name: _ctout3975 Value: 1
www.posttoday.com/	1969-12-31 23:59:59	Name: verify Value: test
.uuidksinc.net/	1970-01-20 09:01:15	Name: jcsuuid Value: Cem8CsLZUnmbqhtkpamN
.doubleclick.net/	1970-01-20 09:37:15	Name: IDE Value: AHWqTUk8fxaCmprT_zmbBsbkGTUw-5YLk-MWryW1yW_CXNAUiaHwVY2qSE6E6HYyY5s
.truehits.in.th/	1970-01-20 02:42:18	Name: truehitsid Value: k083oRSm
.doubleclick.net/	1970-01-20 00:15:40	Name: test_cookie Value: CheckForPermission
.posttoday.com/	1970-01-21 20:03:39	Name: ka_iid Value: 9oc3Ji7GdfwjM5YyUj8ACU
.posttoday.com/	1970-01-20 00:15:41	Name: ka_sid Value: TELyeqEx1cW2Dw4YarN4fH
.casalemedia.com/	1970-01-20 09:01:15	Name: CMID Value: YecrrAzFQncdRxAfvqNBVQAA
.casalemedia.com/	1970-01-20 02:25:15	Name: CMPS Value: 3270
.casalemedia.com/	1970-01-20 02:25:15	Name: CMPRO Value: 1167
.casalemedia.com/	1970-01-20 00:17:06	Name: CMST Value: YecrrGHnK6wA
.w55c.net/	1970-01-20 09:45:54	Name: wfivefivec Value: iqANLQnQ1N9VFO5
.w55c.net/	1970-01-20 00:58:51	Name: matchcasale Value: 5
.posttoday.com/	1970-01-20 09:37:15	Name: __gads Value: ID=38300168a99063eb-22007add22cd0095:T=1642539946:S=ALNI_MbpzHZrfboQ0sJarekwi_C3fo-lzg
.owneriq.net/	1970-01-20 17:46:51	Name: si Value: Q6958263481291830557
.owneriq.net/	1970-01-20 00:30:03	Name: p2 Value: cc
.yahoo.com/	1970-01-20 09:01:37	Name: A3 Value: d=AQABBKwr52ECEJtofQUWj_4n6hNyRDyQw_MFEgEBAQF96GHxYQAAAAAA_SMAAA&S=AQAAArClf7eiYBmMgUS4uzULCk0
.bidr.io/	1970-01-20 09:44:09	Name: bito Value: AAIvGk7DzlcAAEEcmY5uKQ
.bidr.io/	1970-01-20 09:44:09	Name: bitoIsSecure Value: ok
.crwdcntrl.net/	1970-01-20 06:44:28	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 06:44:28	Name: _cc_id Value: d4d1a9e380a4ec8f654b7f6f0e9f9ea
.crwdcntrl.net/	1970-01-20 06:44:27	Name: _cc_cc Value: "ACZ4XmOQTzFJMUy0TDW2MEg0SU22SDMzNUkyTzNLM0i1TLNMTWQAgsTn2mtANBQAAGG5C24%3D"
.crwdcntrl.net/	1970-01-20 06:44:27	Name: _cc_aud Value: "ABR4XmNgYGBIfK69BkhBAQAagwIg"
.casalemedia.com/	1970-01-20 09:01:15	Name: CMRUM3 Value: 1f61e72bac05a00&c461e72bac05a0&dd61e72bac2760&f161e72bac05a0&e661e72bac2760&4961e72bac05a0&2f61e72bac2760iqANLQnQ1N9VFO5&5861e72bac05a0&2761e72bac0b40&2d61e72bac2760CAESEPwdOEzFmvYr-8VWEcyfKjY&c361e72bac2760av-83e519ad-7086-446c-9003-38aceeaaeced&ce61e72bac05a0&6f61e72bac05a0&b061e72bac05a00&8261e72bac2760AAIvGk7DzlcAAEEcmY5uKQ&2e61e72bac05a0
.adnxs.com/	1970-01-20 02:25:15	Name: icu Value: ChgIrcRHEAoYASABKAEwrdecjwY4AUABSAEQrdecjwYYAA..
.adnxs.com/	1970-01-20 02:25:15	Name: uuid2 Value: 3432784025511940221

