cytoday.eu Open in urlscan Pro
148.251.165.175 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://cytoday.eu/
Submission: On May 19 via manual (May 19th 2023, 7:08:21 am UTC) from CY — Scanned from DE

Summary HTTP 299 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 36 IPs in 4 countries across 31 domains to perform 299 HTTP transactions. The main IP is 148.251.165.175, located in Germany and belongs to HETZNER-AS, DE. The main domain is cytoday.eu.

This is the only time cytoday.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
55	148.251.165.175 148.251.165.175	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:20:... 2606:4700:20::ac43:4b95	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3037::ac43:d57a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	2606:4700:20:... 2606:4700:20::681a:931	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	95.216.18.154 95.216.18.154	24940 (HETZNER-AS) (HETZNER-AS)
4	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:303... 2606:4700:3034::6815:4466	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.240.50.85 35.240.50.85	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
14	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
8	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	213.133.111.3 213.133.111.3	24940 (HETZNER-AS) (HETZNER-AS)
10	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
10	2606:4700::68... 2606:4700::6812:d73b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	148.251.165.170 148.251.165.170	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	116.203.90.127 116.203.90.127	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:9017	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	136.243.19.70 136.243.19.70	24940 (HETZNER-AS) (HETZNER-AS)
13	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
10	2606:4700:303... 2606:4700:3032::6815:a86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
6	116.202.46.88 116.202.46.88	24940 (HETZNER-AS) (HETZNER-AS)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba29	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2620:1ec:29:1... 2620:1ec:29:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
2	130.211.44.5 130.211.44.5	15169 (GOOGLE) (GOOGLE)
32	2606:4700::68... 2606:4700::6812:ae65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
299	36

55 148.251.165.175 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.175.165.251.148.clients.your-server.de

cytoday.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cytoday.com.cy	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.cytoday.com.cy	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4b95 (United States)

ASN13335 (CLOUDFLARENET, US)

www.termsfeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::ac43:d57a (United States)

ASN13335 (CLOUDFLARENET, US)

omegalive.com.cy	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700:20::681a:931 (United States)

ASN13335 (CLOUDFLARENET, US)

www.tothemaonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.tothemaonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.216.18.154 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: hel.com2go.org

akousa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.com2go.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:4466 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.exitbee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.240.50.85 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 85.50.240.35.bc.googleusercontent.com

s.exitbee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent-fra5-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.133.111.3 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: smtp1-1.xtenzio.com

xtenzio1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tothemaonline.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.165.170 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.170.165.251.148.clients.your-server.de

com2go.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.203.90.127 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.127.90.203.116.clients.your-server.de

cdn.cookie-script.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:9017 (United States)

ASN13335 (CLOUDFLARENET, US)

tothemaonline.os.tc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 136.243.19.70 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: dagr.com2go.org

adsbydelema.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3032::6815:a86 (United States)

ASN13335 (CLOUDFLARENET, US)

delivery.ced.cy	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

gml-grp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 116.202.46.88 (Weng, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.46.202.116.clients.your-server.de

servedbyadbutler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba29 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:29:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

wlstoiximan.eacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.44.5 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 5.44.211.130.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-ew1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:4700::6812:ae65 (United States)

ASN13335 (CLOUDFLARENET, US)

c.bannerflow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	tothemaonline.com www.tothemaonline.com images.tothemaonline.com	2 MB
34	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34	203 KB
32	bannerflow.net c.bannerflow.net — Cisco Umbrella Rank: 8530	327 KB
29	cytoday.com.cy cytoday.com.cy www.cytoday.com.cy	278 KB
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 Failed 7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 132	576 KB
26	cytoday.eu cytoday.eu	541 KB
13	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	686 KB
12	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2230	183 KB
10	ced.cy delivery.ced.cy — Cisco Umbrella Rank: 940040	173 KB
10	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3537 onesignal.com — Cisco Umbrella Rank: 1386 tothemaonline.onesignal.com	220 KB
9	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 797 scontent-fra5-1.xx.fbcdn.net — Cisco Umbrella Rank: 12153	159 KB
6	servedbyadbutler.com servedbyadbutler.com — Cisco Umbrella Rank: 14785	162 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	991 B
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 157	202 KB
4	eacdn.com wlstoiximan.eacdn.com — Cisco Umbrella Rank: 140105	8 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 486 rtb0.doubleverify.com — Cisco Umbrella Rank: 702 rtbc-ew1.doubleverify.com — Cisco Umbrella Rank: 18271	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	260 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	15 KB
3	adsbydelema.com adsbydelema.com	75 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 320 fonts.googleapis.com — Cisco Umbrella Rank: 35	90 KB
3	exitbee.com cdn.exitbee.com — Cisco Umbrella Rank: 43323 s.exitbee.com — Cisco Umbrella Rank: 45793	21 KB
3	omegalive.com.cy omegalive.com.cy	119 KB
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	126 KB
2	gml-grp.com gml-grp.com — Cisco Umbrella Rank: 54059	2 KB
2	com2go.com 1 redirects com2go.com www.com2go.com	273 B
1	os.tc tothemaonline.os.tc	714 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 9037	531 B
1	cookie-script.com cdn.cookie-script.com — Cisco Umbrella Rank: 28462	50 KB
1	xtenzio1.com xtenzio1.com	819 B
1	akousa.com akousa.com	404 B
1	termsfeed.com www.termsfeed.com — Cisco Umbrella Rank: 68874	56 KB
299	31

	Domain	Requested by
32	c.bannerflow.net	cytoday.eu gml-grp.com c.bannerflow.net
32	www.tothemaonline.com	cytoday.eu www.tothemaonline.com
29	securepubads.g.doubleclick.net	www.tothemaonline.com securepubads.g.doubleclick.net cytoday.eu www.googletagservices.com 7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com
26	cytoday.eu	cytoday.eu
19	tpc.googlesyndication.com	securepubads.g.doubleclick.net 7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com
18	www.cytoday.com.cy	cytoday.com.cy
13	www.googletagservices.com	securepubads.g.doubleclick.net 7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com
11	cytoday.com.cy	cytoday.eu
10	delivery.ced.cy	cytoday.eu delivery.ced.cy www.tothemaonline.com
10	www.google-analytics.com	cytoday.com.cy xtenzio1.com www.googletagmanager.com www.tothemaonline.com
7	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
7	pagead2.googlesyndication.com	cdn.exitbee.com www.tothemaonline.com pagead2.googlesyndication.com tpc.googlesyndication.com
6	servedbyadbutler.com	cytoday.eu servedbyadbutler.com 7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com www.tothemaonline.com
6	cdn.onesignal.com	www.tothemaonline.com cdn.onesignal.com tothemaonline.os.tc tothemaonline.onesignal.com
5	www.google.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	connect.facebook.net	www.tothemaonline.com connect.facebook.net
4	wlstoiximan.eacdn.com	gml-grp.com
4	www.googletagmanager.com	www.tothemaonline.com www.googletagmanager.com
4	images.tothemaonline.com	www.tothemaonline.com
4	www.facebook.com	cytoday.eu www.tothemaonline.com
3	adsbydelema.com	cytoday.eu www.tothemaonline.com
3	onesignal.com	cdn.onesignal.com
3	omegalive.com.cy	cytoday.eu
2	s0.2mdn.net	delivery.ced.cy
2	cdn.doubleverify.com	securepubads.g.doubleclick.net cdn.doubleverify.com
2	gml-grp.com	securepubads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	fonts.googleapis.com	www.tothemaonline.com
2	scontent-fra5-1.xx.fbcdn.net	www.facebook.com
2	s.exitbee.com	cdn.exitbee.com
1	rtbc-ew1.doubleverify.com	cdn.doubleverify.com
1	tothemaonline.onesignal.com	cdn.onesignal.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	tothemaonline.os.tc	cdn.onesignal.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	cdn.cookie-script.com	www.googletagmanager.com
1	www.com2go.com	cytoday.eu
1	com2go.com	1 redirects
1	xtenzio1.com	cytoday.com.cy
1	ajax.googleapis.com	www.tothemaonline.com
1	cdn.exitbee.com	cytoday.eu
1	akousa.com	cytoday.eu
1	www.termsfeed.com	cytoday.eu
299	46

This site contains links to these domains. Also see Links.

Domain
www.cymedia.eu
www.cytoday.eu
www.sportsbreak.com.cy
www.novosti.com.cy
www.com2go.com

Subject Issuer	Validity	Valid
termsfeed.com Cloudflare Inc ECC CA-3	`2023-04-26` - `2024-04-25`	a year	crt.sh
omegalive.com.cy E1	`2023-04-24` - `2023-07-23`	3 months	crt.sh
cytoday.eu cPanel, Inc. Certification Authority	`2023-05-08` - `2023-08-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-11-08` - `2023-11-08`	a year	crt.sh
akousa.com cPanel, Inc. Certification Authority	`2023-05-08` - `2023-08-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-25` - `2023-05-26`	3 months	crt.sh
exitbee.com GTS CA 1P5	`2023-04-19` - `2023-07-18`	3 months	crt.sh
*.exitbee.com SwissNS TLS Issuing RSA CA R1	`2022-05-22` - `2023-05-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
xtenzio1.com R3	`2023-04-30` - `2023-07-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.cookie-script.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-18` - `2023-09-18`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
adsbydelema.com cPanel, Inc. Certification Authority	`2023-04-30` - `2023-07-29`	3 months	crt.sh
ced.cy GTS CA 2P2	`2023-05-19` - `2023-08-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
gml-grp.com E1	`2023-04-30` - `2023-07-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
servedbyadbutler.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-01-03`	10 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
ia-prod-azurecdn.eacdn.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-29` - `2023-11-30`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 49 frames:

Primary Page: http://cytoday.eu/
Frame ID: 248D6E21A2BDB0B8E8A33C8877905C38
Requests: 34 HTTP requests in this frame

Frame: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=75&zoneid=5&cb=INSERT_RANDOM_NUMBER_HERE
Frame ID: 44B603752D15B59EFD4BFBC84AFF2296
Requests: 4 HTTP requests in this frame

Frame: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=65&zoneid=18&cb=INSERT_RANDOM_NUMBER_HERE
Frame ID: 895E11C03E137FE2D0016E25194C18B4
Requests: 4 HTTP requests in this frame

Frame: https://www.tothemaonline.com/
Frame ID: 662B6FA7791F0E9C405BF5AA716E2200
Requests: 69 HTTP requests in this frame

Frame: https://akousa.com/
Frame ID: 5DE7BE72640F46EE9A00B210F524893F
Requests: 1 HTTP requests in this frame

Frame: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=90&zoneid=6&target=_blank&cb=INSERT_RANDOM_NUMBER_HERE
Frame ID: 698BF859AC83D4C323ACF8201E1CA8C4
Requests: 2 HTTP requests in this frame

Frame: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=120&zoneid=59&cb=INSERT_RANDOM_NUMBER_HERE
Frame ID: 6E43E35AD83E23EA1397D433F4227AD0
Requests: 4 HTTP requests in this frame

Frame: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=90&zoneid=8&cb=INSERT_RANDOM_NUMBER_HERE
Frame ID: BE50528838F0730D1D4DCED3A520400B
Requests: 4 HTTP requests in this frame

Frame: https://cytoday.com.cy/ads/www/delivery/afr.php?zoneid=9&source=90&cb=INSERT_RANDOM_NUMBER_HERE
Frame ID: 5A9C5CF5AA7EE957772503CED3028F36
Requests: 2 HTTP requests in this frame

Frame: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=120&zoneid=57&cb=INSERT_RANDOM_NUMBER_HERE
Frame ID: 57041425F74458D4C08FCE293BC56554
Requests: 2 HTTP requests in this frame

Frame: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=70&zoneid=4&cb=INSERT_RANDOM_NUMBER_HERE
Frame ID: BDA1D3525EB1795273315F0FA7E8465F
Requests: 4 HTTP requests in this frame

Frame: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=95&zoneid=7&cb=INSERT_RANDOM_NUMBER_HERE
Frame ID: 014639B5FF779FBA67A14679E462B4E7
Requests: 4 HTTP requests in this frame

Frame: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=100&zoneid=22&cb=INSERT_RANDOM_NUMBER_HERE
Frame ID: B46E71D899708C0F0D07D89F194E986B
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Ffacebook.com%2FCYtoday&width=300&colorscheme=light&show_faces=true&%20connections=15&stream=false&header=false&height=300
Frame ID: 0ECFEFA1B71649CC66A539B5A2F6BB16
Requests: 10 HTTP requests in this frame

Frame: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=120&zoneid=12&cb=INSERT_RANDOM_NUMBER_HERE
Frame ID: 3CA17960CD4D36A45725A0A88AC64A99
Requests: 2 HTTP requests in this frame

Frame: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=120&zoneid=59&cb=INSERT_RANDOM_NUMBER_HERE
Frame ID: BA0362F1FA692C6CAB4E6CAE20137C85
Requests: 1 HTTP requests in this frame

Frame: https://xtenzio1.com/newsview.php
Frame ID: 29C8808E22C42392E6736CDF7BCC365B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/zrt_lookup.html
Frame ID: 00A5F8017B0DF5A7812FC5DCFBEF4F41
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1946006275855017&output=html&adk=1812271804&adf=3279755399&plat=1%3A147968%2C2%3A147968%2C3%3A2163200%2C4%3A2163200%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fcytoday.eu%2F&ea=0&pra=5&wgl=1&dt=1684480096394&bpp=7&bdt=1135&idt=373&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&nras=1&correlator=7459885805512&frm=24&ife=1&pv=2&ga_vid=1546676210.1684480097&ga_sid=1684480097&ga_hid=1182705147&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2773230960&scr_x=-12245933&scr_y=-12245933&eid=44792108%2C44759842%2C44759927%2C44759876%2C31074546%2C31074690%2C44788441%2C44792089&oid=2&pvsid=4158685256257974&tmod=213473809&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=1.cmvrw6aggsau&fsb=1&dtd=393
Frame ID: 31536D47D10C9D58E7ACB460475911E7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1946006275855017&output=html&h=100&slotname=4023649764&adk=2185297144&adf=94566886&pi=t.ma~as.4023649764&w=300&format=300x100&url=http%3A%2F%2Fcytoday.eu%2F&ea=0&wgl=1&dt=1684480096401&bpp=2&bdt=1142&idt=430&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7459885805512&frm=24&ife=1&pv=1&ga_vid=1546676210.1684480097&ga_sid=1684480097&ga_hid=1182705147&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2773230960&scr_x=-12245933&scr_y=-12245933&eid=44792108%2C44759842%2C44759927%2C44759876%2C31074546%2C31074690%2C44788441%2C44792089&oid=2&pvsid=4158685256257974&tmod=213473809&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=2.filntamxjo4q&fsb=1&dtd=455
Frame ID: 9A78E0B9CDF2583F247572639EA8131F
Requests: 1 HTTP requests in this frame

Frame: https://7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 717ABB93356D6732457865A76C231AE1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1946006275855017&output=html&h=90&slotname=5694195407&adk=3963360467&adf=3160588074&pi=t.ma~as.5694195407&w=728&format=728x90&url=http%3A%2F%2Fcytoday.eu%2F&ea=0&wgl=1&dt=1684480096403&bpp=1&bdt=1144&idt=614&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&prev_fmts=0x0%2C300x100&nras=1&correlator=7459885805512&frm=24&ife=1&pv=1&ga_vid=1546676210.1684480097&ga_sid=1684480097&ga_hid=1182705147&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2773230960&scr_x=-12245933&scr_y=-12245933&eid=44792108%2C44759842%2C44759927%2C44759876%2C31074546%2C31074690%2C44788441%2C44792089&oid=2&pvsid=4158685256257974&tmod=213473809&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CenE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=3.s0epaex0wslw&fsb=1&dtd=619
Frame ID: 51A0A2AB12D72BAD57043B3601970A79
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1946006275855017&output=html&h=250&slotname=5147400497&adk=1406498851&adf=4038599406&pi=t.ma~as.5147400497&w=300&format=300x250&url=http%3A%2F%2Fcytoday.eu%2F&ea=0&wgl=1&dt=1684480096404&bpp=1&bdt=1144&idt=641&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&prev_fmts=0x0%2C300x100%2C728x90&nras=1&correlator=7459885805512&frm=24&ife=1&pv=1&ga_vid=1546676210.1684480097&ga_sid=1684480097&ga_hid=1182705147&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2773230960&scr_x=-12245933&scr_y=-12245933&eid=44792108%2C44759842%2C44759927%2C44759876%2C31074546%2C31074690%2C44788441%2C44792089&oid=2&pvsid=4158685256257974&tmod=213473809&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=4.8ld2ztsa3h3r&fsb=1&dtd=647
Frame ID: F102BE788123927DEE1CF36B1B3C9EBD
Requests: 1 HTTP requests in this frame

Frame: https://tothemaonline.os.tc/webPushIframe
Frame ID: FFC814906ECC48A60745CD529E089AE9
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZ7YxhEOzTquKLYqUYmsa2OfILmUIrU3ff2jQydsGMpGg542p3MO6sTq_Ob6tkYT8x0_9g1M98Z4q6mAs1tSslWI6AP5yyDuA1aR3_uYHEuWsQKhaH-Oz3XrqcRcRRKBxUEjSL83bbWbsXHkSrorZ24JbyqM3kQLLs2fblJyVjHq08u82oPpn0lLtam3pWLAXtHeSVLa12MyuNCh7Nw9qMky88DMapgKTXw4L7r7pbeAKD-bqqwfHIJE_JYtkp3g_sl6MLuJ7DfJIRyU4kBRTDZ-VL2HCZnMw3BIFvw7qOhBl91UM81mIkAKdbdLhknYwLVVEzTP3ALru8VflP_iOly0HPzKkb4tF3--uE&sai=AMfl-YR2yddbcJkZ5l6L5FjAb3JhEO-tiIW3eotKIhdwieThlABirxKxbpHEJo360v_JbHr_FGQTQLMYIPwsolPyQ7fzA6bZOlU1FNGd-A&sig=Cg0ArKJSzEbkverdhZqZEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A4A8D2D082FBC43EA99477D557C0FE8A
Requests: 6 HTTP requests in this frame

Frame: https://7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 13859D1BE98487C600B9618B0552D77D
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5ZJno8W3UH4ipeN0wPcPH-gAyGP0W5x-SD5f3gJji4hoorIzzXiw6Jqg5FYUB0vkaQPRxByHEB38PfRN7LDNLRMmj6Ft0PxcpsTdHratO_hR2_tQz0Tg0M1rTPbB_1IsblVubm8AeqO4PuKbI68fCRaDXWiFPztyKEoF5-qLRy9hCUB3OlW90So4ca1Gb2WTEhCWopXU3t1waVmUxsyuuMMY7vhYT-s9yqgBnVFW45BJt3PQfkfu8YUj9ws_dhdAuCB4uByDnHJy41Y_9sPQcbBT_v2kE0KHGV6RO4XsgcJ-ba3vxhZ101e5w37FINCCbBHh2icGjkpW-2iGD34C5dm_rK1Oq9ho7io26&sai=AMfl-YTkxIoDJYHU7hxsbhzwXumG9o7jEIamIv_iTc78XaaU9zNgZ7F_auZIYn351Jo0LDrnzSi54I-ygU_YPg5UlfM8y9kBBfgmbVDcJA&sig=Cg0ArKJSzFiUgDydjsscEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 1C57E4B48D6E39D7FC6E97348C3C37DE
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstE30w7XKOUMekmMErSsXW6O22eiAyoFJcGg0CuFJ0a0KGiNBXG4ETQtmNA2edYOVXpkG8_dAlDD7eYSl_tY2lLCMIE2AiR0T6W3qcz3-nY0h_-SAa9XaBXpkVYh89AmNgxk3rv6Hh4P1qZ4G0eUDVuCLTfPekdEZJC8YBjNvkW1C-SRCGPi72jUy_SEEGnFXsY0r8Mg6KamEpjDhy6toDmpA7cTjWnaC_e8CI9MWgkdXbxJyEgq3RPrpF1VvDWOEGKu-7UuW7Qo1S-yrltK0xa5vapLYvYAg8A4m4syCuUbSooP2nJb8eFDltHQJvKw6CJkEu_JoGqTzsJs4JgTXL_3LjX0CZHzMYkv1SP&sai=AMfl-YQOP4A1V4Q6N4aLlsd-ruM5B-0prWJXmNkq9CkefV8Tk3fudM6l-oKZ5-Ru-cD0t6J_sDUyci9_zLwPyKqBvKUKdQCBdFpHbGlyow&sig=Cg0ArKJSzN1YkF2NRedfEAE&uach_m=[UACH]&adurl=
Frame ID: A13EE1DCE5CBC81407921778E05BAE8A
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuv3mRndV8rfbUHih7OHZk08svyvw5l6SC5yeUHwLS80tx0VU5kKJjLTBNAHm1N2pw3Z9T5-fntPQOvc-RbZkx8WwEAB4aAjeUBzRTszqqn2ZdMAB6ZY7k0ZU7zAhsZA8hTOW1HAUkrk6VTZsi0ig8tStn9gOfWmt72RFWDPFK3xb0DrMWS1Y6uyJKDdW2qfZVq3TNipmlse1hdyoT4cLZxpfnODi_JTfn4uK-ibR0gUPqV5JiJL5sPh8swSLSrSP7KlmuP3F3J0gZypk2nxyl8IQNKjvx-530zL5mbT9aApW76WmX9CowLPiaE75Qgfs166G4Sta0z1o_YY7iV1T6EpZZZOb9ZhD4kNNNF&sai=AMfl-YQytlHjEafsy9J7VHTOktxfJRXDmmrCZNH4U3Zfi8byIC01blrkQhi-m5-71xkchTYUKIPTDEYypy0lxjlzqXeSqX_4WtMt7ibl3A&sig=Cg0ArKJSzAlYdAiLSZ_SEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F70D5EE69F69CE4DB5459231D18868C8
Requests: 3 HTTP requests in this frame