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.posttoday.com/v5/assets/images/bg-wuhan.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://static.posttoday.com/v5/assets/images/icon-confirmed.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
javascript	error	URL: https://www.posttoday.com/ Message: Access to XMLHttpRequest at 'https://an.facebook.com/v2/placementbid.json?placementids[]=791835647872509_791842231205184&placementids[]=791835647872509_1115550792167658&placementids[]=791835647872509_1115549222167815&adformats[]=300x250&adformats[]=300x250&adformats[]=300x250&testmode=false&pageurl=&sdk[]=5.5.web&sdk[]=5.5.web&sdk[]=5.5.web&pbv=1.10.0' from origin 'https://www.posttoday.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://an.facebook.com/v2/placementbid.json?placementids[]=791835647872509_791842231205184&placementids[]=791835647872509_1115550792167658&placementids[]=791835647872509_1115549222167815&adformats[]=300x250&adformats[]=300x250&adformats[]=300x250&testmode=false&pageurl=&sdk[]=5.5.web&sdk[]=5.5.web&sdk[]=5.5.web&pbv=1.10.0 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

433fb3a8d227c19b8fbb75bd58fa7439.safeframe.googlesyndication.com
a.giraff.io
a2136.casalemedia.com
a5264.casalemedia.com
ads3.bangkokpost.co.th
adservice.google.com
adservice.google.de
an.facebook.com
anymind360.com
assets.api.useinsider.com
bcp.crwdcntrl.net
c1.adform.net
cdn.thelead.tech
cm.g.doubleclick.net
code.th.giraff.io
collect.ptengine.jp
connect.facebook.net
connect.ok.ru
connect.thelead.tech
data.th.giraff.io
dsum-sec.casalemedia.com
eitri.api.useinsider.com
get.optad360.io
graph.facebook.com
gu.dyntrk.com
hit.api.useinsider.com
ib.adnxs.com
jp-u.openx.net
js-sec.indexww.com
js.ptengine.com
location.api.useinsider.com
log.api.useinsider.com
lvs.truehits.in.th
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
nep.advangelists.com
pagead2.googlesyndication.com
pm.w55c.net
posttoday.api.useinsider.com
posttoday.com
pr-bh.ybp.yahoo.com
px.owneriq.net
rtb.com.ru
s.amazon-adsystem.com
s.uuidksinc.net
s1.adform.net
script.hotjar.com
secure.adnxs.com
securepubads.g.doubleclick.net
segment.api.useinsider.com
ssp.adriver.ru
ssum-sec.casalemedia.com
stat.media
static.hotjar.com
static.posttoday.com
stats.g.doubleclick.net
sync-tm.everesttech.net
tpc.googlesyndication.com
track.adform.net
ups.analytics.yahoo.com
vars.hotjar.com
vc.hotjar.io
vk.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.posttoday.com
www.settrade.com
an.facebook.com
sync-tm.everesttech.net
101.32.249.128
104.111.242.53
118.67.80.91
142.250.185.162
142.250.186.130
15.197.193.217
169.197.150.8
18.156.0.31
18.196.197.61
18.66.122.82
18.66.139.117
18.66.97.10
185.162.95.67
185.170.60.167
185.170.61.205
185.33.220.100
185.33.220.241
195.161.16.148
2.18.234.21
2001:41d0:404:200::32ab
2001:c00:4618:2006::1122
202.183.165.226
203.154.37.199
203.154.37.221
203.154.91.10
209.54.177.54
217.20.147.3
2600:9000:225e:ec00:11:a4de:2580:93a1
2600:9000:236e:9600:14:3d35:8f40:93a1
2606:4700:10::ac43:1ac7
2606:4700::6811:a872
2606:4700::6811:aa72
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c06::9b
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f02d:110:face:b00c:0:2