Frame: https://gml-grp.com/I.ashx?btag=a_162b_1283c_&affid=162&siteid=162&adid=1283&c=
Frame ID: FEE84B05CB954B66DD3905C1E98B2FA6
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssj1irNVVDNmAfgZ0vimo6IGNfU2gptDouXnOYmwkq-W7X7W_nLRziXwCRzgRyJjUMSsFIobQdWa36iXE0GPDIHgEzciLGtwBLA0yCo9kAjJhFxSmu_P_DLYKnwsGCBBPbjW8CYi1FA4kXaTHytrcP4SnEXI7ceOsbQXnwSy10O4zXZ6-yiVolC6cGYPj-ZAZAhcPSybOoYM5YAi_u9eNRt90bHOLQ2dlOz7bqLclp0ufbSAmYc_wG7E-bj42AC8NmZMkuZADhJgzMa7bzpCNUL-T1QAogzP7ws-mqzqvZRezRFWU6J_ICamJfY2Zjv1egUFo25AyHH5VEdlcp-7H8ZPbeXiVDb9vO8lz4w&sai=AMfl-YQBIIeONX5IDMTtXvhpos1zI9Uz9MKvqeKt4ej6h0J6OAN-VqcwBtBdpnCdjg7xRnWfOJN5rg6N9O7pyvjnnu2lnM_IDlv7D_Esig&sig=Cg0ArKJSzK4dk1J9Fjb0EAE&uach_m=[UACH]&adurl=
Frame ID: 8017B2302D6AF60E00D5D3C3A3796FE2
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIOVTq3l-Dmcuoxj1tkMXFpet0BQQLw-xyXOJgBKzP5z19uGz1N0dpzHXJ0DhW2wzIVNp-vNwhplPVj65JaFeAc_1DDKtvhmA_Ct16ztaPctCRhEMt0-EKPhNtWmnOHx3xQcV-eEpgiR2GX78XTm1UKh_kxBsE9xJ4VG6ybOW5rJYDhA_rec9aapspU6vqJtftztcmLdRWZPK-ftX_1Q-k39MzWgfsw170-gfJK6GQiamzFt1bVD_sBbps2PrfF0yf4e5FKwv85p4yWXFZgWTE5bApsZ9kklt2u4V8XQLQtlGrNS8BdHsctBrmwpZ9na1A-trS5l7bt3DKJ6Wwtu9eM99KpaTEvA&sai=AMfl-YQC_-CvL2-emwSp7F9kFqTiX6KZEvxEvKWJartWrjD76ivK9Aap2ceUqh89rVbpMZedtRArY6XR8nCaOv4YrDCmkTNKoMJtusvbTg&sig=Cg0ArKJSzG2Y0UYorEAkEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: AEC9A58BBDC0B4D1A3A57A62EA6EDBA2
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvsRbxxLksg-hxJeThdTL_AOVZ-tHJLOde4lMddOHtAf7oVrgz-SrX8FyVDpHuPYGgPtK9NYIwh1vBVmmMa4FbyFmp3GGSqzWMNXXBjLcj8zNvXlAznnZrXSBSXVdtUcCPbkmmP5I6pR7X6ZVTaLJTmeN05_9-LpbBvnuKMBxupOZlywO8w51uprjdbAix3Cl7PzQTlAAuGj7V_eZdlEWIOxrmoCYU5PNGY7Z4G-CB8Jex_4_cHn6N3b30WBsKsulK867Q61XNaSnAk5pAzmahjuADVpWT6OV7XxGXjinHro_fFWvnalReBoE6kSuXBfB_Diw9lbFY3KUi-mIQKC733WL81lyCF8A&sai=AMfl-YS4GRf8Z12LQcNVQE9ANoJR-ujqbM7Q2YsnGKSZRvzK2FGUL-zFOpt59-9Bxwkv-yhqwyCXbMTrfHLLpa8QoW5tbH1gpnHtJokN4g&sig=Cg0ArKJSzJaBdeviF9FqEAE&uach_m=[UACH]&adurl=
Frame ID: A96BD981542AA0A226C226E1D3B6292A
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6tBybKKQ88hAS3IIFaJAvasd2Tp-T5pEerk5Rsj1vrQ8nTtsUp5UJi1kuJU7JJw6RwtmZOSbRtl5QfzKssq4x8Yh9egIS32v1tmQu79A_uAw8OnnddlQT58BdP41kyAz4tbQyGvKScAHVvOqESMrehAOJ32Q49jdsttqDeiJWKMVk78CYWTbWSb1LM76rUqnDop_35Aqy6fAZ6MTdTsYidAOKO3Xm4lAKhqj1SPdyu_wwukPZFvZuFovzMkQcHibn6veN7R9mBHFM5aL2AxjXXUKgQBRRiIYcX1L_CrdESia7glosZc45W1zSNVUAAlDZkUaRxWaSHV5PQT_aO28GjlJaQ5eb0w&sai=AMfl-YSK9DprUQ7howaWwDwD9oCrLjOD3P2AxFDf9R0LenlLUZKwzNEI_BZ7Ly97W81HhonSd67_6WfESJoy1aYlDqI5LduXtkchdF3clQ&sig=Cg0ArKJSzDJXCysO5EC3EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: AF32EA38FFB5F27CD4EB86C14B8712E0
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSPELmf9w6a1O25DKjAWF_RnhaLvGcA1fqBAP72nDmZOH72XjMRzqA9PQa9vMJ0bz-6RKpXx3ceQ4F4yi_1FoTdravZn8YEKnEPLTX0IfhA43QF6UfbrWfYMSgtVgUDGN7jlK4mOQk-HS5FDnyC-yBZtrvErUz1mRBfTHi1RfV9eAq4OhMoxYtDIvBHhk_ygFNJEzlSpQPq_M--0g6-pDdLA0KDmbKt3y8pmszhaqC0NvaU5lKB1U1KRhGtlue-thqkiLoHxGFvSWZ-XMh1ox1RZzbg_mCl67bubAbfoGGB9ShgobMtokfAs7phMSQOZ4fjiQ1fd7IO2eXIJ1E62JBCLdA2kYKwA&sai=AMfl-YROqoSnmF6VaqLxPyIHFvWPUoeep4-SHI-3ox_SGpP_Ifkc9pDkn9XGpz742N4HwXBES4KXn1jbeRWLy9q2o9-j8hx54PSN0bvWng&sig=Cg0ArKJSzEo86QRDhKsoEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C47C8A2FD3D64B6B0BEB35A02D08BEE2
Requests: 3 HTTP requests in this frame

Frame: https://gml-grp.com/I.ashx?btag=a_162b_1288c_&affid=162&siteid=162&adid=1288&c=
Frame ID: 6457C003EA81A060E99C4FCE5805F8EC
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuK5BysWDy3pQqDS6J_4LrpjO6fAG9274IRBzh68XI80Qbf_ZPitaS28TAIqNDzOPfleFhddFI15NG2i1pOb2h4gR4SN5uV_bS3QYv7-ohOFK_6vk7XchIY2EtGGtZVB2MfiaC7BGV_7tHuPQPutXZJ3QqPGSZjK3NTETPGfCsCfZp-RN0BaaFOLwhH6ysguxr5fkzMaMOloerZ12_qIHe0iZ5LnEr063pfqyUCJi9S3qzYKMBUM5Y5uFg79NL_0wyRY69fqwg_10omt_QLbzpzGSYTPaCTl1i4_URI6FPOw_3iOBK0aBAGDPY3Fu-uiKENnb2KzLQpaKJnhRMk5b1iC94dBXHbZA&sai=AMfl-YRQtrni5c1MOrkrAvXM_16nTjBSSnGfXnvherFeWXCFyD53ENUyogL8CMCM-w4KveU9x8DB3sPWtmI3xQAlFDddInQenXs6fQs9sw&sig=Cg0ArKJSzEC1etYI0yhhEAE&uach_m=[UACH]&adurl=
Frame ID: 6F3D2EE00BBBCE2D355E696EDEC66751
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstCxbpmSbJvS3L6SWE2JPSq39FLr62MoMOOHle45em1aIDF_4UsD4fGn198S-QDlOjXHo__ytqN-lerUN_300XAKzeq51-E1tbr64IPYgiR2iJM65QGTsMezTtfmLT_avc8VKlFd_qgzSwQa1UFNcMPe5kLRPiOADD9ZNbzjEYrX0j7BxW_n_kGN9OqUvbJiCAJKkcQx9o0ejDPUpHIE6xfzuJFH91hbQy-LuP1tu45Z4iNYhCFrmZripqtGe-nfUFyHDEF0PLsRWq-SfuuMeZQmv3RGZHt9FV83-5D02YaNKNTE5aH65WQaxK5yc8tGG2vxI-p-GvxFZRdW-jIQVvXs6VFn6qhCLO53sL1aEwC4Rk&sai=AMfl-YTwpF4tLpPV24D-Nb8d6YaGL3mwNJrV-S3RmA1_yi-1l3BMEynan5CYv0497F7aAwJPa1ip54HeDiWxcCpj2mYRWDgZqlro_ngmDg&sig=Cg0ArKJSzAp3qVJ8lWHjEAE&uach_m=[UACH]&adurl=
Frame ID: 5E15879505FFC42D70CA0D92EF315211
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulRm4Rx4VqjRwV2hD7C3n13m5tLem_OtEh3EoejZVTGmT5S9YY6AVas8Di0BiAUx_iAHfvQ-sJ8qEXd1OxTmMH4wyjOfBLGLUOn5y7fJk47oCHFOesuBuZ1IorhzYIDaxXnzNVAFk73tAo2GLDkrEPX0ohfi2HgoZ1iukym4EJYmvYBeRxNI79SV5g-zADIdudq2bNybUC7BYujCMp9CgpQubhBkvtCjUti_FqpBMF-McuuLzKlBdPHWMQA6iA5lf4jnHE6rYYDbKN2Gkh4NaGgut5otwhy1vI6FuUn8StvU8QKr8XMQdL5C4ON60GJsHm3rwl1Z8zStOhHJ5J6UsxhV-dFFei4aJp99vUnKUq3EU&sai=AMfl-YSXiujxbLmXBH6aldG67gtWxSz8nmmUyBWdnrfVsWGBO6XMWdUKmbagmhjaS9A3VrD6Ksb1lq0sZgcN4cGRWLqprrgdAEq2ZKBEFQ&sig=Cg0ArKJSzK_gf1CLbi7-EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A73B3B41D1B65EC300E5CF0BD5B7F63F
Requests: 7 HTTP requests in this frame

Frame: https://delivery.ced.cy/www/images/a6780b9224a783e89f128287d9845d3b/index.html?clickTag=https%3A%2F%2Fdelivery.ced.cy%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D4724%26zoneid%3D3775%26sig%3D37540a9b8555e39f6b0359ecda3bfe6800847eeaaf4172979ce8dae74ca2fe7a%26oadest%3Dhttps%253A%252F%252Fwww.hellenicbank.com%252Fel%252Fpersonal%252Fpersonal%252Fconsumer
Frame ID: 98502C27DB571BA66755FC87FCFA03BC
Requests: 4 HTTP requests in this frame

Frame: https://delivery.ced.cy/www/images/11325a97188551ed795002a67d987b12/index.html?clickTag=https%3A%2F%2Fdelivery.ced.cy%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D4726%26zoneid%3D3776%26sig%3D0e8ef3be333ae73bd65aa09fff9e01390ed88997ef4c03a6d6970111f100a587%26oadest%3Dhttps%253A%252F%252Fwww.hellenicbank.com%252Fel%252Fpersonal%252Fpersonal%252Fconsumer
Frame ID: FDC646064148EB0D56E9A584800BF8FF
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: C6D9C016A09F116217E41B16334C6838
Requests: 1 HTTP requests in this frame

Frame: https://tothemaonline.onesignal.com/webPushIframe
Frame ID: 9FB9167FC2162F70E904D76AE08AD818
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 23DCE60A59BF34B26C4C2CE0E5735AF1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B1C01C5507ECB63FE2BE572F9E3D7B08
Requests: 2 HTTP requests in this frame

Frame: blob://https://gml-grp.com/cd0a9afb-56d6-4d7d-afe2-c2ed743d251b
Frame ID: 33F13451FDF5E970EF47DCE969EFD8EC
Requests: 1 HTTP requests in this frame

Frame: blob://https://gml-grp.com/be11337a-fd61-44d4-801a-790a39b1aaaa
Frame ID: 19204A1E834CD32D4158AF80F8B10420
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/images/895658b0-c240-4ea8-9185-03115a4c4e39.svg
Frame ID: CC2A596E960E693D5859A3F2CADFB1CB
Requests: 6 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/images/e32d7e47-4d13-4481-840d-d1ef4f108803.svg
Frame ID: 5AEC4C4CFD95EB1E4163CA568A054FA3
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CYtoday | Αρχική

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

299
Requests

90 %
HTTPS

75 %
IPv6

31
Domains

46
Subdomains

36
IPs

4
Countries

6354 kB
Transfer

13906 kB
Size

10
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cymedia.eu/
Title: CYmedia Group

Search URL Search Domain Scan URL

URL: https://www.cytoday.eu/
Title: CYtoday

Search URL Search Domain Scan URL

URL: https://www.sportsbreak.com.cy/
Title: SportsBreak

Search URL Search Domain Scan URL

URL: https://www.novosti.com.cy/
Title: Novosti

Search URL Search Domain Scan URL

URL: https://www.com2go.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Ffacebook.com%2FCYtoday&width=300&colorscheme=light&show_faces=true&%20connections=15&stream=false&header=false&height=300 HTTP 307
https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Ffacebook.com%2FCYtoday&width=300&colorscheme=light&show_faces=true&%20connections=15&stream=false&header=false&height=300

Request Chain 125

http://com2go.com/newcreatives/demo2/assets/advScripts/css/c2g_fullscreen_scroll.css HTTP 301
https://www.com2go.com/newcreatives/demo2/assets/advScripts/css/c2g_fullscreen_scroll.css

299 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
cytoday.eu/ 51 KB
52 KB 190ms
66ms Document
text/html 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://cytoday.eu/
Protocol: HTTP/1.1
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: aafcf79544e2430a0b437420f288f5240fb0c022a69ca89826013dce0c7783f1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: private, must-revalidate
Connection: close
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 May 2023 07:08:14 GMT
P3P: CP="NOI NID ADMa OUR IND UNI COM NAV"
Server: Apache
Transfer-Encoding: chunked

GET
H/1.1 200
OK font-awesome.min.css
cytoday.eu/assets/templates/site/font-awesome/css/ 30 KB
31 KB 21ms
11ms Stylesheet
text/css 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://cytoday.eu/assets/templates/site/font-awesome/css/font-awesome.min.css
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:14 GMT
Last-Modified: Wed, 24 May 2017 09:59:36 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 31000

GET
H/1.1 200
OK catfish.css
cytoday.eu/assets/templates/site/ 702 B
938 B 22ms
11ms Stylesheet
text/css 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://cytoday.eu/assets/templates/site/catfish.css
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 0b1b035a93ee59c16ce727289417fd13474d8f2ebdcf93ffc6b7577df145866a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:14 GMT
Last-Modified: Tue, 05 Sep 2017 10:59:12 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 702

GET
H/1.1 200
OK jquery2.1.1.min.js Show response
cytoday.eu/assets/templates/site/includes/ 82 KB
83 KB 24ms
12ms Script
application/javascript 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://cytoday.eu/assets/templates/site/includes/jquery2.1.1.min.js
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 797e79e220fdb3c48f6df26b879543102479491611940c8acc81a905da5c6858

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:14 GMT
Last-Modified: Wed, 19 Nov 2014 12:33:43 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 84244

GET
H/1.1 200
OK jquery.nicescroll.min.js Show response
cytoday.eu/assets/templates/site/includes/ 63 KB
63 KB 27ms
15ms Script
application/javascript 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://cytoday.eu/assets/templates/site/includes/jquery.nicescroll.min.js
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:14 GMT
Last-Modified: Mon, 29 May 2017 12:16:28 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 64651

GET
H/1.1 200
OK jquery.bxslider.min.js Show response
cytoday.eu/assets/templates/site/bxslider/ 19 KB
19 KB 39ms
11ms Script
application/javascript 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://cytoday.eu/assets/templates/site/bxslider/jquery.bxslider.min.js
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:14 GMT
Last-Modified: Wed, 19 Nov 2014 12:33:35 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 19359

GET
H/1.1 200
OK universal_floating_banner.js Show response
cytoday.eu/assets/templates/site/ 3 KB
4 KB 44ms
10ms Script
application/javascript 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://cytoday.eu/assets/templates/site/universal_floating_banner.js
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: bdef5b9f6e1ace7d12a12904c3b4817701ae5368826e3288dc1c7e8235f8415b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:14 GMT
Last-Modified: Thu, 29 Jun 2017 13:27:00 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 3384

GET
H/1.1 200
OK jquery.bxslider.css
cytoday.eu/assets/templates/site/bxslider/ 4 KB
4 KB 22ms
12ms Stylesheet
text/css 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://cytoday.eu/assets/templates/site/bxslider/jquery.bxslider.css
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 3d425ea6a98a1d7007e58d585ba1e99574ab7b6541a0fc8d8de250ebc927f10a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:14 GMT
Last-Modified: Wed, 19 Nov 2014 12:33:35 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 3840

GET
H2 200 cookie-consent.js Show response
www.termsfeed.com/public/cookie-consent/4.0.0/ 202 KB
56 KB 72ms
23ms Script
application/javascript 2606:4700:20::ac43:4b95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.termsfeed.com/public/cookie-consent/4.0.0/cookie-consent.js

Requested by

Host: cytoday.eu
URL: http://cytoday.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fc1289eed4c57aaba8ca2129a9ae0efc22de7a2bd2e4cbf14a15a7508ae998e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-priority: 5/n
date: Fri, 19 May 2023 07:08:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17919
cf-polished: origSize=206884
x-z: 5179
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Fri, 19 May 2023 01:06:33 GMT
server: cloudflare
etag: W/"033aff72c642923814baff5a2166e492"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g0QUxtzhDU4Z67u%2FlV%2F2BOirxK24g56ieacRgu1r1%2FR2bt5BmqNxvgchgBUC%2FSP0TjS7SYcVGOzxkPxNrm%2FEEKBEov6foYMQkvHH0kLzWzA2EYqsbsBdNbgRxxTh3sXdwjFbZvU0sEr5mkxiTdUZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, immutable, max-age=3600
cf-ray: 7c9a81f0aee69ba7-FRA
expires: Fri, 19 May 2023 03:06:33 GMT

GET
H/1.1 200
OK logo.png
cytoday.eu/assets/templates/site/images/ 8 KB
8 KB 22ms
11ms Image
image/png 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cytoday.eu/assets/templates/site/images/logo.png
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e5128d7f027aae53b2ddcadf5ddcabdbbd5b95f1bb06c11a7700b8104e3cebe3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:14 GMT
Last-Modified: Wed, 19 Nov 2014 12:33:41 GMT
Server: Apache
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 7921

GET
H/1.1 200
OK 74362212.jpg
cytoday.eu/assets/templates/cytoday/nl_images_big/ 18 KB
19 KB 23ms
12ms Image
image/jpeg 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cytoday.eu/assets/templates/cytoday/nl_images_big/74362212.jpg
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 581814005c548c7da0c34469b70ab0b51a228f3cbbea0474bab60a99d5f9050f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:14 GMT
Last-Modified: Fri, 19 May 2023 05:50:10 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 18789

GET
H/1.1 200
OK 97588905.jpg
cytoday.eu/assets/templates/cytoday/nl_images_big/ 27 KB
27 KB 24ms
11ms Image
image/jpeg 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cytoday.eu/assets/templates/cytoday/nl_images_big/97588905.jpg
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 9c19215cd92dc80f13462cbec173ea80310b20a46a4e690159afcae9608221d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:14 GMT
Last-Modified: Fri, 19 May 2023 05:49:11 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 27866

GET
H/1.1 200
OK 73515886.jpg
cytoday.eu/assets/templates/cytoday/nl_images_big/ 31 KB
32 KB 21ms
10ms Image
image/jpeg 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cytoday.eu/assets/templates/cytoday/nl_images_big/73515886.jpg
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 65bf05ef601e896db4c968daa976218300b6ab6858501420d6a7d0463a74f01d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:14 GMT
Last-Modified: Fri, 19 May 2023 05:47:42 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 32208

GET
H/1.1 200
OK 15179544.jpg
cytoday.eu/assets/templates/cytoday/nl_images_big/ 14 KB
15 KB 21ms
11ms Image
image/jpeg 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cytoday.eu/assets/templates/cytoday/nl_images_big/15179544.jpg
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: dd5e71dff90ee8a7e55d23639113a0b68bfb7861887a6c7db1070ed77061c827

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:14 GMT
Last-Modified: Fri, 19 May 2023 05:45:44 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 14619

GET
H/1.1 200
OK 78896621.jpg
cytoday.eu/assets/templates/cytoday/nl_images_big/ 30 KB
30 KB 21ms
11ms Image
image/jpeg 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cytoday.eu/assets/templates/cytoday/nl_images_big/78896621.jpg
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 7eb5be4562167caca46fe48c4b1e80f188dec9c2860df52b079f9ede933acb90

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:14 GMT
Last-Modified: Fri, 19 May 2023 05:44:46 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 30343

GET
H/1.1 200
OK 50229221.jpg
cytoday.eu/assets/templates/cytoday/nl_images_big/ 26 KB
26 KB 22ms
11ms Image
image/jpeg 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cytoday.eu/assets/templates/cytoday/nl_images_big/50229221.jpg
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: db2efa2cc11fc9e7488d27fd57b2dc5cbba6b7d7d6007fe8603626260ae010d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:14 GMT
Last-Modified: Fri, 19 May 2023 05:43:32 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 26340

GET
H2 200 aeroskafos1.jpg
omegalive.com.cy/wp-content/uploads/2023/05/ 22 KB
23 KB 127ms
15ms Image
image/jpeg 2606:4700:3037::ac43:d57a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omegalive.com.cy/wp-content/uploads/2023/05/aeroskafos1.jpg
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d57a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03ed77ef1a42cb211427ca64afa6809773256ac4180e73313e2a86c01bc92d15

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2696
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22884
last-modified: Fri, 19 May 2023 06:22:14 GMT
server: cloudflare
etag: "64671596-5964"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Btj0ExPBGzMkTSCQKxuaAMmyYUfFENFO1MMebtngVhkww09YDOryORGpSX4GrDdiLDBCc7CwvC6x5DTV8O93Yavdx1KCSx85XADsvN5dnOQzsR%2FqVLuEn6TWDBzAB8xgsAKqzpLx%2B%2FSfgyRMNget"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7c9a81f1986968fd-FRA
expires: Sun, 18 Jun 2023 06:23:18 GMT

GET
H/1.1 200
OK 70940011.jpg
cytoday.eu/assets/templates/cytoday/nl_images_big/ 26 KB
26 KB 21ms
10ms Image
image/jpeg 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cytoday.eu/assets/templates/cytoday/nl_images_big/70940011.jpg
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 6e5236f939ad01a5348627f0581aca4dc357dc3c858ddc91df1c668563f15104

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:14 GMT
Last-Modified: Fri, 19 May 2023 06:14:31 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 26278

GET
H/1.1 200
OK 32398933.jpg
cytoday.eu/assets/templates/cytoday/nl_images_big/ 24 KB
24 KB 21ms
10ms Image
image/jpeg 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cytoday.eu/assets/templates/cytoday/nl_images_big/32398933.jpg
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: cbe8f53e3cd032697a99a246b87d96f2b323d3fe1d88f492902497d8aebd3459

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:14 GMT
Last-Modified: Fri, 19 May 2023 06:40:46 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 24212

GET
H2 200 zelenski-1.jpg
omegalive.com.cy/wp-content/uploads/2023/05/ 23 KB
24 KB 128ms
16ms Image
image/jpeg 2606:4700:3037::ac43:d57a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omegalive.com.cy/wp-content/uploads/2023/05/zelenski-1.jpg
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d57a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e358a0b740b3e22287b8ac3e7e92f9b508b4e4ff283d04c799009b6d79838c61

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2069
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23742
last-modified: Fri, 19 May 2023 06:31:29 GMT
server: cloudflare
etag: "646717c1-5cbe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FTXPwnfBoKxWg71ut31g50pJRItOeyBebLMTVzW%2FSTFvQKirPBy64fuoRMQQW2ix8liVfjzSweURsnqtGumcjYEfvactQzpdcueYk5B4nLzlMXNDjUzzb9sf59YbX2oPc8c5NFEkK5jo72WgoOdQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7c9a81f1986b68fd-FRA
expires: Sun, 18 Jun 2023 06:33:45 GMT

GET
H2 200 pike.webp
omegalive.com.cy/wp-content/uploads/2023/05/ 72 KB
72 KB 135ms
24ms Image
image/webp 2606:4700:3037::ac43:d57a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omegalive.com.cy/wp-content/uploads/2023/05/pike.webp
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d57a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 571798c300d18ec26605a74b02467ab00c4f18e1fe265bdd1a806a292cc9d0f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3041
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 73732
last-modified: Fri, 19 May 2023 06:14:08 GMT
server: cloudflare
etag: "646713b0-12004"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5dNeYIeDSseBkP0zAFZKDpO%2BjefXr3GdOZBApV7UY3lO54YQCcQkkBEgbow69bQ5yqtI94ym7DpYy5BRbS%2BM1RCGWEQWdXr7gl1OXyAvnQvRP4T4iCMHQOO9ztA0IDXGMNxOvdpAaafxXiytsnZO"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7c9a81f1986c68fd-FRA
expires: Sun, 18 Jun 2023 06:17:33 GMT

GET
H/1.1 200
OK 31164537.jpg
cytoday.eu/assets/templates/cytoday/nl_images_big/ 30 KB
30 KB 34ms
23ms Image
image/jpeg 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cytoday.eu/assets/templates/cytoday/nl_images_big/31164537.jpg
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 6dc0816ad4b4762837cc86109d4a07ca75044cfa62457a517f3a8da1440ad3e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:14 GMT
Last-Modified: Thu, 18 May 2023 18:34:02 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 30365

GET
H/1.1 200
OK jquery.jscrollpane.min.js Show response
cytoday.eu/assets/templates/site/jscrollpane/ 15 KB
15 KB 21ms
10ms Script
application/javascript 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://cytoday.eu/assets/templates/site/jscrollpane/jquery.jscrollpane.min.js
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: b95a2b8f9bcbce932bfb42a565e006214b24a072d8d9cf9089262aa03501d622

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:14 GMT
Last-Modified: Wed, 19 Nov 2014 12:33:44 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 15403

GET
H/1.1 200
OK jquery.mousewheel.min.js Show response
cytoday.eu/assets/templates/site/jscrollpane/ 3 KB
3 KB 22ms
11ms Script
application/javascript 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://cytoday.eu/assets/templates/site/jscrollpane/jquery.mousewheel.min.js
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 1fdbb2180496fca532f43deaffec879f8ca6990258b38a469aed4120d6c0d2fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:14 GMT
Last-Modified: Wed, 19 Nov 2014 12:33:44 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 2777

GET
H/1.1 200
OK jquery.jscrollpane.css
cytoday.eu/assets/templates/site/jscrollpane/ 1 KB
2 KB 21ms
11ms Stylesheet
text/css 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://cytoday.eu/assets/templates/site/jscrollpane/jquery.jscrollpane.css
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: bc1faf3fa2ad951c56020d7ac04c16f9bd508e8107e2edac95c263c84b12d382

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:14 GMT
Last-Modified: Wed, 19 Nov 2014 12:33:44 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 1426

GET
H/1.1 200
OK jcc.jpg
cytoday.eu/assets/templates/site/images/ 2 KB
3 KB 25ms
14ms Image
image/jpeg 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cytoday.eu/assets/templates/site/images/jcc.jpg
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 77f3ceafaf969d65a159035882066879d8970e2da1add9c546dcdcc74bd8349c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:14 GMT
Last-Modified: Wed, 19 Nov 2014 12:33:40 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 2558

GET
H/1.1 200
OK cc.png
cytoday.eu/assets/templates/site/images/ 5 KB
5 KB 25ms
14ms Image
image/png 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cytoday.eu/assets/templates/site/images/cc.png
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 047ca6bd7f9127b112867b9c1131c9c7e1e8fdd89373515b3612896b5aaaf98e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:14 GMT
Last-Modified: Wed, 19 Nov 2014 12:33:41 GMT
Server: Apache
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 5290

GET
H/1.1 200
OK developed.png
cytoday.eu/assets/templates/site/images/ 7 KB
7 KB 25ms
14ms Image
image/png 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cytoday.eu/assets/templates/site/images/developed.png
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 3be64a84adbf206a6f81d9da0049f4dba9f829852d1945dbe8fffd659fac89ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:14 GMT
Last-Modified: Wed, 19 Nov 2014 12:33:42 GMT
Server: Apache
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 7404

GET
H/1.1 200
OK styles.css
cytoday.eu/assets/templates/site/ 10 KB
11 KB 21ms
10ms Stylesheet
text/css 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://cytoday.eu/assets/templates/site/styles.css?v1.3
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 2171ec5fb0ffa4c9aa59114703b10f6a17ed6dd0d2672b01ca75b4c5346115ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:14 GMT
Last-Modified: Tue, 05 Sep 2017 09:45:35 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 10552

GET
H/1.1 200
OK afr.php Show response
cytoday.com.cy/ads/www/delivery/ Frame 44B6 2 KB
2 KB 496ms
280ms Document
text/html 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=75&zoneid=5&cb=INSERT_RANDOM_NUMBER_HERE
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: edb7f93ebc40bc62aaa4320546c77849777b863337f1ea0edb2ff5c0c05778fc

Request headers

Referer: http://cytoday.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: * *
Cache-Control: private, max-age=0, no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 May 2023 07:08:14 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

GET
H/1.1 200
OK afr.php Show response
cytoday.com.cy/ads/www/delivery/ Frame 895E 2 KB
2 KB 392ms
178ms Document
text/html 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=65&zoneid=18&cb=INSERT_RANDOM_NUMBER_HERE
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 17056e52b03a9e5d7818f38bd76f79c7f55a128b05c5390992d63609f7e0cf0c

Request headers

Referer: http://cytoday.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: * *
Cache-Control: private, max-age=0, no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 May 2023 07:08:14 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

GET
H2 200 / Show response
www.tothemaonline.com/ Frame 662B 141 KB
27 KB 381ms
345ms Document
text/html 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tothemaonline.com/
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 18d513b1e635736256316dc905968b0c7607e4f7037d7156c268eea7d16616fd

Request headers

Referer: http://cytoday.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: duration=40
cf-cache-status: DYNAMIC
cf-railgun: direct (starting new WAN connection)
cf-ray: 7c9a81f12b781e4e-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 19 May 2023 07:08:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U8P472FwBw3wBeqex8sJD84%2BVIHurc9u1ltMnddTWsinVIQuiLyl112kb4X09uqZCTGvkFGLBc%2BkZoWZiRjBXZZd1ZOUHQyFXUVkqhH%2BX42Gwv9U0PDO7F97CrlzS0Em3ITjCHmHEd%2F6vhN33R3a0Zg%2BzA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H2 403 / Show response
akousa.com/ Frame 5DE7 318 B
404 B 151ms
34ms Document
text/html 95.216.18.154
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://akousa.com/
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.18.154 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hel.com2go.org
Software: Apache /
Resource Hash: b0c7e6712ecbf97a1e3a14f19e3aed5dbd6553f21a2852565bfc5518925713db

Request headers

Referer: http://cytoday.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 318
content-type: text/html; charset=iso-8859-1
date: Fri, 19 May 2023 07:08:14 GMT
server: Apache

GET
H/1.1 200
OK afr.php Show response
cytoday.com.cy/ads/www/delivery/ Frame 698B 1 KB
2 KB 378ms
169ms Document
text/html 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=90&zoneid=6&target=_blank&cb=INSERT_RANDOM_NUMBER_HERE
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 2a0460155602bc34a29b28217507cdd4e1a941304d1a8fe3dc10a9aedde85d09

Request headers

Referer: http://cytoday.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: * *
Cache-Control: private, max-age=0, no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 May 2023 07:08:14 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

GET
H/1.1 200
OK afr.php Show response
cytoday.com.cy/ads/www/delivery/ Frame 6E43 2 KB
2 KB 387ms
179ms Document
text/html 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=120&zoneid=59&cb=INSERT_RANDOM_NUMBER_HERE
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: df96fb5986765d4897bcbce7ce2e242d45b7d10b688cccf3901b9a8ce56b6057

Request headers

Referer: http://cytoday.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: * *
Cache-Control: private, max-age=0, no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 May 2023 07:08:14 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

GET
H/1.1 200
OK afr.php Show response
cytoday.com.cy/ads/www/delivery/ Frame BE50 2 KB
2 KB 683ms
485ms Document
text/html 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=90&zoneid=8&cb=INSERT_RANDOM_NUMBER_HERE
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 7938dce6735ac40e6b08b17d19cd4ad7938034e5dedae0713ab71d0e642688a4

Request headers

Referer: http://cytoday.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: * *
Cache-Control: private, max-age=0, no-cache
Connection: close
Content-Length: 1936
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 May 2023 07:08:14 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
Server: Apache

GET
H/1.1 200
OK afr.php Show response
cytoday.com.cy/ads/www/delivery/ Frame 5A9C 718 B
1 KB 363ms
166ms Document
text/html 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cytoday.com.cy/ads/www/delivery/afr.php?zoneid=9&source=90&cb=INSERT_RANDOM_NUMBER_HERE
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 4933c3beeb47d41c577272e53ff1fe8039b259ce6bd257bc785285ac68c68e9b

Request headers

Referer: http://cytoday.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: * *
Cache-Control: private, max-age=0, no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 May 2023 07:08:14 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

GET
H/1.1 200
OK afr.php Show response
cytoday.com.cy/ads/www/delivery/ Frame 5704 1 KB
2 KB 475ms
83ms Document
text/html 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=120&zoneid=57&cb=INSERT_RANDOM_NUMBER_HERE
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: b16a18a3568a4f13d906f95c5709c442a84ca5a82bdc5241016a7c1bcfae2a71

Request headers

Referer: http://cytoday.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: * *
Cache-Control: private, max-age=0, no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 May 2023 07:08:14 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

GET
H/1.1 200
OK afr.php Show response
cytoday.com.cy/ads/www/delivery/ Frame BDA1 2 KB
2 KB 679ms
289ms Document
text/html 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=70&zoneid=4&cb=INSERT_RANDOM_NUMBER_HERE
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 338986cec037a913f593ce26bebe495bd51fdd9aefb0919bf652ce13b42b10cd

Request headers

Referer: http://cytoday.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: * *
Cache-Control: private, max-age=0, no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 May 2023 07:08:14 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

GET
H/1.1 200
OK afr.php Show response
cytoday.com.cy/ads/www/delivery/ Frame 0146 2 KB
2 KB 467ms
64ms Document
text/html 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=95&zoneid=7&cb=INSERT_RANDOM_NUMBER_HERE
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 7a86ba2abbe5e3e332010f9747446be224099c45c0c273e27052a125adfd0f1c

Request headers

Referer: http://cytoday.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: * *
Cache-Control: private, max-age=0, no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 May 2023 07:08:14 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

GET
H/1.1 200
OK latest_newsletter.png
cytoday.eu/assets/templates/site/images/ 4 KB
4 KB 26ms
10ms Image
image/png 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cytoday.eu/assets/templates/site/images/latest_newsletter.png
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/assets/templates/site/styles.css?v1.3
Protocol: HTTP/1.1
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 04a73e017d87f24e46cc51a788e00477adef6549faa29286e16f77487a9d9199

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/assets/templates/site/styles.css?v1.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:14 GMT
Last-Modified: Thu, 27 Nov 2014 09:52:26 GMT
Server: Apache
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 4083

GET
H/1.1 200
OK afr.php Show response
cytoday.com.cy/ads/www/delivery/ Frame B46E 2 KB
2 KB 638ms
269ms Document
text/html 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=100&zoneid=22&cb=INSERT_RANDOM_NUMBER_HERE
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: b2623771bd2c172cd2017035e8aee1760b821a6026c5933fec575a93bf96d6ff

Request headers

Referer: http://cytoday.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: * *
Cache-Control: private, max-age=0, no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 May 2023 07:08:14 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

GET
H2

200

likebox.php Show response
www.facebook.com/plugins/ Frame 0ECF
Redirect Chain

http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Ffacebook.com%2FCYtoday&width=300&colorscheme=light&show_faces=true&%20connections=15&stream=false&header=false&height=300
https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Ffacebook.com%2FCYtoday&width=300&colorscheme=light&show_faces=true&%20connections=15&stream=false&header=false&height=300

38 KB
15 KB

125ms
87ms

Document
text/html

2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Ffacebook.com%2FCYtoday&width=300&colorscheme=light&show_faces=true&%20connections=15&stream=false&header=false&height=300

Requested by

Host: cytoday.eu
URL: http://cytoday.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

512ca79eead5a0d3f9a10de763339ae03bd8448862b012819157976762ab0a8b

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://cytoday.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 07:08:15 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: cx1+EgO+HngtkaPgh/wuBBe8MLSi4HHZrfbqVsYJdiqxR4JTkdSTDTeAxXsLv6491e/qxen294abS5vQbDwJFA==
x-fb-rlafr: 0
x-xss-protection: 0

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Ffacebook.com%2FCYtoday&width=300&colorscheme=light&show_faces=true&%20connections=15&stream=false&header=false&height=300
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK afr.php Show response
cytoday.com.cy/ads/www/delivery/ Frame 3CA1 1 KB
2 KB 713ms
47ms Document
text/html 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=120&zoneid=12&cb=INSERT_RANDOM_NUMBER_HERE
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: b8c5d557edd56d18888fca4e0ae90b9a194e8adb227e91d641312657467655a6

Request headers

Referer: http://cytoday.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: * *
Cache-Control: private, max-age=0, no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 May 2023 07:08:15 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

GET afr.php
cytoday.com.cy/ads/www/delivery/ Frame BA03 0
0

GET
H2 200 xtb.min.js Show response
cdn.exitbee.com/ 58 KB
21 KB 58ms
20ms Script
application/javascript 2606:4700:3034::6815:4466
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.exitbee.com/xtb.min.js
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4466 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd3526ddba0514315d1dfabd7413c70fa2295b04c7c2b7764c7117803af3ea58

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2168
x-guploader-uploadid: ADPycduVQYJcDlwifS6dX2wwUChxKXCsSY9K6OI1m5Njx46_fk0Bn5t0dJ14r34YTyiRMcloA5u_9a-7-XW_bmwPbrEYpw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 19 Oct 2022 12:26:43 GMT
server: cloudflare
etag: W/"903b1d44ea177befd6f3c248cf8208fd"
vary: Accept-Encoding
x-goog-hash: crc32c=iVmvWg==, md5=kDsdROoXe+/W88JIz4II/Q==
x-goog-generation: 1666182403691268
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmQLWkfKYwyQUiSlt%2FYiIfqt8ayMLedEk5w5pM04o3GE5UB%2BFqSD6ikHq5g1HFfR%2BjV25ScdiYVzuq0tzTJh7EDA7g6decPP6X3UnWtngjtfGfZD0ss6ZU%2Fa3mVA5ISMl5p4uPlMyLkqVK6ROEM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 59559
cf-ray: 7c9a81f199b35bdd-FRA
expires: Fri, 19 May 2023 06:45:28 GMT

HEAD adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0

POST
H2 200 settings Show response
s.exitbee.com/7352/ 0
467 B 227ms
226ms XHR
text/plain 35.240.50.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.exitbee.com/7352/settings

Requested by

Host: cdn.exitbee.com
URL: https://cdn.exitbee.com/xtb.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.240.50.85 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.50.240.35.bc.googleusercontent.com

Software

nginx/1.17.7 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: http://cytoday.eu/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

xtb-zip-code: 60386
date: Fri, 19 May 2023 07:08:15 GMT
strict-transport-security: max-age=15724800; includeSubDomains
server: nginx/1.17.7
xtb-visit-duration: 120
xtb-city: Frankfurt am Main
access-control-allow-origin: http://cytoday.eu
access-control-expose-headers: Xtb-Vid, Xtb-Visit-Id, Xtb-Visit-Duration, Xtb-Country, Xtb-City, Xtb-Zip-Code, Xtb-Pageviewid, Xtb-eb-response
xtb-pageviewid: 52ab6a1e-f98a-4294-8dc8-41c3b599d8b1
access-control-allow-credentials: false
xtb-country: Germany
xtb-visit-id: dab85848-2d91-4106-af85-5ce4887bb930
xtb-eb-response: 21
xtb-vid: 8f10b5e9-a1b5-4054-9e89-392a385810ea
content-length: 0

OPTIONS
H2 200 settings
s.exitbee.com/7352/ Frame 0
0 196ms
19ms Preflight 35.240.50.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.exitbee.com/7352/settings

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.240.50.85 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.50.240.35.bc.googleusercontent.com

Software

nginx/1.17.7 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://cytoday.eu
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: http://cytoday.eu
content-length: 0
date: Fri, 19 May 2023 07:08:15 GMT
server: nginx/1.17.7
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 PkIO0W5ZNDQ.css
static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/ Frame 0ECF 21 KB
6 KB 173ms
23ms Stylesheet
text/css 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/PkIO0W5ZNDQ.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Ffacebook.com%2FCYtoday&width=300&colorscheme=light&show_faces=true&%20connections=15&stream=false&header=false&height=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fef30923b42e21418b131694248e7dd55376159cac33cb19abbf4dc70140008f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: nVvYlX+ASeAfnvOQ7UwVqA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5547
x-fb-rlafr: 0
x-fb-debug: rPwVHgPMaoY7T2OFjHc/y7RUpEM9nnHQzohiKvVNzlKBuyhK92VcZ5JIpmP8bJ7XJlrmsLx8AYQNoslWNARMiQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 17 May 2024 16:47:19 GMT

GET
H2 200 gLi9nFwCjmA.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yE/r/ Frame 0ECF 305 KB
80 KB 158ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/gLi9nFwCjmA.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b06b921fc565f191fd269c0df815ff21ef62dc70e451a609b482afd6a9e92399

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: rKZCyDeEbcPrkKUfLlVE3A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 81618
x-fb-rlafr: 0
x-fb-debug: YpJzXYS954VYJsn6jdO1fVtKxJTh4o60wAMV88LYsKPdN9hBoupWD2OY1IdoTuDuT/tJ9xBk8EBENbilVjxbZg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 18 May 2024 03:45:10 GMT

GET
H2 200 GG1Y0sYc7My.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 0ECF 5 KB
2 KB 174ms
25ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: koakLGY1v5R2GWTxsSnA3g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1615
x-fb-rlafr: 0
x-fb-debug: 213zKrVLoe1yse46jshYp3AbFENaIG6BNu4HJe1Z9L0Fx+6ZlbuYVFjd/zvaw1LI+ceEuErWnrPuZnOp9QzX4g==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), gyroscope=(), hid=(), magnetometer=()
timing-allow-origin: *
expires: Wed, 15 May 2024 17:59:43 GMT

GET
H2 200 z1rgw_ywh9V.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 0ECF 97 KB
29 KB 173ms
24ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/z1rgw_ywh9V.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c53696e7ecdb66622eed2fa572c6195904de06485261b19e53a10573bddb1293

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Gn/O6qmVlTX9VR7Y2HMuIQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 29637
x-fb-rlafr: 0
x-fb-debug: aebswMwBU6gOsJl+KE1aRhqJcFMoNklPKKXZe+Z9w2ivD+jLy6XWTyA4Wy1Yme91mCNTog9RFhyWY9bEJKjR2A==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Mon, 13 May 2024 16:41:27 GMT

GET
H2 200 PCjTVjBuPVs.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yu/l/de_DE/ Frame 0ECF 103 KB
30 KB 174ms
24ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yu/l/de_DE/PCjTVjBuPVs.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e7c9361b9ec9652844da5e286b6778f0fba514a3228d3597384744b651182bf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: aCo/xl//fhYgBIKdW0XrEQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 30682
x-fb-rlafr: 0
x-fb-debug: RwSgqTBgHw7sOw4mOZWc26QqBFHR5Alg56r+1fJfA5abN8tLKACG2TjKDNKNlkxFy32fxO4W3mVVFQyE+hXKvQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=()
timing-allow-origin: *
expires: Mon, 13 May 2024 17:06:19 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 0ECF 507 B
502 B 173ms
24ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-rlafr: 0
x-fb-debug: lgXvam8xCccpksCGlBe0rCEcH1lE82Gp+0BBEbq5BYUEylQ4vA6bQO5hf5oYXOfWNA27qn+84x1i4sCr+RRkUw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Thu, 09 May 2024 23:10:34 GMT

GET
H2 200 299530048_567429354813791_5156080588215954056_n.jpg
scontent-fra5-1.xx.fbcdn.net/v/t39.30808-6/ Frame 0ECF 9 KB
9 KB 33ms
9ms Image
image/jpeg 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fra5-1.xx.fbcdn.net/v/t39.30808-6/299530048_567429354813791_5156080588215954056_n.jpg?stp=dst-jpg_p173x172&_nc_cat=108&ccb=1-7&_nc_sid=dd9801&_nc_ohc=C2HIN_vAc_YAX8dwDrT&_nc_ht=scontent-fra5-1.xx&edm=AEDRbFQEAAAA&oh=00_AfBM0rxSG7_f7qDNzEfejTHDMuW5qFq-UJ8lXw5kfNHn9A&oe=646C8D97
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Ffacebook.com%2FCYtoday&width=300&colorscheme=light&show_faces=true&%20connections=15&stream=false&header=false&height=300
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 9a67d907485c19a45a5b28b3bebffc727b65f77717cec85972798c46cd445a0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-haystack-needlechecksum: 4177381092
date: Fri, 19 May 2023 07:08:15 GMT
x-fb-trip-id: 1679558926
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 15 Aug 2022 18:26:43 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3183127139
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3138200315
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 9232