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:200::645
2a05:d018:d29:3605:7ea4:f1cc:2176:cd9d
31.220.27.134
34.98.64.218
37.157.2.236
37.157.4.23
37.157.6.235
45.60.46.141
51.178.20.140
52.204.62.148
52.215.102.174
52.222.236.122
52.30.38.36
81.222.128.214
83.222.114.188
93.186.225.208
009ab3d50ca3651a5697f8ef010fd782f6c0c32beeef7c16ae2f91e62d9617bf
00af82e07813af922e7e472b5a1a4deb3c36fb4aba67fd841ac895c96d9afc84
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
041f17176aaa32b62cdc5f2a233eb4fa88ee9836d775bc7c3a55b09dd55522c3
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
04b86d6052c47bd4cde8c28ed7169f48081aef36b074fa9e1962665a661c1316
0686c2e0b058140463ba24aac3cbdb9c8c8b6daba8a56a770f282f37008ca0b9
075e148cb8acb1b10069f3e3969b55163d5f893ace17b9e26ff7f4b8c9ce2e71
080836cfc3944eba3c36519331fe51e2268b4e087ccb372d7b60621a5f1a680f
0808dc2d2a687e420d40b158c5f88ff5241c36d014c36ee586744cfb9c5ed47e
091639744bb14e525868e3a77db438ded0f4979d6d978159e30e9882337ee4cf
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0ae298f2509111b6eff0a258cb53fafcd63adbacfef38e453f46d7ff50edc24e
0b44d660052fee1ed7ad23e4421c8455ac0616c2aaf7522c2862e1e7645fc10d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c70dea7f7ae178cc658f383f959806d1c2476ffaaadc90e591a5a542746e306
0e4d3da8c8ba38836f2c4d4cd54d41167e9ef8807d6ece5e8f9ad45f6af2a263
0fc0a22e5e67c95d02c389a1454acc67df53e2f6a46af739f3eac7e352644751
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
124eb255d92ac5357ff4362e843affd06dc1fbebbb4d48346eb909158ba4807b
125c919e4a9f41dab7954a4bec6b7cad6d0deb04742168e54fcbf0fa5a84a781
13ace358b54fba8a340692970cd0b9b7218bae1c2cb543fb44397d857d710268
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1c2beae6b782df3108556bce9ea486d9199d2ba8a2030b793157671251db626a
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
2048205493b3f66f2dbf9e268d9a3e1a0df6b676d87faff7a297470cde4ee77f
2278cada41d2bcc06dfa905b1e859133291c58dc7fb209a57f9f5d02c11a92e5
22c36221393484dc267d14346481e0780b0dac4fe2e42b64ef12dff2ee3711c2
22ecaa4f37ea3970ea41ffbc7c7a1dc1225e7405e47b6ac1df1cbf7145938214
2885fdd84c44f8a95e9e235fe12a02825f51128378919036587582bcd940ab44
2a082f30e174e99ffe0951438a98b548ae364188f2ffb7f8ba9a454a52fbe8e7
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3062e35474704cb41a1a55205f0338aa7d2526b3f4f24678b315f6ffc4b60262
35b43182d645970f9115ab9e6d5448c5a9123dcb0fa1b5ba11ad77a50b78f67c
3ad2c2c669dba9e4621ac7680295690290253db3d7313241ee068e65684fe0b9
3b2c5e3232f48afaf0db3f38d6152d4d88eac8801a1b38b3e14188b754691065
3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
3f50f6c1f9d758df436c783d2722089144a04f12c42db8f1829b90263fa625de
40a718625059c0570de60e75c16c0320c95889ac945594cd7c797cda90431e25
41a7355e848938453b05976c539fcd8da0b14a8d400c6715229ce13b34fb1f1b
4247a06a2db9b19dc18c180de3b04c5bb958f333a26761167047f8929cda047c
43f5160aa6bddeb7253e113f6f5a2e1ac41ed489f078374e63e55e95a2516368
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
45e7f24007b553b7cc21e8fe4c59f7d9c3e56b98c18362ef8d4007dbd3bb3a71
4650c90ac5f9c6689b359d0a534a2685d016111b2cbcb4fc0756cc3f5ec4400e
475d643cbb1be6f993df720f6a784ced139b859624eacd93802d08332c85d978
4789103b86b2a3999aa656dc4cdc7b829460a72a7e1a2d34e7d5a25bb11cdab5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a