GET
H2 200 298341067_567429351480458_5673387917990615093_n.jpg
scontent-fra5-1.xx.fbcdn.net/v/t39.30808-1/ Frame 0ECF 1 KB
1 KB 34ms
11ms Image
image/jpeg 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fra5-1.xx.fbcdn.net/v/t39.30808-1/298341067_567429351480458_5673387917990615093_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=108&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=p812jE9mYDcAX9qTXxI&_nc_ht=scontent-fra5-1.xx&edm=AEDRbFQEAAAA&oh=00_AfAQAkrmaeDvkhhgv-UndeTW2yHD98zUjI_TAip2-gVPUw&oe=646C2684
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Ffacebook.com%2FCYtoday&width=300&colorscheme=light&show_faces=true&%20connections=15&stream=false&header=false&height=300
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 822525d3bdd8caf154168e4410e6fdadab41effa135ba6fb50c523ed6eaac66c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-haystack-needlechecksum: 2216141789
date: Fri, 19 May 2023 07:08:15 GMT
x-fb-trip-id: 1679558926
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 15 Aug 2022 18:26:43 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2810663423
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1757477122
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1180

GET
H/1.1 200
OK lg.php
www.cytoday.com.cy/ads/www/delivery/ Frame 5A9C 43 B
516 B 1169ms
40ms Image
image/gif 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cytoday.com.cy/ads/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=9&source=90&loc=http%3A%2F%2Fcytoday.eu%2F&cb=51f4f07dbc
Requested by: Host: cytoday.com.cy
URL: https://cytoday.com.cy/ads/www/delivery/afr.php?zoneid=9&source=90&cb=INSERT_RANDOM_NUMBER_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cytoday.com.cy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 May 2023 07:08:15 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *, *
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Connection: close
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK lg.php
www.cytoday.com.cy/ads/www/delivery/ Frame 698B 43 B
516 B 1167ms
41ms Image
image/gif 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cytoday.com.cy/ads/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=6&loc=http%3A%2F%2Fcytoday.eu%2F&cb=54526c4ef8
Requested by: Host: cytoday.com.cy
URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=90&zoneid=6&target=_blank&cb=INSERT_RANDOM_NUMBER_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cytoday.com.cy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 May 2023 07:08:15 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *, *
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Connection: close
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bootstrap.min.css
www.tothemaonline.com/dependencies/bootstrap/css/ Frame 662B 152 KB
24 KB 25ms
22ms Stylesheet
text/css 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tothemaonline.com/dependencies/bootstrap/css/bootstrap.min.css
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e056455ca573477f3487219fde269d38f41b258ad87e53fa80dc3c05bed4ac2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Sep 2022 12:33:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2323
etag: W/"0ea3cba23c1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wRmvII7LuqWr%2BEHzErVY9yi%2BydeL9sWV3q2faPmx1W2o8tPWxWVEKIPIlcj3qJy%2Bra2JZVho2DMso4V7FJdeAn6oF4dUL0sqAESn6CVPmuvxdHj5Wj2nI1L%2F3TFxezJpGwW%2BGLu%2B6GcOET%2BDQKgLl1idOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=7200
cf-ray: 7c9a81f36eab1e4e-FRA

GET
H2 200 all.min.css
www.tothemaonline.com/dependencies/fontawesome/css/ Frame 662B 70 KB
13 KB 23ms
20ms Stylesheet
text/css 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tothemaonline.com/dependencies/fontawesome/css/all.min.css
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 34cae1eff2b8486f4d8bd8a00e488a8b0ae6d7b2a8130b77418581acd1a91514

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Sep 2022 12:33:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1241
etag: W/"0ea3cba23c1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXisRQ3%2BRJgu%2BxyQxl7MLZ5zL4mOFLCcSXk%2FMO5uUT7rKLkDcBIoiBiUWG2NXh3k%2FqmAMVH6i9QS0%2BtDw00nSBkLyjVnLnhfC8kjVx9WUKaa0Mk820KRkCWcHxeA9r8HYBlM%2FiyufpB8Yo3ubecPl6w6UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=7200
cf-ray: 7c9a81f36eaf1e4e-FRA

GET
H2 200 animate.min.css
www.tothemaonline.com/dependencies/animate/ Frame 662B 57 KB
5 KB 22ms
19ms Stylesheet
text/css 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tothemaonline.com/dependencies/animate/animate.min.css
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 39664f033eb3df8bc1823919606218c05c54ea8fa8ca389d5ff03bb814605134

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Sep 2022 12:33:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6291
etag: W/"6180abba23c1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhkMeoigqSbIPDJKU3AQ4qCEu650QI19jFK1Gg0TTYvsQERXIgd6Eha6gRWoSZQNlBWmKBQBHDSzv%2BYVSBl2k7ravMbHvQkhq7VW86T2VL95uW8oN4RBZLRap4sodIJdpHnNT8sk1nLj%2Bt6m6WDxpAnx5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=7200
cf-ray: 7c9a81f36eb61e4e-FRA

GET
H2 200 swiper.min.css
www.tothemaonline.com/dependencies/swiper/css/ Frame 662B 16 KB
4 KB 30ms
28ms Stylesheet
text/css 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tothemaonline.com/dependencies/swiper/css/swiper.min.css
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 22856c7842a74a22e23539f9d130010a9db015c3c135487f7202ec2454bcfa73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Sep 2022 12:33:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6291
etag: W/"5d6ae5ba23c1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pAu0nSeArylM63zswoL2GQ%2FwP7bgdMxz8Zlqzf3WpvDflIokl2%2BXrTrqzpBGkgCXfCMegTni0sc1OcFK0RtNeDDpvK4g3g43T8fhzLnIQroKC%2FQnUm4PXpzY55mEbW4MOmH8xjUN0HjMXXWjUDPJzlgoJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=7200
cf-ray: 7c9a81f36eb71e4e-FRA

GET
H2 200 magnific-popup.css
www.tothemaonline.com/dependencies/magnific-popup/css/ Frame 662B 5 KB
2 KB 24ms
21ms Stylesheet
text/css 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tothemaonline.com/dependencies/magnific-popup/css/magnific-popup.css
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 65ab95b0a57d4fa12ccb83a19088bfc1a593c982dc9fe6f1e7ecc1eb8ab313d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5708
cf-polished: origSize=6951
x-powered-by: ASP.NET
cf-bgj: minify
last-modified: Mon, 05 Sep 2022 12:33:41 GMT
server: cloudflare
etag: W/"6635daba23c1d81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHqsaDL0uREB%2BviUbUBTXPpyrR3FI0gXW0trwYrNYMsPY4p0FI6xOOM0YR5ts1jgrt579Gze0X2jfBMBxbqJ%2F9t2diLDLBlSMdAx9IoNjeYo18rCKYMfgrTk74jJhdlSojyGlV%2FV0DGCP%2FrQ8h2lnZU9Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=7200
cf-ray: 7c9a81f36eb91e4e-FRA

GET
H2 200 style.css
www.tothemaonline.com/assets/css/ Frame 662B 214 KB
32 KB 27ms
24ms Stylesheet
text/css 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tothemaonline.com/assets/css/style.css?v=62
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c3451ad2d56c5fa6b366c9711bf894d766e9f5614cc54dde5b6177b0ff55c9c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6291
cf-polished: origSize=309233
x-powered-by: ASP.NET
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 08:31:25 GMT
server: cloudflare
etag: W/"8315e9a7e278d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtXu3JOy2DLiZfLw54KzjAVBIc77za%2BXHdxTbna%2BDFf0rsq646bpMtMFDuiXKR9eCd%2FY1jLAuKbUHWZayuy7NW1yXx3e3caTAcB9yA49GvRecrP02ZbWqHqnEccV2DrXxdYo7bs4hecFdqQRHUtfoMJGvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=7200
cf-ray: 7c9a81f36ebb1e4e-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 662B 136 KB
47 KB 177ms
96ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fd3429f62cc930c85f023feb786c8bbf5526671a8e3f731741c39db927c9cdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47347
x-xss-protection: 0
server: cafe
etag: 18320442219266151747
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 19 May 2023 07:08:16 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 662B 76 KB
25 KB 177ms
96ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1ddb8ffea8569b01bc4ab2b7787f6350b3b135506b4dbec013acce78e9b867e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25344
x-xss-protection: 0
server: cafe
etag: 535 / 19496 / 31074710 / config-hash: 333621245310265565
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 19 May 2023 07:08:16 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame 662B 87 KB
88 KB 45ms
7ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 20:19:09 GMT
x-content-type-options: nosniff
age: 38946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89476
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 May 2024 20:19:09 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 662B 3 KB
2 KB 27ms
9ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c857fb6fef23c39fcc520009f3bb839d56a5994325e1d86718227938faeddd00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.tothemaonline.com/
Origin: https://www.tothemaonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 May 2023 07:08:16 GMT
content-md5: l6R6DIOJo8r0A1uIsqSD7g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: iD5h9lqGHv2n3CqsFCwy42rY460bLEbP5uRp6g/xTEPA/xsDI/8BPxUVXtpZp3vyne2Ltn40RUC9Y5MjIW1KGw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 83f1535804b554ed9f930a27de19f9bc
cross-origin-opener-policy: same-origin-allow-popups
etag: "fdef9b33e673eb14e6464d74743bf709"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 19 May 2023 07:24:58 GMT

GET
H2 200 Google_Play_Store.svg
www.tothemaonline.com/img/ Frame 662B 9 KB
4 KB 36ms
18ms Image
image/svg+xml 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tothemaonline.com/img/Google_Play_Store.svg
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 698d9dc0603bf500f26d935fa1386f1f79c33187413daf383dbd83799aa23462

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Mar 2021 14:09:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6128
etag: W/"0afd0248016d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4EzzCSUBE5JVJAb2yLKEmAY32JbQ8ajr4CNWhlUe1BbaPufeAEadzmCSYRgdgOiosrbqJsqMIV%2Bx15XtHM%2Bm981I7%2Bw1m02FvFyJAHo9gfdcv1VOK69Q5TYWCly4kvv2%2FMbxdh8mU%2F1yxuCWGeABQH%2BqNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=7200
cf-ray: 7c9a81f8ae051e4e-FRA

GET
H2 200 Apple_Store.svg
www.tothemaonline.com/img/ Frame 662B 12 KB
5 KB 46ms
28ms Image
image/svg+xml 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tothemaonline.com/img/Apple_Store.svg
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 25178aeef6eb6b83b96f5f2d004eda3bffbb37122de64afbaef7107b384a4132

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Mar 2021 14:09:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6128
etag: W/"0afd0248016d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xcrqvPv0VJFlL5XCMMM%2BvkXIx%2BsxzM%2BmDX3W%2FTUYHHDZ6CWXzQ00P1N4kw%2BO1qlEPxtCA0V4OWS%2FAk%2BUT%2BFCLclc5AzdeeklIeozzQ9AgoPVGU9RkqftFlVdiRZBqf83mQddeRT4kihWxi5DH7Fiu0F0Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=7200
cf-ray: 7c9a81f8ae061e4e-FRA

GET
H2 200 world_news_media_logo.svg
www.tothemaonline.com/img/ Frame 662B 8 KB
4 KB 57ms
39ms Image
image/svg+xml 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tothemaonline.com/img/world_news_media_logo.svg
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3fba6f72333e98747b5a84a42395a844f80f8424bc33b10472a02d6b6387b958

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Mar 2021 14:09:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6128
etag: W/"0afd0248016d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ewrQ0Zx4%2FJgPJva7IPsU1dxwL6PmtItdaMuX2bnXGSlQ4CJ%2FwUW3q%2By3RJst0DBh9WpH7fsMRQRa%2BXJYbKZuiWfkXsNwYk3wT0FUj9PDimWbRTJ%2BK2vzRg7Z0WCC7uscZqA9t2HxGx2WhP0YTcupfxgiEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=7200
cf-ray: 7c9a81f8ae071e4e-FRA

GET
H2 200 themasports_logo.svg
www.tothemaonline.com/img/ Frame 662B 3 KB
2 KB 59ms
42ms Image
image/svg+xml 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tothemaonline.com/img/themasports_logo.svg
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d030b7b392bd3d0a59dc2ccd82c8a3c974a16bd111b2b292cfb6af424a2cc191

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Mar 2021 14:09:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6128
etag: W/"0afd0248016d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wgLqU9Hgl38REoQFp0V58bXYjQ32b54IUNBsWxOempS5Q289iCmHlSgL0YT0WKzSrfaRFzTO43x8gNH9FZKDNmtAGa9O1MHbLIXciCp2TwCD9WX9rLHOZ570UbNUZPoJNjmbPFni6L9YMFK3%2BezY9FkXzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=7200
cf-ray: 7c9a81f8ae091e4e-FRA

GET
H2 200 lifenewscy_logo.svg
www.tothemaonline.com/img/ Frame 662B 3 KB
2 KB 43ms
26ms Image
image/svg+xml 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tothemaonline.com/img/lifenewscy_logo.svg
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6bba408c37009bf0815f4871d12bc9a4df8905cadcd87eabbb36303422400d14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Mar 2021 14:09:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6128
etag: W/"0afd0248016d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dlx%2FakvYoHqSe9YaM6On1SwUuPRvGpYwCPwL7aFkce9tORtvNiZ82k9pHW4XxaDHS0JKOXEFRs89jTNzOYs%2FKvAsxr4jsjlsYEwn3eXTNgqQbHOkpXOZ4rLKkzL%2FgOvXcfrkKNbhAjwSZaEUfBafzvBvIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=7200
cf-ray: 7c9a81f8ae0d1e4e-FRA

GET
H2 200 socialista_logo.png
www.tothemaonline.com/img/ Frame 662B 2 KB
2 KB 51ms
34ms Image
image/webp 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tothemaonline.com/img/socialista_logo.png
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 84180e1697f65e4101dc623065f262374151308d72461d87198b3d3257fdf2f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6121
cf-polished: origFmt=png, origSize=2375
x-powered-by: ASP.NET
content-disposition: inline; filename="socialista_logo.webp"
content-length: 1932
cf-bgj: imgq:100,h2pri
last-modified: Thu, 11 Mar 2021 14:09:26 GMT
server: cloudflare
etag: "0afd0248016d71:0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4zCXei5i1oZ3FvM0GR7n1%2FoHLOqDB7Wyj8f2ZK2o%2FSUA4T9YG4fJ8FowEINck40L886I5ZYWeKgGgYi52m%2Bxq%2F8X%2Ft04oWUOjrzCDLnqSdVPer9QSEb0dFMxVQ8DOtDL%2BkcP2DvOjdFfHfHtPWG0nlz4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 7c9a81f8ae0f1e4e-FRA

GET
H2 200 to_thema_online_logo_footer.png
www.tothemaonline.com/img/ Frame 662B 3 KB
3 KB 78ms
61ms Image
image/webp 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tothemaonline.com/img/to_thema_online_logo_footer.png
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6a15c4647fa1ec8f29d29492c6182ac3ae91779fb842bc70a6fca6999ad2eedf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 672
cf-polished: origFmt=png, origSize=3582
x-powered-by: ASP.NET
content-disposition: inline; filename="to_thema_online_logo_footer.webp"
content-length: 3016
cf-bgj: imgq:100,h2pri
last-modified: Thu, 11 Mar 2021 14:09:26 GMT
server: cloudflare
etag: "0afd0248016d71:0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYnaBIPh5RubPDUXz2qBcA3r%2FTAG02BGW3zxwChIIZMtNidjJjduy2TsWFXBHN4nsNT4RIvC0YQe9knjpZlyIJ2TRItTGqF%2FO2eyrN6cE5NP6aheSsRlGI2EW8LE5Lje%2Fe%2Bgbq%2FBpUgh0lRtQS8Faa3XMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 7c9a81f8be171e4e-FRA

GET
H2 200 top_stories_thumbs.png
www.tothemaonline.com/img/ Frame 662B 110 B
501 B 66ms
49ms Image
image/webp 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tothemaonline.com/img/top_stories_thumbs.png
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a3d4dfd11e9e024b09a71eb05330784ac08f8afbbaa6f4ca7d0ac805ad2ae1e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3004
cf-polished: origFmt=png, origSize=1326
x-powered-by: ASP.NET
content-disposition: inline; filename="top_stories_thumbs.webp"
content-length: 110
cf-bgj: imgq:100,h2pri
last-modified: Fri, 09 Sep 2022 12:02:07 GMT
server: cloudflare
etag: "55deeafb43c4d81:0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JREdYN0JtM%2Be5fdS3ZvSjJWSY9gTpE37cSZBcG49nxl5aVdXFEIdV30z2Iii6PnHR7blxU%2B7s5ohNBtSPVteRWUR9aOzW9wC6Rfm5wiyZwltjwoTJFqXS8s1PIG7Yup8ClEIFuexbmp4Xha8i1s32RBvmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 7c9a81f8be1a1e4e-FRA

GET
H2 200 carousel_main_img.png
www.tothemaonline.com/img/ Frame 662B 273 B
806 B 70ms
53ms Image
image/webp 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tothemaonline.com/img/carousel_main_img.png
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: eb45768de1e018a349f4a59d14fd3bca8c4dbd082cb24f744586dd5ee9147c75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3004
cf-polished: origFmt=png, origSize=3132
x-powered-by: ASP.NET
content-disposition: inline; filename="carousel_main_img.webp"
content-length: 273
cf-bgj: imgq:100,h2pri
last-modified: Thu, 29 Sep 2022 08:11:18 GMT
server: cloudflare
etag: "1fa597ddbd3d81:0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJI4I1U6Hxs%2BLNEXQb2qJhXtV6bPUDRpJgbDgtWiTh1X2Yta7yQs52TxauZQoaQbA%2BnKS1VeTUScLB2HehrPHztgP4fO9C7TADX7DFQGAc2oQfb3QB4uvlFDzPxtaSaf6%2Fe3%2BnomazTBgIMvkh4%2B7iQwJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 7c9a81f8be1c1e4e-FRA

GET
H2 200 800_500.png
www.tothemaonline.com/img/ Frame 662B 268 B
788 B 202ms
185ms Image
image/webp 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tothemaonline.com/img/800_500.png
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 523dc7daefb7fee5576899eb614dc96c3117fe14457249b6be7b645ed3a48649

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=3184
x-powered-by: ASP.NET
content-disposition: inline; filename="800_500.webp"
content-length: 268
cf-bgj: imgq:100,h2pri
last-modified: Tue, 30 Mar 2021 05:55:47 GMT
server: cloudflare
etag: "7537ee542925d71:0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uhm7jUhN4KkWj9d%2F1Qk5p1AHSJwQGtXt4gcyCC%2FQOjKiu0D4iZAMltkVl40kAlT4S3l4k%2B%2FD%2Fl55p0zI%2F6e6U23aKE1%2BQ2rpa94n%2Fm1x7h%2BgDiPcggcc00ZZi4ps2ZHRJqI%2BZDGEa5%2Bq0cBYOJ%2BRVVVKtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 7c9a81f8be1d1e4e-FRA

GET
H/1.1 200
OK d89746888da2d9510b64a9f031eaecd5.gif
www.cytoday.com.cy/ads/www/images/ Frame 895E 42 B
278 B 1102ms
11ms Image
image/gif 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cytoday.com.cy/ads/www/images/d89746888da2d9510b64a9f031eaecd5.gif
Requested by: Host: cytoday.com.cy
URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=65&zoneid=18&cb=INSERT_RANDOM_NUMBER_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cytoday.com.cy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:15 GMT
Last-Modified: Mon, 29 Aug 2016 12:34:36 GMT
Server: Apache
Content-Type: image/gif
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 42

GET
H/1.1 200
OK lg.php
www.cytoday.com.cy/ads/www/delivery/ Frame 895E 43 B
516 B 1131ms
39ms Image
image/gif 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cytoday.com.cy/ads/www/delivery/lg.php?bannerid=255&campaignid=110&zoneid=18&loc=http%3A%2F%2Fcytoday.eu%2F&cb=1ffad0c2f3
Requested by: Host: cytoday.com.cy
URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=65&zoneid=18&cb=INSERT_RANDOM_NUMBER_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cytoday.com.cy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 May 2023 07:08:15 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *, *
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Connection: close
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK a6d8fedbefd9d6876d13470c34f00899.jpg
www.cytoday.com.cy/ads/www/images/ Frame 6E43 18 KB
18 KB 1102ms
10ms Image
image/jpeg 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cytoday.com.cy/ads/www/images/a6d8fedbefd9d6876d13470c34f00899.jpg
Requested by: Host: cytoday.com.cy
URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=120&zoneid=59&cb=INSERT_RANDOM_NUMBER_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: aebc858b3ecd13958ea8d80d864c5e0af44b1240b77646d3c81e8b4d789cd8ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cytoday.com.cy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:15 GMT
Last-Modified: Wed, 18 Apr 2018 10:19:13 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 18229

GET
H/1.1 200
OK lg.php
www.cytoday.com.cy/ads/www/delivery/ Frame 6E43 43 B
516 B 1131ms
39ms Image
image/gif 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cytoday.com.cy/ads/www/delivery/lg.php?bannerid=600&campaignid=315&zoneid=59&loc=http%3A%2F%2Fcytoday.eu%2F&cb=e0b05a2550
Requested by: Host: cytoday.com.cy
URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=120&zoneid=59&cb=INSERT_RANDOM_NUMBER_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cytoday.com.cy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 May 2023 07:08:15 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *, *
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Connection: close
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 0ECF 573 B
891 B 8ms
8ms Image
image/png 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/PkIO0W5ZNDQ.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/PkIO0W5ZNDQ.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:15 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
x-fb-rlafr: 0
x-fb-debug: lRrh78c9+iGre299SveMWQwzeVWOlyzbqAscFjFXH3uffmRvzThmnjJiglTAhk8zcrCBxAcDAEP6Or5tVNSaUA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Thu, 09 May 2024 23:50:54 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 662B 13 KB
1 KB 493ms
19ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,400&display=swap

Requested by

Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/assets/css/style.css?v=62

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c7a60ff8091ac08fdd8b89f5f67c039f1234303d4ae00eb79c24c40eac4c4ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/assets/css/style.css?v=62
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 May 2023 07:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 May 2023 06:53:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 May 2023 07:08:15 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 662B 5 KB
532 B 502ms
28ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Spartan:wght@300;400;500;600;700;800&display=swap

Requested by

Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/assets/css/style.css?v=62

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e59d343e355646b2ec9bb7c1a58a2eebbea65a847e614e5ff13917eae54a9fde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/assets/css/style.css?v=62
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 May 2023 07:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 May 2023 06:46:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 May 2023 07:08:15 GMT

GET
H/1.1 200
OK newsview.php Show response
xtenzio1.com/ Frame 29C8 639 B
819 B 372ms
50ms Document
text/html 213.133.111.3
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xtenzio1.com/newsview.php
Requested by: Host: cytoday.com.cy
URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=65&zoneid=18&cb=INSERT_RANDOM_NUMBER_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.133.111.3 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: smtp1-1.xtenzio.com
Software: Apache / PleskLin
Resource Hash: ba50e77487e64f9fc95e19c377874845015c53f4ea08541a434d0e0e35c39bf7

Request headers

Referer: https://cytoday.com.cy/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Type: text/html
Date: Fri, 19 May 2023 07:08:16 GMT
Server: Apache
Transfer-Encoding: chunked
X-Powered-By: PleskLin

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 6E43 51 KB
21 KB 462ms
12ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cytoday.com.cy
URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=120&zoneid=59&cb=INSERT_RANDOM_NUMBER_HERE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cytoday.com.cy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 May 2023 06:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1956
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 19 May 2023 08:35:39 GMT

GET
H2 200 10534eb1-f252-4266-bd7f-94b0260f647a_3.png
images.tothemaonline.com/img/path/ Frame 662B 617 KB
618 KB 74ms
55ms Image
image/webp 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.tothemaonline.com/img/path/10534eb1-f252-4266-bd7f-94b0260f647a_3.png
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2e1697fef8f386fe8d38f69e45cb1c791de8e1ccdf2359846ca9da4dca70559b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6326
cf-polished: origFmt=png, origSize=950126
x-powered-by: ASP.NET
content-disposition: inline; filename="10534eb1-f252-4266-bd7f-94b0260f647a_3.webp"
content-length: 631688
cf-bgj: imgq:100,h2pri
last-modified: Fri, 12 May 2023 10:39:39 GMT
server: cloudflare
etag: "26b5a5dbe84d91:0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6ixm5lVH0eOLPpJ%2FyuNhWAXOsxeYc5tUQH94mQr8f6kl9HrPDWDxpNtPphnnTBUUHc4JZvaXHFwcsEDfQKxLiWjc2QQxHw%2BJZebZiysx9%2F93035e8t7JE9Jg9%2BkGjyJwe5OPenPwLOSehMTL6pw30YJarfwnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 7c9a81f8be2b1e4e-FRA

GET
H2 200 dc0af443-3d6f-4c4b-95e4-3e4004ea34bb_profile_2.png
images.tothemaonline.com/img/path/ Frame 662B 817 KB
818 KB 78ms
60ms Image
image/webp 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.tothemaonline.com/img/path/dc0af443-3d6f-4c4b-95e4-3e4004ea34bb_profile_2.png
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 05ea13d8ed892263f26efb80aa9d2954d46ed608d7f1542400e667026ffb824a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6326
cf-polished: origFmt=png, origSize=1799105
x-powered-by: ASP.NET
content-disposition: inline; filename="dc0af443-3d6f-4c4b-95e4-3e4004ea34bb_profile_2.webp"
content-length: 836392
cf-bgj: imgq:100,h2pri
last-modified: Wed, 18 Jan 2023 13:37:26 GMT
server: cloudflare
etag: "c44ec80422bd91:0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUOMT3phzgDK4F%2FqfZWmZkyE28CZwr83%2FonL9QgePFqV7gDoUU%2FyWsKRKvjrWEYX3IikET7lhC0%2Fql9xF2CdvCNj052iVu2UYiRJqBILeIfRFbvlKtMlC9apXsDYRDt%2Bw0siplabA8FMO2o%2F6cKM9uJUfkYA8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 7c9a81f8be2c1e4e-FRA

GET
H2 200 087a6b37-4f39-41ca-afac-e59efc743bc3_067cd67a-77be-4184-b8ab-7b1b497b7f83_TO%20THEMA%20NEW%20APP-02.jpg
images.tothemaonline.com/img/path/ Frame 662B 58 KB
58 KB 77ms
59ms Image
image/webp 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.tothemaonline.com/img/path/087a6b37-4f39-41ca-afac-e59efc743bc3_067cd67a-77be-4184-b8ab-7b1b497b7f83_TO%20THEMA%20NEW%20APP-02.jpg
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 640b5c7b44c28222525b21c62fcc914d4c284886da90510e94f8e98bed8a57c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6326
cf-polished: origFmt=jpeg, origSize=106937
x-powered-by: ASP.NET
content-disposition: inline; filename="087a6b37-4f39-41ca-afac-e59efc743bc3_067cd67a-77be-4184-b8ab-7b1b497b7f83_TO%20THEMA%20NEW%20APP-02.webp"
content-length: 58978
cf-bgj: imgq:100,h2pri
last-modified: Fri, 05 Mar 2021 18:37:57 GMT
server: cloudflare
etag: "e32c2a9ee11d71:0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1UNOya5zKFM8JurfUHeUV0do0DUxiEi6jqIxZHK1s5dJVFqrISTsv1Ec2ikrKht3s0NA1RgHEnDnN26HebMLytr%2B41Ynds8CpDS7GsHXomvLzoRQa0wgohvcHzsiCuj7OvLRn8tO9cN8VqIBEjwwJ4DtRaj7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 7c9a81f8be2d1e4e-FRA

GET
H2 200 d0cb603b-d08e-4ce2-bdd4-5be09556d510_next_new.jpg
images.tothemaonline.com/img/path/ Frame 662B 24 KB
25 KB 77ms
59ms Image
image/webp 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.tothemaonline.com/img/path/d0cb603b-d08e-4ce2-bdd4-5be09556d510_next_new.jpg
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e618106c2a10c644ce2c9e1f470f69486b68bbe286d6570a44f32d99f7eeac3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6326
cf-polished: origFmt=jpeg, origSize=45246
x-powered-by: ASP.NET
content-disposition: inline; filename="d0cb603b-d08e-4ce2-bdd4-5be09556d510_next_new.webp"
content-length: 24848
cf-bgj: imgq:100,h2pri
last-modified: Wed, 21 Sep 2022 11:25:16 GMT
server: cloudflare
etag: "8a78e9d2accdd81:0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xq00xyxWAvGdftxd0UHnEhaJYRl6uQUvSi0WubjmtdFXOrmzKTuag9NNsp6kdg0TcBSNG0bssCANbbqRW1jVQRD9Rs5yWHNG%2F9tjQwiuIT%2BZUOz8foLupt%2BG07lrAJTOStJKMC86pc2JtnOzNEUHyJ0ySJZAiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 7c9a81f8be2a1e4e-FRA

GET
H2 200 thumb_900_600.png
www.tothemaonline.com/img/ Frame 662B 332 B
727 B 78ms
62ms Image
image/webp 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tothemaonline.com/img/thumb_900_600.png
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d4b3d09942e86b4924d2eab08edd8830f9448aab165d29a0b3b9ab79f2fd59ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 672
cf-polished: origFmt=png, origSize=3863
x-powered-by: ASP.NET
content-disposition: inline; filename="thumb_900_600.webp"
content-length: 332
cf-bgj: imgq:100,h2pri
last-modified: Sat, 10 Sep 2022 07:00:11 GMT
server: cloudflare
etag: "8a1fdf8e2c4d81:0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twoMvS%2BlHX5lHIHQlmO5RM4kQYu5%2BHnRfAbW3TArWzQ4JuC%2FvZImpCcqICCXppgHK0o7kn%2B9gKCWExtJBvqFQD0xtT91rSivGTXy2uBf4z0w0V%2FEYWmuWY%2BeNR9o8OgQQIdIzy5x7jyEDH%2FIiT4yCeVdiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 7c9a81f8be1f1e4e-FRA

GET
H2 200 thumb_143_110.png
www.tothemaonline.com/img/ Frame 662B 102 B
501 B 194ms
178ms Image
image/webp 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tothemaonline.com/img/thumb_143_110.png
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5f240ee48f59813b40eb7886578d2e57cc2a4966ad3a00a216907ab5e379cf32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=1129
x-powered-by: ASP.NET
content-disposition: inline; filename="thumb_143_110.webp"
content-length: 102
cf-bgj: imgq:100,h2pri
last-modified: Sat, 10 Sep 2022 07:15:18 GMT
server: cloudflare
etag: "6aeaf114e5c4d81:0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dcJk37cUh9KTUnfoYEnaZ%2BLkOT5KY3o%2BWmKxxeK0Jezovolt7lLV%2FsrFu3lIWA74G20wuDRwlper%2B77jlhMrvxyrN972mSVyUmJ%2FjcouhjAPyJNUcJYqg98OoAvDIQ8gBpgk9ICWmKGHCtABmthIiRnzMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 7c9a81f8be201e4e-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 662B 136 KB
47 KB 82ms
67ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1946006275855017

Requested by

Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8ccf9b8b8999eebf5923cdad4d6fe3ebce5cf7e1c67e6c87aaedb2ce2edc7ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tothemaonline.com/
Origin: https://www.tothemaonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47479
x-xss-protection: 0
server: cafe
etag: 15258035199698056847
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 19 May 2023 07:08:16 GMT

GET
H2 200 o_nomikos_tou_diavolou.jpg
www.tothemaonline.com/img/ Frame 662B 20 KB
20 KB 241ms
226ms Image
image/jpeg 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tothemaonline.com/img/o_nomikos_tou_diavolou.jpg
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 31d922826754bc6a1bdceb84c4173da905cf9e9b4866a96f9cac0c729ed142eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
cf-polished: origSize=23237, status=webp_bigger
content-length: 20159
cf-bgj: imgq:100,h2pri
last-modified: Wed, 31 Aug 2022 09:20:51 GMT
server: cloudflare
etag: "141cff71abdd81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHe%2Fv1otAsGR%2FskBrPUmik8hB9J6vZj%2BiyfGhtMSTxsp4XsP%2BsLqPb2eK4a4J50pcN5%2Fa458OjUuziY81WmCNKXHrqChF4cz0PVqI9iYXv%2Fw2bMnCOf1l3V1QKVu3qrGNx7ZdnNc8TWoNtVdA2envzJ1SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 7c9a81f8be231e4e-FRA

GET
H2 200 element_2.png
www.tothemaonline.com/media/elements/ Frame 662B 528 B
912 B 212ms
196ms Image
image/webp 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tothemaonline.com/media/elements/element_2.png
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 60ef701a9e3a323a0b981b412ab596a7a10a63b990f836c5e70f1cd7f4fc2d40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=748
x-powered-by: ASP.NET
content-disposition: inline; filename="element_2.webp"
content-length: 528
cf-bgj: imgq:100,h2pri
last-modified: Mon, 05 Sep 2022 12:33:41 GMT
server: cloudflare
etag: "19b13cbb23c1d81:0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mr2VzkCpSxmKhrFPTzuMJTP9xdb0GIiZBmi2zazwvdeX27u9hxMrBoOljAS8GsZ4BmHtTTgB9c7NwTXZybccHQV74yR9WEZcMIolJegRjHo9MHo0b%2FExCfaaWqtoxq%2B8Twu7xJ%2Bu4nB9UGZlIeSvJtjAIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 7c9a81f8be241e4e-FRA

GET
H2 200 element_3.png
www.tothemaonline.com/media/elements/ Frame 662B 386 B
775 B 195ms
180ms Image
image/webp 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tothemaonline.com/media/elements/element_3.png
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 846ff7dd11671dcc228d1a51bfddf2663145e13eeab7c885ae386fa16c4c0b0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=589
x-powered-by: ASP.NET
content-disposition: inline; filename="element_3.webp"
content-length: 386
cf-bgj: imgq:100,h2pri
last-modified: Mon, 05 Sep 2022 12:33:41 GMT
server: cloudflare
etag: "53ec44bb23c1d81:0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KXOmo%2BPD6pJpaflb2J0fkL66mfrhgGan9uPOt0juwNDWwLA21yxvXnLEvjZ%2Bf2lKXNP7gZmazK%2BClPwEUNLps0HI4M3q00%2FzRU8cbWjMQcdi58ReTKzy8jGUTXBdLFTb0m4%2Fr%2B%2BK91w6SNRsDqsnSXiBKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 7c9a81f8be251e4e-FRA

GET
H2 200 element_4.png
www.tothemaonline.com/media/elements/ Frame 662B 5 KB
5 KB 238ms
223ms Image
image/png 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tothemaonline.com/media/elements/element_4.png
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f8866a2e3d9a0379d0a84978a81b7f94c7c6143a8e3adb3fa7114f0b25d64718

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
cf-polished: status=not_needed
content-length: 4624
cf-bgj: imgq:100,h2pri
last-modified: Mon, 05 Sep 2022 12:33:41 GMT
server: cloudflare
etag: "1c7646bb23c1d81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqFgUoIDPZ5mYD4%2FIjPrynJVbZY7zi7WaKP46nbqbKWiUdSiem1QSS2Po%2BI963XUN7F6cfdQ7PQKgbhoxLErPAjhJJYQyU0w2Nu0VCCuTfyHVy4mrSHfDfxA8gyiEb7RoXDodtnxF%2BGzlf4dqcxuGpWExQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 7c9a81f8be261e4e-FRA

GET
H2 200 themasports_ol_logo.svg
www.tothemaonline.com/img/ Frame 662B 3 KB
2 KB 71ms
56ms Image
image/svg+xml 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tothemaonline.com/img/themasports_ol_logo.svg
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 21036e66f4b87a6bab47e326b0be63e4941b632152e988d7fa43f0e6d51b0322

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Mar 2021 14:09:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3007
etag: W/"0afd0248016d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDoPTxyHfKmoroExye4QwsRESLUB43dUwyvX6z%2F5WR27jP%2FFYOMW1lCHjRMPnhuP6XlaQcp%2FjBJN15nxUhhFLu1HhHXHWD4t1enJ5ETFm83LET1POnjcc0XvQRRWdZnK6JqxF0y4b1tVXjx17PC3ftFPiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=7200
cf-ray: 7c9a81f8be271e4e-FRA

GET
H2 200 email-decode.min.js Show response
www.tothemaonline.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 662B 1 KB
1 KB 9ms
9ms Script
application/javascript 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tothemaonline.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 May 2023 10:15:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6465facd-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1AT3N9Y0YauMziDCbMd7wy1pPDqFtP8XUWbFEox7nPY76ypOZylVnXa6e4XpiS9ASFwzxJiE3DDzOU%2BhwC8xy3FennOlH%2FxBJaU41mdlD653wioAZP4oVX3bwyICoYU%2FUmbcQcmq0ttGNUYADluDGjfOqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7c9a81f78c741e4e-FRA
expires: Sun, 21 May 2023 07:08:15 GMT

GET
H2 200 close_btn.png
www.tothemaonline.com/img/ Frame 662B 17 KB
18 KB 58ms
44ms Image
image/webp 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tothemaonline.com/img/close_btn.png
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6a89431d4b5f6dcc37d448bf2eda662118c4402859875ec9a38b4ea44c3fe251

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6121
cf-polished: origFmt=png, origSize=48757
x-powered-by: ASP.NET
content-disposition: inline; filename="close_btn.webp"
content-length: 17818
cf-bgj: imgq:100,h2pri
last-modified: Tue, 16 Nov 2021 20:09:10 GMT
server: cloudflare
etag: "2ea086d125dbd71:0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1PF0XpFD8eGUrhcC6NIBvPUdBobCLfIJUyJ8ductdv926PP%2FiQ7RS1vYZGaiz397XhwS43DCb3EkoRL870uQN1e7ZaeYD8MCzpHqEKJW6IMSsabBKusl1wBD5NplaaeQzk8NbV1utTsXm3q3DQHP1aWEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 7c9a81f8be281e4e-FRA

GET
H2 200 bootstrap.min.js Show response
www.tothemaonline.com/dependencies/bootstrap/js/ Frame 662B 59 KB
17 KB 28ms
27ms Script
application/javascript 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tothemaonline.com/dependencies/bootstrap/js/bootstrap.min.js
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e605a83f842cfcdba6511b64921aa3cc3fc9c579bf9f412db24c8d3d565535d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Sep 2022 12:33:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2322
etag: W/"0ea3cba23c1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sTswWjhLUT1aT3HI7CNO2MbQsIle%2FmCtOCBpBizew%2FDe%2FYJiA1wkOQwHKr9OfqPNn2LklH8zpLe0g8zqu3Q3dmfu0MrmmEilXO75s6ngNlq71921yHuVE0UB5QRNtByy0tNwKCZHBdqI26vuJ8PeA%2BRoPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
cf-ray: 7c9a81f7bcb61e4e-FRA

GET
H2 200 swiper.min.js Show response
www.tothemaonline.com/dependencies/swiper/js/ Frame 662B 142 KB
39 KB 29ms
28ms Script
application/javascript 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tothemaonline.com/dependencies/swiper/js/swiper.min.js
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 515b83580607a0740411c249a43b9a699a352def59e5833692f88dfc0c82fffc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Sep 2022 12:33:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1242
etag: W/"1cdebba23c1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dokhQ2W%2BhdJR40kyuw2Y%2F5jZr2gRHaH0%2BVVpkaWanhpZjs5hkiPTGCVOgtPnOoDfSXGbWjrY9WhMh3IEDm56wkGLtVdDN%2BKTaJpfd8PoLUNmK4yRfyQ8i5YO2IDXXHC4YiHqEAPZmY%2FqOMdqLQCBFrE7SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
cf-ray: 7c9a81f87da41e4e-FRA

GET
H2 200 resize-sensor.min.js Show response
www.tothemaonline.com/dependencies/theia-sticky-sidebar/ Frame 662B 2 KB
1 KB 27ms
14ms Script
application/javascript 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tothemaonline.com/dependencies/theia-sticky-sidebar/resize-sensor.min.js
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 758e0bc527b49b78b76897cfb4c14bd776bc8cfefd7c6500a52a7166a0dc50a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Sep 2022 12:33:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6291
etag: W/"f632edba23c1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQJt6tK%2BfIUP3FLVkz1TU8l4u%2BuORZ9ARW2CS7%2F6WiZqXxkzR0SSGOjQS5SyAXEfhcataVf5Oac6hnVRAIynhgmggoOU3R8FSMOsV6atxir34EBYgjWOO0IxP0lYCoNg09KljTI%2BefW6QVCOAvAmlIysTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
cf-ray: 7c9a81f89dea1e4e-FRA

GET
H2 200 theia-sticky-sidebar.min.js Show response
www.tothemaonline.com/dependencies/theia-sticky-sidebar/ Frame 662B 5 KB
2 KB 42ms
23ms Script
application/javascript 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tothemaonline.com/dependencies/theia-sticky-sidebar/theia-sticky-sidebar.min.js
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d617fafbbb3d8e05d94b146ee8efd33122393722026dac23b405bc3b1a115b21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Sep 2022 12:33:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1242
etag: W/"aa7fefba23c1d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54HxOcCuVj9EJnrxzDA4v2h3WrnLzYND5tJeDOTqWnreexlK0v%2B6R40Sj5pMkOU0V3VLkHpU95gIykFnG25rFcG1TJk4qjpCZWd5pFqM33ZUWXaSEJuGlpI3DmcE8GNxkLwmrrOAxZO0JQQCFAg38CbwYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
cf-ray: 7c9a81f8ae011e4e-FRA

GET
H2 200 tween-max.js Show response
www.tothemaonline.com/dependencies/tween-max/ Frame 662B 112 KB
39 KB 53ms
34ms Script
application/javascript 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tothemaonline.com/dependencies/tween-max/tween-max.js
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b34e26ab9a8d7fae9b41f0c72ecdc5b26fbfdc94005639e5a21492a6f443532d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5709
cf-polished: origSize=193966
x-powered-by: ASP.NET
cf-bgj: minify
last-modified: Mon, 05 Sep 2022 12:33:41 GMT
server: cloudflare
etag: W/"ac83f5ba23c1d81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZRso%2Bz5nXlXN%2Fcy6wHoL1aS6eed%2FF7IvAjTUYkRYoVgJxfZ20ywNAe%2F860e0mJWkxWiBKXEDpkTeS60FRfS9N5oKEshrSbgIQc%2BQf4AyE8ApLhBKSpTGSJgPIixH2Oq3cDuFWvJ4c0FJZPz24GeUqt7Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
cf-ray: 7c9a81f8ae021e4e-FRA

GET
H2 200 app.js Show response
www.tothemaonline.com/assets/js/ Frame 662B 11 KB
3 KB 39ms
20ms Script
application/javascript 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tothemaonline.com/assets/js/app.js?v=7
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0c54a6381fae81ec651384ca6678474635d6117365285b6288579718d10456c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1241
cf-polished: origSize=25071
x-powered-by: ASP.NET
cf-bgj: minify
last-modified: Fri, 30 Sep 2022 06:01:00 GMT
server: cloudflare
etag: W/"dfd91e492d4d81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WD9aUsUGyrsc4FPUHxIgU7JRyM6FD%2Fkq%2Bdjm04MDEAH6KR8fZSmz%2FOOGFMzcYCfrkfr4iNN2eNevmx7pJKWGVwEhrsMvKtoxJqbGpd%2BlngddthWoneR4B09dab4IfyXwpuuoiMx93v9QCpnIV6SJIBsY6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
cf-ray: 7c9a81f8ae041e4e-FRA

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ Frame 662B 9 KB
3 KB 101ms
23ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2550
etag: W/"06f50014011c1fcd9e21b6b0481979de"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7c9a81f9183b03d0-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 22 May 2023 07:08:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 895E 51 KB
20 KB 452ms
14ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cytoday.com.cy
URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=65&zoneid=18&cb=INSERT_RANDOM_NUMBER_HERE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cytoday.com.cy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 May 2023 06:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1956
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 19 May 2023 08:35:39 GMT

GET
H/1.1 200
OK f147590770d04ca2fd57e181e0ef798e.jpg
www.cytoday.com.cy/ads/www/images/ Frame 44B6 44 KB
44 KB 640ms
11ms Image
image/jpeg 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cytoday.com.cy/ads/www/images/f147590770d04ca2fd57e181e0ef798e.jpg
Requested by: Host: cytoday.com.cy
URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=75&zoneid=5&cb=INSERT_RANDOM_NUMBER_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 2208187333e71f82e2b7bd5b3cbed90f42f10e5563acf5dc1c5b74ba8ce3f011

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cytoday.com.cy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:15 GMT
Last-Modified: Fri, 20 Mar 2020 13:33:18 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 44851

GET
H/1.1 200
OK lg.php
www.cytoday.com.cy/ads/www/delivery/ Frame 44B6 43 B
516 B 681ms
38ms Image
image/gif 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cytoday.com.cy/ads/www/delivery/lg.php?bannerid=604&campaignid=315&zoneid=5&loc=http%3A%2F%2Fcytoday.eu%2F&cb=4d2f5cd9cf
Requested by: Host: cytoday.com.cy
URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=75&zoneid=5&cb=INSERT_RANDOM_NUMBER_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cytoday.com.cy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 May 2023 07:08:15 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *, *
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Connection: close
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK lg.php
www.cytoday.com.cy/ads/www/delivery/ Frame 5704 43 B
516 B 699ms
42ms Image
image/gif 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cytoday.com.cy/ads/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=57&loc=http%3A%2F%2Fcytoday.eu%2F&cb=ab5b02a633
Requested by: Host: cytoday.com.cy
URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=120&zoneid=57&cb=INSERT_RANDOM_NUMBER_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cytoday.com.cy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 May 2023 07:08:15 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *, *
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Connection: close
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 54736c079e85dbd8176a999436136523.jpg
www.cytoday.com.cy/ads/www/images/ Frame 0146 42 KB
42 KB 659ms
18ms Image
image/jpeg 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cytoday.com.cy/ads/www/images/54736c079e85dbd8176a999436136523.jpg
Requested by: Host: cytoday.com.cy
URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=95&zoneid=7&cb=INSERT_RANDOM_NUMBER_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 8d2fd8f1fcb109cc3f315f8f1df48f4a49cc1486d803e4c2b0c54f60e28de0aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cytoday.com.cy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:15 GMT
Last-Modified: Fri, 20 Mar 2020 13:31:36 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 42804