496ef69e5dea691fb66d1a05604643b36d09b484352a1e579b05363a31332c27
49cd935f447656faac77c91fa4a75b2f57e8c2a0934c6eed3549cf8d04ade2bc
4d60047d766f93cf65c5a7d2128fcaa3b8a004476822b221eaea253754087e00
4dfa3242e71686516c2c489dfaa6427bf0c27b183b5acd14bec31259aad55151
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f3dce90491e78a544fb576daf0acf72adb27d7b499e80d3c0436469211fc14e
5061a48f48001768acf5e74d06a12779d4dcd1bc40e356729c8f531d751d8fa7
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
53a16f3bca01a4bf8a9f5bfcdecaf6c5c68524c1a0b4e9df94fb452efb2e3e4c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5582b0b280d58842b657deed4801f07ea694cf30f55cfb512848a51b2920be49
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
59e2112dc4823be587500d697b9a932b0276b440a124606c49db297ca0a6ec5e
5e3bd4a5471e9cfb88d2638ad0631a774b09937fe39a3e9090082758a1f1ed29
67c6bf75cea17cee4980aeee2683b2e49c591b55b607d002dbcb838bc8749c80
69a22727b4179b24b8061b144beb1975a5860f8fed8000080228707674a14ecb
6dbe21e988ef4bde9e42b6733d1b28475308c5394eaeb0d19ea3d60f865a54dd
6fa6980399324673ac53f46837c50b75d0a40fe4f4776f2e6c3839db17de198c
6fd3e1b4fcf15dea30fbf3ae4de901e3d48bca5c4ff78cce29b2440c198c8e2c
722e750231d59aad95a9ba4bbaebc2729d1ba22595eda94ce9ba3f68f75f4c1c
743dffe53c5935232766363ab71dc2b8a37fd2a1dc3931f61f4f54c7e478995a
759322b994d2111aee5195cf737fa1b54bb7c2baea27da20eee169b684591c2a
78298ec49ddf609c8173959e797066c78385a564fd11ba32d03f0c19082c6823
78410e5eb70b4e9990d945c187a14f72c3e120095cd6a98854686954c358ac73
7bcd803e6a6fa16afd41765ac77b036c331958489f73f6df8c040d1d24406f6d
7d421659e5dd95ed52e788b547d0aea16ac0a3206a6a563d5d3d1ea4cd711938
7e58212a834825aaa684963bfbb592ac5e3d698c44a0778bbbd101ae40f214db
7efae2eab2d7f14a8938bfc77d598c75534a9a8fdcb60103d5603e12771e68fb
81c51567c8e62fcaee19b8c95a0ce8d206c72e89dfa871134cbef2ed31ee42e4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
88b64e35a757c98dc1f37c8985aa47ebcc1aa69ef9cb19ae9f71e546dd9e17f9
898c81582832aa91b2d0b3a6454183112dae1f9207aafd305fa3aa4a42af6f53
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ed1ba4855d6f4da0ac3a8e36ba72de616f5348eee28229eef311e3ac075436b
8f4d1afe69926429f7b52428ac4df1cf1d174fd32f36de2db11cbcce81e11068
8fcbe0885b3adebbaab7e5b0bf75bd13ccfdf4b08897b3662627a5f510e7d61d
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
937cbe2e073226ee72f9e438b21aa436d03dada97616c56c338cce8414a41827
93f5d53bfa0db4bcbda5c24c5854c79f05fa32379c84969aba2749d208cb31ed
940910ba244bf102e4c493b9bd17a454beb20a2f68d580407f2b681a3881cca4
94473eba041563e17a4b85192267136a1dd31805805a4eb33e092d16b6b13c76
959c5ebe7790086f9710340dcd91c6243875ca1a9a6d74c260ca2213a288e5b0
95e00d8064f0834cef0741004185456de02ce684fe46ed29d3c798ac66fc394c
97194010d2e42471b725d5b8a229160262765f434b6a0c82165e3ff35554f1eb
98156b1e259cce75cc79919f806650e15c2e2362f57f929e00dc55290bfefc68
9a6c61699f72d8b1b079967da693a58134229457ac8f32a39ef42bb6da57e1a8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a382852d715c5555d4bc5d3abf5e7d6c21a7a755604e254b129e73c562fbdfe1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a7241608256d88ffab1bd33bdfbf937910aa6759a1fafff64e551d4f1bda8ecb