GET
H/1.1 200
OK lg.php
www.cytoday.com.cy/ads/www/delivery/ Frame 0146 43 B
516 B 682ms
39ms Image
image/gif 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cytoday.com.cy/ads/www/delivery/lg.php?bannerid=602&campaignid=315&zoneid=7&loc=http%3A%2F%2Fcytoday.eu%2F&cb=25daf7334e
Requested by: Host: cytoday.com.cy
URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=95&zoneid=7&cb=INSERT_RANDOM_NUMBER_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cytoday.com.cy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 May 2023 07:08:15 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *, *
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Connection: close
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK df5787d389b2a54a671da24f0b8fb365.jpg
www.cytoday.com.cy/ads/www/images/ Frame BE50 46 KB
46 KB 667ms
23ms Image
image/jpeg 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cytoday.com.cy/ads/www/images/df5787d389b2a54a671da24f0b8fb365.jpg
Requested by: Host: cytoday.com.cy
URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=90&zoneid=8&cb=INSERT_RANDOM_NUMBER_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: f643ed499751de274e8ad94ee3d7e78eb73e09af440cc5f63ec4e24fdd1e2542

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cytoday.com.cy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:15 GMT
Last-Modified: Fri, 20 Mar 2020 13:53:05 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 46854

GET
H/1.1 200
OK lg.php
www.cytoday.com.cy/ads/www/delivery/ Frame BE50 43 B
516 B 712ms
39ms Image
image/gif 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cytoday.com.cy/ads/www/delivery/lg.php?bannerid=606&campaignid=315&zoneid=8&loc=http%3A%2F%2Fcytoday.eu%2F&cb=f2095dfed6
Requested by: Host: cytoday.com.cy
URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=90&zoneid=8&cb=INSERT_RANDOM_NUMBER_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cytoday.com.cy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 May 2023 07:08:15 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *, *
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Connection: close
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 44B6 51 KB
20 KB 27ms
20ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cytoday.com.cy
URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=75&zoneid=5&cb=INSERT_RANDOM_NUMBER_HERE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cytoday.com.cy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 May 2023 06:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1956
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 19 May 2023 08:35:39 GMT

GET
H/1.1 200
OK 0db292b06a489ab117e0f2a8e1cf0354.jpg
www.cytoday.com.cy/ads/www/images/ Frame BDA1 49 KB
50 KB 695ms
13ms Image
image/jpeg 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cytoday.com.cy/ads/www/images/0db292b06a489ab117e0f2a8e1cf0354.jpg
Requested by: Host: cytoday.com.cy
URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=70&zoneid=4&cb=INSERT_RANDOM_NUMBER_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 47e27e5aeff0e1eb4cd57c105721ca231f2b88442b94522bf042fd08b7a53df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cytoday.com.cy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:15 GMT
Last-Modified: Fri, 20 Mar 2020 13:32:09 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 50469

GET
H/1.1 200
OK lg.php
www.cytoday.com.cy/ads/www/delivery/ Frame BDA1 43 B
516 B 720ms
38ms Image
image/gif 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cytoday.com.cy/ads/www/delivery/lg.php?bannerid=603&campaignid=315&zoneid=4&loc=http%3A%2F%2Fcytoday.eu%2F&cb=f6896723ee
Requested by: Host: cytoday.com.cy
URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=70&zoneid=4&cb=INSERT_RANDOM_NUMBER_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cytoday.com.cy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 May 2023 07:08:15 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *, *
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Connection: close
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 0db292b06a489ab117e0f2a8e1cf0354.jpg
www.cytoday.com.cy/ads/www/images/ Frame B46E 49 KB
50 KB 685ms
11ms Image
image/jpeg 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cytoday.com.cy/ads/www/images/0db292b06a489ab117e0f2a8e1cf0354.jpg
Requested by: Host: cytoday.com.cy
URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=100&zoneid=22&cb=INSERT_RANDOM_NUMBER_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 47e27e5aeff0e1eb4cd57c105721ca231f2b88442b94522bf042fd08b7a53df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cytoday.com.cy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:16 GMT
Last-Modified: Fri, 20 Mar 2020 13:32:09 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 50469

GET
H/1.1 200
OK lg.php
www.cytoday.com.cy/ads/www/delivery/ Frame B46E 43 B
516 B 715ms
41ms Image
image/gif 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cytoday.com.cy/ads/www/delivery/lg.php?bannerid=603&campaignid=315&zoneid=22&loc=http%3A%2F%2Fcytoday.eu%2F&cb=6c95790467
Requested by: Host: cytoday.com.cy
URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=100&zoneid=22&cb=INSERT_RANDOM_NUMBER_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cytoday.com.cy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 May 2023 07:08:16 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *, *
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Connection: close
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 0146 51 KB
20 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cytoday.com.cy
URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=95&zoneid=7&cb=INSERT_RANDOM_NUMBER_HERE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cytoday.com.cy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 May 2023 06:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1956
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 19 May 2023 08:35:39 GMT

GET
H/1.1 200
OK lg.php
www.cytoday.com.cy/ads/www/delivery/ Frame 3CA1 43 B
516 B 699ms
38ms Image
image/gif 148.251.165.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cytoday.com.cy/ads/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=12&loc=http%3A%2F%2Fcytoday.eu%2F&cb=2145670c83
Requested by: Host: cytoday.com.cy
URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=120&zoneid=12&cb=INSERT_RANDOM_NUMBER_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.165.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.175.165.251.148.clients.your-server.de
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cytoday.com.cy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 May 2023 07:08:16 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *, *
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Connection: close
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame BE50 51 KB
20 KB 54ms
43ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cytoday.com.cy
URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=90&zoneid=8&cb=INSERT_RANDOM_NUMBER_HERE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cytoday.com.cy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 May 2023 06:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1956
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 19 May 2023 08:35:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame BDA1 51 KB
20 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cytoday.com.cy
URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=70&zoneid=4&cb=INSERT_RANDOM_NUMBER_HERE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cytoday.com.cy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 May 2023 06:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1956
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 19 May 2023 08:35:39 GMT

GET
H2

404

c2g_fullscreen_scroll.css
www.com2go.com/newcreatives/demo2/assets/advScripts/css/
Redirect Chain

http://com2go.com/newcreatives/demo2/assets/advScripts/css/c2g_fullscreen_scroll.css
https://www.com2go.com/newcreatives/demo2/assets/advScripts/css/c2g_fullscreen_scroll.css

0
0

370ms
111ms

Stylesheet
text/html

95.216.18.154
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.com2go.com/newcreatives/demo2/assets/advScripts/css/c2g_fullscreen_scroll.css
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: H2
Server: 95.216.18.154 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hel.com2go.org
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cytoday.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

Location: https://www.com2go.com/newcreatives/demo2/assets/advScripts/css/c2g_fullscreen_scroll.css
Date: Fri, 19 May 2023 07:08:15 GMT
Server: Apache
Connection: close
Content-Length: 297
Content-Type: text/html; charset=iso-8859-1

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame B46E 51 KB
20 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cytoday.com.cy
URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=100&zoneid=22&cb=INSERT_RANDOM_NUMBER_HERE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cytoday.com.cy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 May 2023 06:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1956
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 19 May 2023 08:35:39 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 662B 157 KB
57 KB 102ms
25ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TCS4QL4

Requested by

Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e62fd4decd933ac13a710f2b657ef36323658542ef0adb703d90dc562c543787

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57844
x-xss-protection: 0
last-modified: Fri, 19 May 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 May 2023 07:08:16 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 662B 3 KB
2 KB 41ms
19ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c857fb6fef23c39fcc520009f3bb839d56a5994325e1d86718227938faeddd00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 May 2023 07:08:16 GMT
content-md5: l6R6DIOJo8r0A1uIsqSD7g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: iD5h9lqGHv2n3CqsFCwy42rY460bLEbP5uRp6g/xTEPA/xsDI/8BPxUVXtpZp3vyne2Ltn40RUC9Y5MjIW1KGw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 83f1535804b554ed9f930a27de19f9bc
cross-origin-opener-policy: same-origin-allow-popups
etag: "fdef9b33e673eb14e6464d74743bf709"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Fri, 19 May 2023 07:24:58 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 662B 106 KB
27 KB 41ms
20ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 19 May 2023 07:08:16 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27538
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: TG0re0U9+QaCRRtudkMYV2OtiJJIQ1Sn40H19R/EP018uYvZ+3JGvVhCCeaGaIV/GEh+ZExedqWLR9ETF2yStg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 29C8 51 KB
20 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: xtenzio1.com
URL: https://xtenzio1.com/newsview.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xtenzio1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 May 2023 06:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1957
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 19 May 2023 08:35:39 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 662B 301 KB
85 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=a1afaa898cd69001ae2ba894cdf91234

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bf932a393aa009f8c8c382a3f875c5fa9975c4eb26ca2643bbb5eef842bead81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.tothemaonline.com/
Origin: https://www.tothemaonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 May 2023 07:08:16 GMT
content-md5: JyXQIHj8uSWX1+5NvDTpUg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87159
x-fb-rlafr: 0
x-fb-debug: rPb/EgOf1/NUCN1l7LOnLIUcFy54bnjwCSRQKejsGz6/mSIJ3RC3wM21+f48GJOEiYPy01n7oBrBzfHiRevOqQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 722ca14367915e26f968fd8593768087
cross-origin-opener-policy: same-origin-allow-popups
etag: "64e50770ea87fb39d3806b0a0fe337c5"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
expires: Sat, 18 May 2024 05:02:01 GMT

GET
H3 200 800675353857210 Show response
connect.facebook.net/signals/config/ Frame 662B 300 KB
86 KB 59ms
58ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/800675353857210?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

97dedc182efdc13aa68bc47c6dc070bbb31b0a6b7601768ce73e20b80953242e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 19 May 2023 07:08:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: GnkozA5twULAR30imzQ6u9RISA5qehGy23PWREaR2Q7mYbpKAfbWX9Bue16RJeLelIyRcYXU5I8sAf+nx2XbBw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305150101/ Frame 662B 355 KB
120 KB 106ms
104ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1946006275855017&plah=www.tothemaonline.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1946006275855017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88588caa6221f1e64548aa532e6e1cc47feb67f244a0f890be1889952860fd6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122596
x-xss-protection: 0
server: cafe
etag: 17660834070339854132
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 19 May 2023 07:08:16 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/ Frame 00A5 10 KB
5 KB 39ms
6ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1946006275855017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tothemaonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39217
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 20:14:39 GMT
etag: 15057649708203361565
expires: Thu, 01 Jun 2023 20:14:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/ Frame 662B 407 KB
126 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c909c28a92bf7b48807218b7eb333d2e6700bd123064a9625b63e36764ae3d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:53:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 906
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128419
x-xss-protection: 0
server: cafe
etag: 9945815184239927542
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 18 May 2024 06:53:10 GMT

GET
H2 200 2211971d5e0fa597bb2c72aab246d324.js Show response
cdn.cookie-script.com/s/ Frame 662B 388 KB
50 KB 69ms
19ms Script
application/javascript 116.203.90.127
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookie-script.com/s/2211971d5e0fa597bb2c72aab246d324.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TCS4QL4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.203.90.127 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.127.90.203.116.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b59e259f90c1c6b998ae9757ffb23575e50c925d6a08ca1ff281345aa1f20366

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 14:21:16 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"b8e1ab3004102c10f7f6707aa681df2f"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 662B 117 KB
46 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-43789013-1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TCS4QL4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50c156adeaa92b60b22c6572e0a0134f596701a1c62bfadbafbfa5adea0fe27d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46549
x-xss-protection: 0
last-modified: Fri, 19 May 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 May 2023 07:08:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 662B 224 KB
79 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7ZKH09CT69&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TCS4QL4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d5e9635a59793bd14e49a8560dc419bb7ecabe2d2819d413db1838d3794fdc7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80423
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 19 May 2023 07:08:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 662B 223 KB
79 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J7RS52TMNC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TCS4QL4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

adf803ef6300ff1668bc3a85c840c60d41079c1aa1d1fba1f373f87262e641ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80351
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 19 May 2023 07:08:16 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ Frame 662B 284 KB
68 KB 31ms
30ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2551
etag: W/"2cf94922e2d551e8dc7c38c022a9a3ca"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7c9a81fc8c2703d0-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 22 May 2023 07:08:16 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 662B 0
127 B 8ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=464103000617648&ev=fb_page_view&dl=https%3A%2F%2Fwww.tothemaonline.com%2F&rl=http%3A%2F%2Fcytoday.eu%2F&if=true&ts=1684480096755&sw=1600&sh=1200&at=

Requested by

Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 19 May 2023 07:08:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 662B 107 B
531 B 45ms
21ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tothemaonline.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1946006275855017&plah=www.tothemaonline.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 662B 107 B
456 B 45ms
18ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tothemaonline.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3153 603 B
218 B 127ms
126ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1946006275855017&output=html&adk=1812271804&adf=3279755399&plat=1%3A147968%2C2%3A147968%2C3%3A2163200%2C4%3A2163200%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fcytoday.eu%2F&ea=0&pra=5&wgl=1&dt=1684480096394&bpp=7&bdt=1135&idt=373&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&nras=1&correlator=7459885805512&frm=24&ife=1&pv=2&ga_vid=1546676210.1684480097&ga_sid=1684480097&ga_hid=1182705147&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2773230960&scr_x=-12245933&scr_y=-12245933&eid=44792108%2C44759842%2C44759927%2C44759876%2C31074546%2C31074690%2C44788441%2C44792089&oid=2&pvsid=4158685256257974&tmod=213473809&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=1.cmvrw6aggsau&fsb=1&dtd=393

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tothemaonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 07:08:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.facebook.com/tr/ Frame 662B 0
18 B 10ms
9ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=800675353857210&ev=PageView&dl=https%3A%2F%2Fwww.tothemaonline.com%2F&rl=http%3A%2F%2Fcytoday.eu%2F&if=true&ts=1684480096803&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&it=1684480096362&coo=false&rqm=GET

Requested by

Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 19 May 2023 07:08:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 662B 51 KB
20 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-43789013-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 May 2023 06:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1957
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 19 May 2023 08:35:39 GMT

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9A78 603 B
67 B 123ms
123ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1946006275855017&output=html&h=100&slotname=4023649764&adk=2185297144&adf=94566886&pi=t.ma~as.4023649764&w=300&format=300x100&url=http%3A%2F%2Fcytoday.eu%2F&ea=0&wgl=1&dt=1684480096401&bpp=2&bdt=1142&idt=430&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7459885805512&frm=24&ife=1&pv=1&ga_vid=1546676210.1684480097&ga_sid=1684480097&ga_hid=1182705147&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2773230960&scr_x=-12245933&scr_y=-12245933&eid=44792108%2C44759842%2C44759927%2C44759876%2C31074546%2C31074690%2C44788441%2C44792089&oid=2&pvsid=4158685256257974&tmod=213473809&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=2.filntamxjo4q&fsb=1&dtd=455

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tothemaonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 07:08:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 662B 497 KB
47 KB 344ms
343ms XHR
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4158685256257974&correlator=725209837418552&eid=31074682%2C31074685%2C31074710&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fifs&iu_parts=94718406%2CToThemaOnline%2CHome_page_300x250_1%2CHome_page_300x250_2%2CHome_page_300x250_3%2CHome_page_300x250_4%2CHome_page_300x250_5%2CHome_page_300x250_6%2CHome_page_728x90_1%2CHome_page_728x90_2%2CHome_page_728x90_3%2CHome_page_728x90_4%2CHome_page_728x90_5%2CHome_page_specialformats%2CHomepage_300_250_politics%2CGeneric_Skin120x600%2CGeneric_Skin120x600_Right%2CGeneric_Scroll_Ad_300*250%2CGeneric_Desktop_Catfish_1000*90%2CGeneric_Mobile_Catfish_300*50%2CGeneric_Desktop_Takeover_800x600%2CGeneric_Mobile_Takeover_320x480&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8%2C%2F0%2F1%2F9%2C%2F0%2F1%2F10%2C%2F0%2F1%2F11%2C%2F0%2F1%2F12%2C%2F0%2F1%2F13%2C%2F0%2F1%2F14%2C%2F0%2F1%2F15%2C%2F0%2F1%2F16%2C%2F0%2F1%2F17%2C%2F0%2F1%2F18%2C%2F0%2F1%2F19%2C%2F0%2F1%2F20%2C%2F0%2F1%2F21%2C%2F0%2F1%2F13&prev_iu_szs=300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C728x90%2C728x90%2C728x90%2C728x90%2C1x1%2C300x250%2C120x600%2C120x600%2C300x250%2C1000x90%2C300x50%2C800x600%2C320x480%2C1x1&ifi=5&adks=2286582263%2C362869489%2C3831216867%2C3412186882%2C1433504539%2C691386199%2C600902416%2C3211692564%2C1947962715%2C3639773718%2C3832671924%2C1955150276%2C1157485875%2C1049104380%2C1028861467%2C797184540%2C2846478790%2C63383225%2C1849954384%2C2114608657%2C2368889164&sfv=1-0-40&sc=1&cdm=www.tothemaonline.com&abxe=1&dt=1684480096914&lmt=1684480096&dlt=1684480095259&idt=1606&adxs=-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-9%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-9%2C-12245933%2C-12245933&adys=-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-9%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-9%2C-12245933%2C-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=4rt9ujuuudqg%7Cyte2cjx14mlb%7C88xyyyq28cfv%7Cu70tf8ztwfc%7Cgwqbtm5bxx8q%7Cgp1agymt5g1b%7Cdb444mwe6buv%7Cdvs7ufll8wua%7C5ehctdg64in0%7C5kq3a794c8eg%7Cwglsyt9wap2y%7C8iob92mtoocr%7Cj8zqeuamxhbr%7Cc50p9wm3a49d%7Cd1opo3wecjp9%7Cjcsfo952i0nn%7Cc6jtzxpfh0sx%7Ccxjzkojkx240%7C9zstz3kohkx%7Cn7huxl82r4er%7C6iti3bqrigxu&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&nhd=1&url=https%3A%2F%2Fwww.tothemaonline.com%2F&ref=http%3A%2F%2Fcytoday.eu%2F&top=http%3A%2F%2Fcytoday.eu%2F&frm=24&vis=1&psz=0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x-1%7C0x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x0&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x0&fws=260%2C260%2C260%2C260%2C260%2C260%2C388%2C388%2C388%2C388%2C388%2C258%2C260%2C772%2C772%2C772%2C772%2C772%2C258%2C772%2C260&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ea=0&ga_vid=1546676210.1684480097&ga_sid=1684480097&ga_hid=1182705147&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d6077ae557cda7105d642c914743349557b3772a6beaca4886d9672b23abfe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48230
x-xss-protection: 0
google-lineitem-id: 6300873725,6287283507,6292873389,6297248130,6289278955,6280646144,6287283507,6297248130,6292873389,6289278955,6280646144,-2,6293691493,-2,-2,6300741791,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138433421032,138431138411,138432642154,138433286212,138431849335,138430015305,138431138744,138432553949,138431954907,138431849641,138430668433,-2,138432457870,-2,-2,138433414702,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tothemaonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 717A 6 KB
3 KB 57ms
14ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tothemaonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 07:08:17 GMT
expires: Sat, 18 May 2024 07:08:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ Frame 662B 0
258 B 122ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7ZKH09CT69&gtm=45je35h0&_p=1182705147&gcs=G100&cid=1546676210.1684480097&ul=en-us&sr=1600x1200&_s=1&sid=1684480096&sct=1&seg=0&dl=https%3A%2F%2Fwww.tothemaonline.com%2F&dr=http%3A%2F%2Fcytoday.eu%2F&dt=%CE%95%CE%B9%CE%B4%CE%AE%CF%83%CE%B5%CE%B9%CF%82%20%CE%9A%CF%8D%CF%80%CF%81%CE%BF%CF%82%20-%20To%20Thema%20Online&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7ZKH09CT69&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 07:08:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tothemaonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ Frame 662B 0
54 B 92ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-J7RS52TMNC&gtm=45je35h0&_p=1182705147&gcs=G100&cid=1546676210.1684480097&ul=en-us&sr=1600x1200&ngs=1&_s=1&sid=1684480097&sct=1&seg=0&dl=https%3A%2F%2Fwww.tothemaonline.com%2F&dr=http%3A%2F%2Fcytoday.eu%2F&dt=%CE%95%CE%B9%CE%B4%CE%AE%CF%83%CE%B5%CE%B9%CF%82%20%CE%9A%CF%8D%CF%80%CF%81%CE%BF%CF%82%20-%20To%20Thema%20Online&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J7RS52TMNC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 07:08:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tothemaonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 51A0 603 B
68 B 130ms
126ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1946006275855017&output=html&h=90&slotname=5694195407&adk=3963360467&adf=3160588074&pi=t.ma~as.5694195407&w=728&format=728x90&url=http%3A%2F%2Fcytoday.eu%2F&ea=0&wgl=1&dt=1684480096403&bpp=1&bdt=1144&idt=614&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&prev_fmts=0x0%2C300x100&nras=1&correlator=7459885805512&frm=24&ife=1&pv=1&ga_vid=1546676210.1684480097&ga_sid=1684480097&ga_hid=1182705147&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2773230960&scr_x=-12245933&scr_y=-12245933&eid=44792108%2C44759842%2C44759927%2C44759876%2C31074546%2C31074690%2C44788441%2C44792089&oid=2&pvsid=4158685256257974&tmod=213473809&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CenE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=3.s0epaex0wslw&fsb=1&dtd=619

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tothemaonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 07:08:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F102 603 B
68 B 130ms
127ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1946006275855017&output=html&h=250&slotname=5147400497&adk=1406498851&adf=4038599406&pi=t.ma~as.5147400497&w=300&format=300x250&url=http%3A%2F%2Fcytoday.eu%2F&ea=0&wgl=1&dt=1684480096404&bpp=1&bdt=1144&idt=641&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&prev_fmts=0x0%2C300x100%2C728x90&nras=1&correlator=7459885805512&frm=24&ife=1&pv=1&ga_vid=1546676210.1684480097&ga_sid=1684480097&ga_hid=1182705147&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2773230960&scr_x=-12245933&scr_y=-12245933&eid=44792108%2C44759842%2C44759927%2C44759876%2C31074546%2C31074690%2C44788441%2C44792089&oid=2&pvsid=4158685256257974&tmod=213473809&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=4.8ld2ztsa3h3r&fsb=1&dtd=647

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tothemaonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 07:08:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 web Show response
onesignal.com/api/v1/sync/deac3b01-432a-498f-b6a7-3a0b55325fe9/ Frame 662B 3 KB
2 KB 28ms
18ms Script
text/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/deac3b01-432a-498f-b6a7-3a0b55325fe9/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ca1f5e2f4db8c3665c557bb57241926eb46c38d2d75209dc356c922a98a285e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 1711
cf-polished: origSize=3459
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 5d017c58-333f-4db0-b711-282105aee780
x-runtime: 0.036735
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"a8f76875ce49c90e07090ab29140ce78"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 7c9a81feceab03d0-FRA
access-control-allow-headers: SDK-Version
expires: Fri, 19 May 2023 08:08:17 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 662B 35 B
55 B 12ms
12ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1182705147&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tothemaonline.com%2F&dr=http%3A%2F%2Fcytoday.eu%2F&ul=en-us&de=UTF-8&dt=%CE%95%CE%B9%CE%B4%CE%AE%CF%83%CE%B5%CE%B9%CF%82%20%CE%9A%CF%8D%CF%80%CF%81%CE%BF%CF%82%20-%20To%20Thema%20Online&sd=24-bit&sr=1600x1200&vp=&je=0&_u=YAgAAQABAAAAAAAAIk~&cid=1546676210.1684480097&tid=UA-43789013-1&_gid=2090851318.1684480097&gtm=457e35h0&gcs=G100&jsscut=1&z=1384262376

Requested by

Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 09:33:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 77694
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 webPushIframe Show response
tothemaonline.os.tc/ Frame FFC8 522 B
714 B 63ms
18ms Document
text/html 2606:4700::6810:9017
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tothemaonline.os.tc/webPushIframe

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:9017 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce1ce3cc314fc86a8ba7ebfaf42b792d58f520bc49a7edb5822b4f806c91f727

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tothemaonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1666
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7c9a81ff4dae1983-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 19 May 2023 07:08:17 GMT
expires: Fri, 19 May 2023 08:08:17 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Origin, Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: a76af55e-6819-4b97-b0e7-3e572ce15a0d
x-runtime: 0.011810
x-xss-protection: 1; mode=block

GET
H3 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ Frame FFC8 9 KB
3 KB 21ms
21ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: tothemaonline.os.tc
URL: https://tothemaonline.os.tc/webPushIframe

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tothemaonline.os.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2551
etag: W/"06f50014011c1fcd9e21b6b0481979de"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7c9a81ff7cec366e-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 22 May 2023 07:08:17 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ Frame FFC8 284 KB
68 KB 27ms
26ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tothemaonline.os.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2551
etag: W/"2cf94922e2d551e8dc7c38c022a9a3ca"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7c9a81ff9d2d366e-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 22 May 2023 07:08:17 GMT

GET
H3 200 web Show response
onesignal.com/api/v1/sync/deac3b01-432a-498f-b6a7-3a0b55325fe9/ Frame FFC8 3 KB
2 KB 16ms
16ms Script
text/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/deac3b01-432a-498f-b6a7-3a0b55325fe9/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f34a3ad42d6d8666f875af08ad86fd1c6072b0b5fb8ae1fc297d69214b6c01d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tothemaonline.os.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 607
cf-polished: origSize=3459
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 2ff3bf06-b69a-4003-a108-c2956184dcf1
x-runtime: 0.023768
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"9c840cf877f873ff02767b2bc0f47486"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 7c9a81ffed83366e-FRA
access-control-allow-headers: SDK-Version
expires: Fri, 19 May 2023 08:08:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A4A8 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZ7YxhEOzTquKLYqUYmsa2OfILmUIrU3ff2jQydsGMpGg542p3MO6sTq_Ob6tkYT8x0_9g1M98Z4q6mAs1tSslWI6AP5yyDuA1aR3_uYHEuWsQKhaH-Oz3XrqcRcRRKBxUEjSL83bbWbsXHkSrorZ24JbyqM3kQLLs2fblJyVjHq08u82oPpn0lLtam3pWLAXtHeSVLa12MyuNCh7Nw9qMky88DMapgKTXw4L7r7pbeAKD-bqqwfHIJE_JYtkp3g_sl6MLuJ7DfJIRyU4kBRTDZ-VL2HCZnMw3BIFvw7qOhBl91UM81mIkAKdbdLhknYwLVVEzTP3ALru8VflP_iOly0HPzKkb4tF3--uE&sai=AMfl-YR2yddbcJkZ5l6L5FjAb3JhEO-tiIW3eotKIhdwieThlABirxKxbpHEJo360v_JbHr_FGQTQLMYIPwsolPyQ7fzA6bZOlU1FNGd-A&sig=Cg0ArKJSzEbkverdhZqZEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: cytoday.eu
URL: http://cytoday.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK ajs.php Show response
adsbydelema.com/www/delivery/ Frame A4A8 850 B
1 KB 85ms
36ms Script
text/javascript 136.243.19.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsbydelema.com/www/delivery/ajs.php?zoneid=237&cb=2876480840&charset=UTF-8&loc=https%3A//www.tothemaonline.com/&referer=https%3A//www.tothemaonline.com/
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.19.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dagr.com2go.org
Software: Apache /
Resource Hash: 388284f365d9b826b434f6fa199d16af2ad3496c61a21834fe4f9dbc5cab61a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 May 2023 07:08:17 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: 0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A4A8 170 KB
53 KB 44ms
17ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 May 2023 07:08:17 GMT

GET
H2 200 container.html Show response
7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1385 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tothemaonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 07:08:17 GMT
expires: Sat, 18 May 2024 07:08:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1C57 0
0 47ms
45ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5ZJno8W3UH4ipeN0wPcPH-gAyGP0W5x-SD5f3gJji4hoorIzzXiw6Jqg5FYUB0vkaQPRxByHEB38PfRN7LDNLRMmj6Ft0PxcpsTdHratO_hR2_tQz0Tg0M1rTPbB_1IsblVubm8AeqO4PuKbI68fCRaDXWiFPztyKEoF5-qLRy9hCUB3OlW90So4ca1Gb2WTEhCWopXU3t1waVmUxsyuuMMY7vhYT-s9yqgBnVFW45BJt3PQfkfu8YUj9ws_dhdAuCB4uByDnHJy41Y_9sPQcbBT_v2kE0KHGV6RO4XsgcJ-ba3vxhZ101e5w37FINCCbBHh2icGjkpW-2iGD34C5dm_rK1Oq9ho7io26&sai=AMfl-YTkxIoDJYHU7hxsbhzwXumG9o7jEIamIv_iTc78XaaU9zNgZ7F_auZIYn351Jo0LDrnzSi54I-ygU_YPg5UlfM8y9kBBfgmbVDcJA&sig=Cg0ArKJSzFiUgDydjsscEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: cytoday.eu
URL: http://cytoday.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ajs.php Show response
delivery.ced.cy/www/delivery/ Frame 1C57 1 KB
1 KB 81ms
36ms Script
text/javascript 2606:4700:3032::6815:a86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.ced.cy/www/delivery/ajs.php?zoneid=3775&cb=20652038450&charset=UTF-8&loc=https%3A//www.tothemaonline.com/&referer=https%3A//www.tothemaonline.com/
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:a86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33, PleskLin
Resource Hash: 41ee3d9346567ac5c126a1d9f1650495a3200242609dfe0a39362aaa97b7542d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.33, PleskLin
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFNzSIv6OvjsNfCwvZXIMqunUXcCwyIJCtHvm%2BKsDHCd9XWBS1JaNkKepnsh8Kaw7CqrFHmlTAAsseWGO6nw%2B7lk2HvjFxH%2BdeJd%2FOIzqw5jNoyBwu0JPnMUKoextCxZhZOugOhHpbBqQj5Bno0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7c9a8200deaf92b7-FRA
expires: 0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1C57 170 KB
53 KB 52ms
47ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 May 2023 07:08:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A13E 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstE30w7XKOUMekmMErSsXW6O22eiAyoFJcGg0CuFJ0a0KGiNBXG4ETQtmNA2edYOVXpkG8_dAlDD7eYSl_tY2lLCMIE2AiR0T6W3qcz3-nY0h_-SAa9XaBXpkVYh89AmNgxk3rv6Hh4P1qZ4G0eUDVuCLTfPekdEZJC8YBjNvkW1C-SRCGPi72jUy_SEEGnFXsY0r8Mg6KamEpjDhy6toDmpA7cTjWnaC_e8CI9MWgkdXbxJyEgq3RPrpF1VvDWOEGKu-7UuW7Qo1S-yrltK0xa5vapLYvYAg8A4m4syCuUbSooP2nJb8eFDltHQJvKw6CJkEu_JoGqTzsJs4JgTXL_3LjX0CZHzMYkv1SP&sai=AMfl-YQOP4A1V4Q6N4aLlsd-ruM5B-0prWJXmNkq9CkefV8Tk3fudM6l-oKZ5-Ru-cD0t6J_sDUyci9_zLwPyKqBvKUKdQCBdFpHbGlyow&sig=Cg0ArKJSzN1YkF2NRedfEAE&uach_m=[UACH]&adurl=

Requested by

Host: cytoday.eu
URL: http://cytoday.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/ Frame A13E 22 KB
9 KB 44ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:44:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:44:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame A13E 3 KB
1 KB 47ms
12ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:44:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51823
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:44:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A13E 170 KB
53 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 May 2023 07:08:17 GMT

GET
H2 200 5856019956300103373
tpc.googlesyndication.com/simgad/ Frame A13E 63 KB
63 KB 55ms
20ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5856019956300103373

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44ea57bfb7d9e276e06dc23ea0f9d1d11abd4688c12b7e1bf9503ebbfdeb919e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 13:56:32 GMT
x-content-type-options: nosniff
age: 61905
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64114
x-xss-protection: 0
last-modified: Thu, 11 May 2023 13:41:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 May 2024 13:56:32 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F70D 0
0 52ms
51ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuv3mRndV8rfbUHih7OHZk08svyvw5l6SC5yeUHwLS80tx0VU5kKJjLTBNAHm1N2pw3Z9T5-fntPQOvc-RbZkx8WwEAB4aAjeUBzRTszqqn2ZdMAB6ZY7k0ZU7zAhsZA8hTOW1HAUkrk6VTZsi0ig8tStn9gOfWmt72RFWDPFK3xb0DrMWS1Y6uyJKDdW2qfZVq3TNipmlse1hdyoT4cLZxpfnODi_JTfn4uK-ibR0gUPqV5JiJL5sPh8swSLSrSP7KlmuP3F3J0gZypk2nxyl8IQNKjvx-530zL5mbT9aApW76WmX9CowLPiaE75Qgfs166G4Sta0z1o_YY7iV1T6EpZZZOb9ZhD4kNNNF&sai=AMfl-YQytlHjEafsy9J7VHTOktxfJRXDmmrCZNH4U3Zfi8byIC01blrkQhi-m5-71xkchTYUKIPTDEYypy0lxjlzqXeSqX_4WtMt7ibl3A&sig=Cg0ArKJSzAlYdAiLSZ_SEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: cytoday.eu
URL: http://cytoday.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 I.ashx Show response
gml-grp.com/ Frame FEE8 1 KB
1 KB 99ms
41ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gml-grp.com/I.ashx?btag=a_162b_1283c_&affid=162&siteid=162&adid=1283&c=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f4e5b25985c26f00e28ad7aa98c44e32b22bfeec3c95f8452ecf62e207658106

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tothemaonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7c9a82010c603638-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 19 May 2023 07:08:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u00jU%2BNDPaBZVgO00AWIUYfraArIDbFXsb6av6zT2fok7uTfEdbFW2qXxhY%2Fh0ekQEHPsk9DVm9fTQCqDg7UfZdHCob8VBaVU60RybgUHJXJjIfz5EW0cf65TPavPWxzFmvOW9j2rnJM0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F70D 170 KB
53 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 May 2023 07:08:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8017 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssj1irNVVDNmAfgZ0vimo6IGNfU2gptDouXnOYmwkq-W7X7W_nLRziXwCRzgRyJjUMSsFIobQdWa36iXE0GPDIHgEzciLGtwBLA0yCo9kAjJhFxSmu_P_DLYKnwsGCBBPbjW8CYi1FA4kXaTHytrcP4SnEXI7ceOsbQXnwSy10O4zXZ6-yiVolC6cGYPj-ZAZAhcPSybOoYM5YAi_u9eNRt90bHOLQ2dlOz7bqLclp0ufbSAmYc_wG7E-bj42AC8NmZMkuZADhJgzMa7bzpCNUL-T1QAogzP7ws-mqzqvZRezRFWU6J_ICamJfY2Zjv1egUFo25AyHH5VEdlcp-7H8ZPbeXiVDb9vO8lz4w&sai=AMfl-YQBIIeONX5IDMTtXvhpos1zI9Uz9MKvqeKt4ej6h0J6OAN-VqcwBtBdpnCdjg7xRnWfOJN5rg6N9O7pyvjnnu2lnM_IDlv7D_Esig&sig=Cg0ArKJSzK4dk1J9Fjb0EAE&uach_m=[UACH]&adurl=

Requested by

Host: cytoday.eu
URL: http://cytoday.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/ Frame 8017 22 KB
9 KB 20ms
10ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:44:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:44:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame 8017 3 KB
1 KB 23ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:44:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51823
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:44:34 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8017 0
0 60ms
15ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1wLorrIgX9r-LxV_Jx0F5FwxFAxtW15ojy6fQmTkK8BcuWtpM694OhEwGvim-teY9edNQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8017 170 KB
53 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 May 2023 07:08:17 GMT

GET
H2 200 8365638837485364097
tpc.googlesyndication.com/simgad/ Frame 8017 40 KB
40 KB 24ms
15ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8365638837485364097

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b36f27566d5904347cd9c75d6f4eac94cf9bf5078f59e3f940aca2fbc8d66ae3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 18:49:20 GMT
x-content-type-options: nosniff
age: 476337
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40800
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 11:44:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 May 2024 18:49:20 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AEC9 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIOVTq3l-Dmcuoxj1tkMXFpet0BQQLw-xyXOJgBKzP5z19uGz1N0dpzHXJ0DhW2wzIVNp-vNwhplPVj65JaFeAc_1DDKtvhmA_Ct16ztaPctCRhEMt0-EKPhNtWmnOHx3xQcV-eEpgiR2GX78XTm1UKh_kxBsE9xJ4VG6ybOW5rJYDhA_rec9aapspU6vqJtftztcmLdRWZPK-ftX_1Q-k39MzWgfsw170-gfJK6GQiamzFt1bVD_sBbps2PrfF0yf4e5FKwv85p4yWXFZgWTE5bApsZ9kklt2u4V8XQLQtlGrNS8BdHsctBrmwpZ9na1A-trS5l7bt3DKJ6Wwtu9eM99KpaTEvA&sai=AMfl-YQC_-CvL2-emwSp7F9kFqTiX6KZEvxEvKWJartWrjD76ivK9Aap2ceUqh89rVbpMZedtRArY6XR8nCaOv4YrDCmkTNKoMJtusvbTg&sig=Cg0ArKJSzG2Y0UYorEAkEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: cytoday.eu
URL: http://cytoday.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 app.js Show response
servedbyadbutler.com/ Frame AEC9 67 KB
13 KB 98ms
17ms Script
application/javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/app.js
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Weng, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 7d9b7ee9ae860b2f27e08578dacc166269ab838417994fb62c568ff40245b5a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
content-encoding: gzip
last-modified: Fri, 17 Mar 2023 20:55:24 GMT
server: nginx
etag: W/"6414d3bc-10c8e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
expires: Fri, 19 May 2023 07:38:17 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AEC9 170 KB
53 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 May 2023 07:08:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A96B 0
0 63ms
52ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvsRbxxLksg-hxJeThdTL_AOVZ-tHJLOde4lMddOHtAf7oVrgz-SrX8FyVDpHuPYGgPtK9NYIwh1vBVmmMa4FbyFmp3GGSqzWMNXXBjLcj8zNvXlAznnZrXSBSXVdtUcCPbkmmP5I6pR7X6ZVTaLJTmeN05_9-LpbBvnuKMBxupOZlywO8w51uprjdbAix3Cl7PzQTlAAuGj7V_eZdlEWIOxrmoCYU5PNGY7Z4G-CB8Jex_4_cHn6N3b30WBsKsulK867Q61XNaSnAk5pAzmahjuADVpWT6OV7XxGXjinHro_fFWvnalReBoE6kSuXBfB_Diw9lbFY3KUi-mIQKC733WL81lyCF8A&sai=AMfl-YS4GRf8Z12LQcNVQE9ANoJR-ujqbM7Q2YsnGKSZRvzK2FGUL-zFOpt59-9Bxwkv-yhqwyCXbMTrfHLLpa8QoW5tbH1gpnHtJokN4g&sig=Cg0ArKJSzJaBdeviF9FqEAE&uach_m=[UACH]&adurl=

Requested by

Host: cytoday.eu
URL: http://cytoday.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/ Frame A96B 22 KB
9 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:44:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:44:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame A96B 3 KB
1 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:44:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51823
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:44:34 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A96B 0
0 32ms
15ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSRvIr_69voecIlUaGU03rd5tMAybdcEb--tviJH5_lhn9dbnOfzY_MJvHopHVmLRYYNbOR
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A96B 170 KB
53 KB 38ms
27ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 May 2023 07:08:17 GMT

GET
H2 200 9454678420153059455
tpc.googlesyndication.com/simgad/ Frame A96B 53 KB
53 KB 25ms
10ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9454678420153059455

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a433f800bbb43a0c6bbc2407ab71955b61e2fd2cedfb8a86e45e4986a693e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 13:56:32 GMT
x-content-type-options: nosniff
age: 61905
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53869
x-xss-protection: 0
last-modified: Thu, 11 May 2023 13:40:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 May 2024 13:56:32 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AF32 0
0 51ms
47ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6tBybKKQ88hAS3IIFaJAvasd2Tp-T5pEerk5Rsj1vrQ8nTtsUp5UJi1kuJU7JJw6RwtmZOSbRtl5QfzKssq4x8Yh9egIS32v1tmQu79A_uAw8OnnddlQT58BdP41kyAz4tbQyGvKScAHVvOqESMrehAOJ32Q49jdsttqDeiJWKMVk78CYWTbWSb1LM76rUqnDop_35Aqy6fAZ6MTdTsYidAOKO3Xm4lAKhqj1SPdyu_wwukPZFvZuFovzMkQcHibn6veN7R9mBHFM5aL2AxjXXUKgQBRRiIYcX1L_CrdESia7glosZc45W1zSNVUAAlDZkUaRxWaSHV5PQT_aO28GjlJaQ5eb0w&sai=AMfl-YSK9DprUQ7howaWwDwD9oCrLjOD3P2AxFDf9R0LenlLUZKwzNEI_BZ7Ly97W81HhonSd67_6WfESJoy1aYlDqI5LduXtkchdF3clQ&sig=Cg0ArKJSzDJXCysO5EC3EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: cytoday.eu
URL: http://cytoday.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ajs.php Show response
delivery.ced.cy/www/delivery/ Frame AF32 1 KB
859 B 40ms
36ms Script
text/javascript 2606:4700:3032::6815:a86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.ced.cy/www/delivery/ajs.php?zoneid=3776&cb=93481435541&charset=UTF-8&loc=https%3A//www.tothemaonline.com/&referer=https%3A//www.tothemaonline.com/
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:a86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33, PleskLin
Resource Hash: ca0f45da4c50a923b50db8c85b642f68157fd8f486454b7b89f289962615f035

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.33, PleskLin
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v0LeySz2rGinVeRFHaUubWGJAMvJlBoG8TsuMl5lUKPMxqu6TQjbyojkk8Lx1ZSadiyH8f%2Fzmite9RoXr0zw%2BGFlKe3gQDv5Ns9mwAAlGeqhRaFTVokK47PH88h8xVjU9C8%2FG0tgZou8%2FcraDRY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7c9a82010efd92b7-FRA
expires: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AF32 170 KB
53 KB 36ms
33ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 May 2023 07:08:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C47C 0
0 48ms
44ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSPELmf9w6a1O25DKjAWF_RnhaLvGcA1fqBAP72nDmZOH72XjMRzqA9PQa9vMJ0bz-6RKpXx3ceQ4F4yi_1FoTdravZn8YEKnEPLTX0IfhA43QF6UfbrWfYMSgtVgUDGN7jlK4mOQk-HS5FDnyC-yBZtrvErUz1mRBfTHi1RfV9eAq4OhMoxYtDIvBHhk_ygFNJEzlSpQPq_M--0g6-pDdLA0KDmbKt3y8pmszhaqC0NvaU5lKB1U1KRhGtlue-thqkiLoHxGFvSWZ-XMh1ox1RZzbg_mCl67bubAbfoGGB9ShgobMtokfAs7phMSQOZ4fjiQ1fd7IO2eXIJ1E62JBCLdA2kYKwA&sai=AMfl-YROqoSnmF6VaqLxPyIHFvWPUoeep4-SHI-3ox_SGpP_Ifkc9pDkn9XGpz742N4HwXBES4KXn1jbeRWLy9q2o9-j8hx54PSN0bvWng&sig=Cg0ArKJSzEo86QRDhKsoEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: cytoday.eu
URL: http://cytoday.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 I.ashx Show response
gml-grp.com/ Frame 6457 1 KB
800 B 49ms
49ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gml-grp.com/I.ashx?btag=a_162b_1288c_&affid=162&siteid=162&adid=1288&c=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

894755a38e27cbfadeb33bc21a101e0d906350b54aa23abb187b1b5e22ea0ef6

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tothemaonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7c9a82012c7e3638-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 19 May 2023 07:08:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oh2KQqk7q0DI4z1SQkewdmeY7fXb2AnuwU4HtdVS%2FuKr5H76PYqquPMTdSDzD5lE%2FCYnhHcmwsr9CFBkumiyxmInit1Tb3mzOSvy292jZlfgsuEqy4jmCfNNzFa%2FabAoMAe8qFBiD2MoUg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C47C 170 KB
53 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 May 2023 07:08:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6F3D 0
0 49ms
49ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuK5BysWDy3pQqDS6J_4LrpjO6fAG9274IRBzh68XI80Qbf_ZPitaS28TAIqNDzOPfleFhddFI15NG2i1pOb2h4gR4SN5uV_bS3QYv7-ohOFK_6vk7XchIY2EtGGtZVB2MfiaC7BGV_7tHuPQPutXZJ3QqPGSZjK3NTETPGfCsCfZp-RN0BaaFOLwhH6ysguxr5fkzMaMOloerZ12_qIHe0iZ5LnEr063pfqyUCJi9S3qzYKMBUM5Y5uFg79NL_0wyRY69fqwg_10omt_QLbzpzGSYTPaCTl1i4_URI6FPOw_3iOBK0aBAGDPY3Fu-uiKENnb2KzLQpaKJnhRMk5b1iC94dBXHbZA&sai=AMfl-YRQtrni5c1MOrkrAvXM_16nTjBSSnGfXnvherFeWXCFyD53ENUyogL8CMCM-w4KveU9x8DB3sPWtmI3xQAlFDddInQenXs6fQs9sw&sig=Cg0ArKJSzEC1etYI0yhhEAE&uach_m=[UACH]&adurl=