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b29eadf4dd579e67e64030c3bac21a6d40eceb42122c67ea046180627dafc1fd
b9734112598bbb0fc8b5b453c37c2dbc8c9aa3902e49bccf6b144113478ceeed
b9f895f84701ca7fd9dd678004f9d7be765bb7c7c7b8409ea080f645d581b163
baa20b3424b293a262ff447461b496382d3911b177c641b6775fcf663700f6bf
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9cca91b748dc07f8b46d042f9ccc9eeafddbed50db75b45a01ba09f73adc280
ca95f44dc4d56a7d4d00e625c85994e0a1009b9755bb3e54a81b8d2240315733
ca9aca2116420e96bd190c9c8e464ccbdd4b34f621433179a28193e6cfea1c78
caedfb914856a2599d978d3c481f2702a1ef61eebbffc0e7939f0f0f77183e5e
caf6402386047d4b5898d99b30bb020045d28a629e678ec91a5c3799dac7275b
cbb78617d744c8b0d8b87ab234850064deafa51dc5d581918d6b13c86cc4d8bd
d05513e2959ea11614045121e853a8e882695f0eb5d7291155106f7eec6bdf9e
d2d5e1fa3a474720086cf538ca07ab1c43b692f3be86f0402becca4c21f89ff2
d366bf0c07f62d65646fb3634fca7387ff49319dafae9c290685570fd445ba61
d396da88103942201281b39de7e7be387ee5dfb78de01e7f8fef818017c38efc
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843
d6d38f11b1a4207f3e78042eb868b8441aa9dbd2a66704cdf7c890d45c54e379
dbfb3626a3ecad483b328cf8b3ae41210c7fd27a87655cbb5f8b5195ecb7cc1f
dc12e547af41dc4ef092b0914eda8547959e6ce0300777ddd64b18286cf4ad92
dc1824c6554dbad1db4599306ee770d637c71eae97f9ff407255e737d0fb83c3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2175c26f2625ea713115d2d5e8ca79244ee47c86e9dcfec7296490273b6c430
e3a1cc912d130bc0d7b87c6dce344372d5fc0bb63098978a285f462bca413d55
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43665cec3565148d5fd76a80288a849431a522cd7c82ac9d3dc9bc7aaca70ac
e438ac631f8be89311c71f2bd535b458310cb08eca53b1a8da45176af9970e03
e75f38fb2fa126114608a97476d277c868bd9ed6b8de38ded7b3fd8e4ffe73c3
e869100122e225887e2c7a45b0b95cd3a969b084afa234c09fdce8d6810cc72b
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
e8e3fae3b7c8d4441fed4f4455c9380c03218f82312eeaf4a7bc3ee2b83047da
e9fa897c6390967a96c17c67575b425662e0d28528d9f4c70a1aa90ea5c9184c
ea5d0df436659b13843191d1ff57859e2c75117b9332a8afa8e2422001877c99
ebae05c63d00cd09a46fb74fdd63a91785a456f274d530e40db88104d65ffa95
ed343b39aa0f872a793e3b8e4dba08b5dc4349872f180544efe8eb7784c29925
ed71863744f9de012f6eb6b40b80de5e5e1b1e0ebd827b78c9d1998a2ebfbceb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22848f3d56bfcdc113ca469e84be99e79e5185b1233d9a9713759bf9c6ccfbd
fa7068b754385abd7b6ab7417cfd1625356653a0b2a939c7aab741a8b3fc659a
fddda23f711f28038cc34b216d5278692a4a93631433d3b90540981d1422e1b9
feb9c6eb8d050c8dbd37869c11d3e27482c106ec0124899776f05d64e7197ff8
fffb9e1dd2f4243b5363d2ef1082f5fec14d1fba91bfc396d00c514b9f0a4891

www.posttoday.com Open in urlscan Pro 2001:41d0:404:200::32ab Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

208 Requests

95 %HTTPS

36 %IPv6

44 Domains

72 Subdomains

57 IPs

12 Countries

4508 kBTransfer

7864 kBSize

50 Cookies

15 Outgoing links

Page URL History

Redirected requests

208 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.posttoday.com Open in urlscan Pro
2001:41d0:404:200::32ab Public Scan

Screenshot
Live screenshot

Full Image

208
Requests

95 %
HTTPS

36 %
IPv6

44
Domains

72
Subdomains

57
IPs

12
Countries

4508 kB
Transfer

7864 kB
Size

50
Cookies

208 HTTP transactions
10 data transactions