Requested by

Host: cytoday.eu
URL: http://cytoday.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/ Frame 6F3D 22 KB
9 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:44:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:44:04 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame 6F3D 3 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:44:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51823
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:44:34 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6F3D 0
0 21ms
20ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTwf_fvcGYxsqHYWjiKCbgA1bQC9MpCX3OPH78DjCuqX4gc2ytjjcTwTIlHYqCZv5jcJr5w
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6F3D 170 KB
53 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 May 2023 07:08:17 GMT

GET
H3 200 17354411444664995895
tpc.googlesyndication.com/simgad/ Frame 6F3D 45 KB
45 KB 18ms
18ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17354411444664995895

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6218fe43fa2938fe13988554b7f4137028cc0ea1a8bc777e82b32b265f675755

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:40:05 GMT
x-content-type-options: nosniff
age: 480492
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45856
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 11:45:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 May 2024 17:40:05 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5E15 0
0 50ms
44ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstCxbpmSbJvS3L6SWE2JPSq39FLr62MoMOOHle45em1aIDF_4UsD4fGn198S-QDlOjXHo__ytqN-lerUN_300XAKzeq51-E1tbr64IPYgiR2iJM65QGTsMezTtfmLT_avc8VKlFd_qgzSwQa1UFNcMPe5kLRPiOADD9ZNbzjEYrX0j7BxW_n_kGN9OqUvbJiCAJKkcQx9o0ejDPUpHIE6xfzuJFH91hbQy-LuP1tu45Z4iNYhCFrmZripqtGe-nfUFyHDEF0PLsRWq-SfuuMeZQmv3RGZHt9FV83-5D02YaNKNTE5aH65WQaxK5yc8tGG2vxI-p-GvxFZRdW-jIQVvXs6VFn6qhCLO53sL1aEwC4Rk&sai=AMfl-YTwpF4tLpPV24D-Nb8d6YaGL3mwNJrV-S3RmA1_yi-1l3BMEynan5CYv0497F7aAwJPa1ip54HeDiWxcCpj2mYRWDgZqlro_ngmDg&sig=Cg0ArKJSzAp3qVJ8lWHjEAE&uach_m=[UACH]&adurl=

Requested by

Host: cytoday.eu
URL: http://cytoday.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/ Frame 5E15 22 KB
9 KB 15ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:44:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:44:04 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame 5E15 3 KB
1 KB 26ms
19ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:44:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51823
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:44:34 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5E15 0
0 24ms
17ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQSWHD7f5vZHEq_k-7dxC95L7qPe10Jga22YBxNuDV5akOVpn8xVcBpscPqsc0o1qVyX00K
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E15 170 KB
53 KB 29ms
23ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 May 2023 07:08:17 GMT

GET
H3 200 12129539269925748908
tpc.googlesyndication.com/simgad/ Frame 5E15 63 KB
64 KB 26ms
19ms Image
image/gif 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12129539269925748908

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b44bee48eed38b583979654094c4129d802777a8d118c4aeff8c656373173631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:40:40 GMT
x-content-type-options: nosniff
age: 275257
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65012
x-xss-protection: 0
last-modified: Thu, 04 May 2023 05:27:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 May 2024 02:40:40 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A73B 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulRm4Rx4VqjRwV2hD7C3n13m5tLem_OtEh3EoejZVTGmT5S9YY6AVas8Di0BiAUx_iAHfvQ-sJ8qEXd1OxTmMH4wyjOfBLGLUOn5y7fJk47oCHFOesuBuZ1IorhzYIDaxXnzNVAFk73tAo2GLDkrEPX0ohfi2HgoZ1iukym4EJYmvYBeRxNI79SV5g-zADIdudq2bNybUC7BYujCMp9CgpQubhBkvtCjUti_FqpBMF-McuuLzKlBdPHWMQA6iA5lf4jnHE6rYYDbKN2Gkh4NaGgut5otwhy1vI6FuUn8StvU8QKr8XMQdL5C4ON60GJsHm3rwl1Z8zStOhHJ5J6UsxhV-dFFei4aJp99vUnKUq3EU&sai=AMfl-YSXiujxbLmXBH6aldG67gtWxSz8nmmUyBWdnrfVsWGBO6XMWdUKmbagmhjaS9A3VrD6Ksb1lq0sZgcN4cGRWLqprrgdAEq2ZKBEFQ&sig=Cg0ArKJSzK_gf1CLbi7-EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: cytoday.eu
URL: http://cytoday.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame A73B 2 KB
1 KB 87ms
13ms Script
application/javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15627557&cmp=29914643&plc=367016469&sid=1854396&dvregion=0&unit=300x250
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 10:59:51 GMT
Server: Microsoft-IIS/10.0
ETag: "2d4a10aae224d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A73B 170 KB
53 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 May 2023 07:08:17 GMT

GET
H2 200 s.5.6.min.js Show response
wlstoiximan.eacdn.com/TrafficOpt/ Frame FEE8 7 KB
3 KB 323ms
11ms Script
application/javascript 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wlstoiximan.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Requested by: Host: gml-grp.com
URL: https://gml-grp.com/I.ashx?btag=a_162b_1283c_&affid=162&siteid=162&adid=1283&c=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gml-grp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
content-encoding: br
last-modified: Wed, 30 Mar 2016 16:08:31 GMT
x-azure-ref-originshield: 0VSBnZAAAAAADbezeVNyLRbFKt03Q6/7ERlJBMjMxMDUwNDE4MDM1ADU4YjJhYjU3LThkNzYtNDFjMS04Mzk2LTJmZjgwODZlNThkYw==
etag: "56fbf9ff-1a7b"
x-azure-ref: 0YSBnZAAAAAAqzLaAjqeWS6wg3LGA9mIaRlJBMjMxMDUwNDE5MDM3ADU4YjJhYjU3LThkNzYtNDFjMS04Mzk2LTJmZjgwODZlNThkYw==
x-cache: TCP_HIT
content-type: application/javascript
cache-control: max-age=0, no-cache
accept-ranges: bytes

GET
H2 200 Ad_1283.js Show response
wlstoiximan.eacdn.com/wlstoiximan/img/js/ Frame FEE8 659 B
1020 B 322ms
10ms Script
application/javascript 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wlstoiximan.eacdn.com/wlstoiximan/img/js/Ad_1283.js?t=2023051907
Requested by: Host: gml-grp.com
URL: https://gml-grp.com/I.ashx?btag=a_162b_1283c_&affid=162&siteid=162&adid=1283&c=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3dfd28d9708a81e197bfbb4b06c712681906b48638bd0be8a4f927855a9743fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gml-grp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
last-modified: Tue, 11 Oct 2022 09:45:05 GMT
x-azure-ref-originshield: 0DSBnZAAAAAA593AGWHjyTauJvAYNDL5zRlJBMjMxMDUwNDE3MDUzADU4YjJhYjU3LThkNzYtNDFjMS04Mzk2LTJmZjgwODZlNThkYw==
etag: "63453b21-293"
x-azure-ref: 0YSBnZAAAAADkoW/aAZKYQKv1l2ol80ozRlJBMjMxMDUwNDE5MDM3ADU4YjJhYjU3LThkNzYtNDFjMS04Mzk2LTJmZjgwODZlNThkYw==
x-cache: TCP_HIT
content-type: application/javascript
cache-control: max-age=0, no-cache
accept-ranges: bytes
content-length: 659

GET
H2 200 s.5.6.min.js Show response
wlstoiximan.eacdn.com/TrafficOpt/ Frame 6457 7 KB
3 KB 320ms
11ms Script
application/javascript 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wlstoiximan.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Requested by: Host: gml-grp.com
URL: https://gml-grp.com/I.ashx?btag=a_162b_1288c_&affid=162&siteid=162&adid=1288&c=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gml-grp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
content-encoding: br
last-modified: Wed, 30 Mar 2016 16:08:31 GMT
x-azure-ref-originshield: 0VSBnZAAAAAADbezeVNyLRbFKt03Q6/7ERlJBMjMxMDUwNDE4MDM1ADU4YjJhYjU3LThkNzYtNDFjMS04Mzk2LTJmZjgwODZlNThkYw==
etag: "56fbf9ff-1a7b"
x-azure-ref: 0YSBnZAAAAAD4LRIdkVaVTa0eLVzlbjSdRlJBMjMxMDUwNDE5MDM3ADU4YjJhYjU3LThkNzYtNDFjMS04Mzk2LTJmZjgwODZlNThkYw==
x-cache: TCP_HIT
content-type: application/javascript
cache-control: max-age=0, no-cache
accept-ranges: bytes

GET
H2 200 Ad_1288.js Show response
wlstoiximan.eacdn.com/wlstoiximan/img/js/ Frame 6457 659 B
949 B 336ms
27ms Script
application/javascript 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wlstoiximan.eacdn.com/wlstoiximan/img/js/Ad_1288.js?t=2023051907
Requested by: Host: gml-grp.com
URL: https://gml-grp.com/I.ashx?btag=a_162b_1288c_&affid=162&siteid=162&adid=1288&c=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c7c406fe6c38d320a271441c8b565acc62611bb2925f5cb80a6667987a4b9130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gml-grp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
last-modified: Tue, 22 Feb 2022 15:41:34 GMT
x-azure-ref-originshield: 0YSBnZAAAAAAdsNJ6BHTVTo9Ypct/dCvuRlJBMjMxMDUwNDE3MDQ1ADU4YjJhYjU3LThkNzYtNDFjMS04Mzk2LTJmZjgwODZlNThkYw==
etag: "6215042e-293"
x-azure-ref: 0YSBnZAAAAABZTqRreoBAQ4dXxI6i/GmlRlJBMjMxMDUwNDE5MDM3ADU4YjJhYjU3LThkNzYtNDFjMS04Mzk2LTJmZjgwODZlNThkYw==
x-cache: TCP_REMOTE_HIT
content-type: application/javascript
cache-control: max-age=0, no-cache
accept-ranges: bytes
content-length: 659

GET
H/1.1 200
OK 1afc7701d652ec23d227837f4ed6d5c0.gif
adsbydelema.com/www/images/ Frame A4A8 72 KB
73 KB 11ms
11ms Image
image/gif 136.243.19.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adsbydelema.com/www/images/1afc7701d652ec23d227837f4ed6d5c0.gif
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.19.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dagr.com2go.org
Software: Apache /
Resource Hash: 7ac9d104d543540e7371eccfbd2ebbd6aa8457b59c8c512f55d8d9154df3fd90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:17 GMT
Last-Modified: Fri, 12 May 2023 11:12:44 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 74221

GET
H/1.1 200
OK lg.php
adsbydelema.com/www/delivery/ Frame A4A8 43 B
500 B 54ms
33ms Image
image/gif 136.243.19.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adsbydelema.com/www/delivery/lg.php?bannerid=6625&campaignid=599&zoneid=237&loc=https%3A%2F%2Fwww.tothemaonline.com%2F&referer=https%3A%2F%2Fwww.tothemaonline.com%2F&cb=1cb2063edd
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.19.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dagr.com2go.org
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 May 2023 07:08:17 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F70D 0
0 70ms
53ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-83Q5UFJ-_UPStfpTQyq2cpP0AUXarhxw9OVVPdR9jqUvww1ryrosp3EXOmcF_xB9C6w1aJmBFnlB79qQ_CCEAp6ryzyxZvLt3UBDjF-Lw9ZRtG1gz036VTv63OhqNLKtV7YodX51YKVoLmW_-FV1Ey-s-H-aW-LO0qGKZRojSVyQv3CdfErtMxtHQfOBGcCAL8R7CRL4i3IG7bXR89EFF1M5gTxGicZ8XmAvAcQdpExiDyXXwrJ-Ku4nrIZzmV4DD7V3BvZdwURr2VlDxjMOmdiuSt0MxT6CBY9mP8cKE2lL9ziPOYuvaAQjY5HzAUVPTyz8C8sKM9JNaMrOLdXMq0mzNQJrUsoxVCONCcQ&sai=AMfl-YTfjd70E38XuKmTtUud1cKk3cG7e5NQTgUhoQYzuRmcxhGrKGWksL5i-an2_V3mRKP3-6DK-Ozg1xHCDJuRBYABMc4wkZsG3k3nPw&sig=Cg0ArKJSzMQM8Sg27CrUEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 19 May 2023 07:08:17 GMT

GET
H2 200 index.html Show response
delivery.ced.cy/www/images/a6780b9224a783e89f128287d9845d3b/ Frame 9850 4 KB
2 KB 31ms
30ms Document
text/html 2606:4700:3032::6815:a86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.ced.cy/www/images/a6780b9224a783e89f128287d9845d3b/index.html?clickTag=https%3A%2F%2Fdelivery.ced.cy%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D4724%26zoneid%3D3775%26sig%3D37540a9b8555e39f6b0359ecda3bfe6800847eeaaf4172979ce8dae74ca2fe7a%26oadest%3Dhttps%253A%252F%252Fwww.hellenicbank.com%252Fel%252Fpersonal%252Fpersonal%252Fconsumer
Requested by: Host: delivery.ced.cy
URL: https://delivery.ced.cy/www/delivery/ajs.php?zoneid=3775&cb=20652038450&charset=UTF-8&loc=https%3A//www.tothemaonline.com/&referer=https%3A//www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:a86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 043f8f5640d558a90672b7115bb0b6e39cc1442293a1281bd07c048b9d5356bd

Request headers

Referer: https://www.tothemaonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7c9a820258b192b7-FRA
content-encoding: br
content-type: text/html
date: Fri, 19 May 2023 07:08:17 GMT
last-modified: Thu, 04 May 2023 14:24:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZ7Fs62W5T1A6QVPFhFPD8iIm3P%2BQrMLH%2FzJFa7OcMUpn42oVVvHAgh1jEaU0b2XnVmkwWnhnqaQQszE2ycAXyfPRGIgPcBn8Cg9pxY3UpMO2wd0Wp9r7OOuX1fl%2BKK%2F4MEPHLu5ejDydJpktTA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PleskLin

GET
H2 200 index.html Show response
delivery.ced.cy/www/images/11325a97188551ed795002a67d987b12/ Frame FDC6 4 KB
2 KB 25ms
25ms Document
text/html 2606:4700:3032::6815:a86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.ced.cy/www/images/11325a97188551ed795002a67d987b12/index.html?clickTag=https%3A%2F%2Fdelivery.ced.cy%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D4726%26zoneid%3D3776%26sig%3D0e8ef3be333ae73bd65aa09fff9e01390ed88997ef4c03a6d6970111f100a587%26oadest%3Dhttps%253A%252F%252Fwww.hellenicbank.com%252Fel%252Fpersonal%252Fpersonal%252Fconsumer
Requested by: Host: delivery.ced.cy
URL: https://delivery.ced.cy/www/delivery/ajs.php?zoneid=3776&cb=93481435541&charset=UTF-8&loc=https%3A//www.tothemaonline.com/&referer=https%3A//www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:a86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0b08e4d0d50ba92f9f6334d784c28b82b6394c7679c5d3d6fb71b79f32c9da8a

Request headers

Referer: https://www.tothemaonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7c9a820258c092b7-FRA
content-encoding: br
content-type: text/html
date: Fri, 19 May 2023 07:08:17 GMT
last-modified: Mon, 08 May 2023 07:29:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YFXPeFp1mZJaOJ59MS5awooJ6DF4IpwTURZdZ7tNjtU%2BbqCgMTqvlasaM3pRqpVduMjYwjj66VspJmu7uwIltX4GQ4Ujz17UE5rMOsU18mEYolvR2zeJABKDmAi64zD8AHZ0eaKBh69BoHLygLg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PleskLin

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C47C 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstm7wBRFG_fx6nASIJunsdheTWZaeSz4sAQzgRI6x2Igg-OV2yv7pABacEFDmpRP3-02agiGadb8_5I7ylyJD00E03SJr7xVfPo1Xc_csBaeYkTEGaD_WajbMf4i6HL6C2GWnlcPvS8TAdYHLkilPFTs094LrpnHivRMZPJQUv1Pu_uuku5tAo3g5DigjwkWbp481u3aO5OobW33eRWmnUxeXC66AbcmFx8KI4UMggHgKWSv_N8gN5xll5UzWqg--kgy6Aqw-rl1qUJewaNofiF1-kqvnvJa2bwFRJTV4QndBsr1hYW6x1ELw6kiNcq6NWwn9-5xuE9KKIJLxuz3p-UC4RB9h49VbaV&sai=AMfl-YS5AqTjZHk8YW5GiOTMfO-1zBF4T4BTGF17E5XhiyDGaIYGZfbnpRWpjCYUoAOyc50MUOaeP-om4oRZuj0HJUev52hiSNi2O8xTlA&sig=Cg0ArKJSzLV9GFY-W_O0EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 19 May 2023 07:08:17 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame C6D9 0
15 B 15ms
14ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.tothemaonline.com
Referer: https://www.tothemaonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.tothemaonline.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 07:08:17 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1385 24 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com
URL: https://7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 09:20:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 510488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 12 May 2024 09:20:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1385 170 KB
53 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com
URL: https://7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 May 2023 07:08:17 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 9850 236 KB
63 KB 41ms
15ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: delivery.ced.cy
URL: https://delivery.ced.cy/www/images/a6780b9224a783e89f128287d9845d3b/index.html?clickTag=https%3A%2F%2Fdelivery.ced.cy%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D4724%26zoneid%3D3775%26sig%3D37540a9b8555e39f6b0359ecda3bfe6800847eeaaf4172979ce8dae74ca2fe7a%26oadest%3Dhttps%253A%252F%252Fwww.hellenicbank.com%252Fel%252Fpersonal%252Fpersonal%252Fconsumer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://delivery.ced.cy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 May 2023 07:08:17 GMT

GET
H3 200 index.js Show response
delivery.ced.cy/www/images/a6780b9224a783e89f128287d9845d3b/ Frame 9850 15 KB
4 KB 17ms
16ms Script
application/javascript 2606:4700:3032::6815:a86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.ced.cy/www/images/a6780b9224a783e89f128287d9845d3b/index.js
Requested by: Host: delivery.ced.cy
URL: https://delivery.ced.cy/www/images/a6780b9224a783e89f128287d9845d3b/index.html?clickTag=https%3A%2F%2Fdelivery.ced.cy%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D4724%26zoneid%3D3775%26sig%3D37540a9b8555e39f6b0359ecda3bfe6800847eeaaf4172979ce8dae74ca2fe7a%26oadest%3Dhttps%253A%252F%252Fwww.hellenicbank.com%252Fel%252Fpersonal%252Fpersonal%252Fconsumer
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:a86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 84c0afef4c75786c7b5723789e1e3111612a8c88a53162f42e5d96b426b40754

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://delivery.ced.cy/www/images/a6780b9224a783e89f128287d9845d3b/index.html?clickTag=https%3A%2F%2Fdelivery.ced.cy%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D4724%26zoneid%3D3775%26sig%3D37540a9b8555e39f6b0359ecda3bfe6800847eeaaf4172979ce8dae74ca2fe7a%26oadest%3Dhttps%253A%252F%252Fwww.hellenicbank.com%252Fel%252Fpersonal%252Fpersonal%252Fconsumer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 May 2023 14:24:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1896
etag: W/"6453c029-3b65"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DmTDQ6%2FkRwcA7CY2rIwHU739u1e0up169qJtaE2dOHBADgas4Gq2ziIziZzYUSuq8Z41arTcNyDty9aVZdZY%2F78JGOFwzsQVwNumo%2FfPWdPYHMl9lnt0Bu58TAvoVcOpQ0oo5J2sUVSd0GX6vqI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7c9a8202ee996925-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame FDC6 236 KB
63 KB 51ms
25ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: delivery.ced.cy
URL: https://delivery.ced.cy/www/images/11325a97188551ed795002a67d987b12/index.html?clickTag=https%3A%2F%2Fdelivery.ced.cy%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D4726%26zoneid%3D3776%26sig%3D0e8ef3be333ae73bd65aa09fff9e01390ed88997ef4c03a6d6970111f100a587%26oadest%3Dhttps%253A%252F%252Fwww.hellenicbank.com%252Fel%252Fpersonal%252Fpersonal%252Fconsumer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://delivery.ced.cy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 May 2023 07:08:17 GMT

GET
H3 200 index.js Show response
delivery.ced.cy/www/images/11325a97188551ed795002a67d987b12/ Frame FDC6 16 KB
4 KB 16ms
15ms Script
application/javascript 2606:4700:3032::6815:a86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.ced.cy/www/images/11325a97188551ed795002a67d987b12/index.js
Requested by: Host: delivery.ced.cy
URL: https://delivery.ced.cy/www/images/11325a97188551ed795002a67d987b12/index.html?clickTag=https%3A%2F%2Fdelivery.ced.cy%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D4726%26zoneid%3D3776%26sig%3D0e8ef3be333ae73bd65aa09fff9e01390ed88997ef4c03a6d6970111f100a587%26oadest%3Dhttps%253A%252F%252Fwww.hellenicbank.com%252Fel%252Fpersonal%252Fpersonal%252Fconsumer
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:a86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4dc3d432dde2f522090140ed462d4736f9cc19104c1f633b0a243622635609e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://delivery.ced.cy/www/images/11325a97188551ed795002a67d987b12/index.html?clickTag=https%3A%2F%2Fdelivery.ced.cy%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D4726%26zoneid%3D3776%26sig%3D0e8ef3be333ae73bd65aa09fff9e01390ed88997ef4c03a6d6970111f100a587%26oadest%3Dhttps%253A%252F%252Fwww.hellenicbank.com%252Fel%252Fpersonal%252Fpersonal%252Fconsumer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 08 May 2023 07:29:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6763
etag: W/"6458a4db-4168"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8KkUJTpEmapZ6tLkN6kTPmaDSU4Khl5M%2BxC6fRr%2FxPkR4ln7Xg0eUY6%2F%2B3i1BmjkpOfnQ7leunXqYZs30gijLN68qD4WgOFH0W%2BSSSR2dxaj8AGOoL%2FtkDYJ6MUKgEsV45L9GQiHT2UlSC2gNk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7c9a8202ee9a6925-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ;ID=167774;size=728x90;setID=201433;type=async;domid=placement_201433_0;place=0;pid=9962992;sw=1600;sh=1200;spr=1;rnd=9962992;referrer=http%3A%2F%2Fcytoday.eu;click=CLICK_MACRO_PLACEHOLDER Show response
servedbyadbutler.com/adserve/ Frame AEC9 707 B
781 B 27ms
27ms Script
application/javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://servedbyadbutler.com/adserve/;ID=167774;size=728x90;setID=201433;type=async;domid=placement_201433_0;place=0;pid=9962992;sw=1600;sh=1200;spr=1;rnd=9962992;referrer=http%3A%2F%2Fcytoday.eu;click=CLICK_MACRO_PLACEHOLDER

Requested by

Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

116.202.46.88 Weng, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88.46.202.116.clients.your-server.de

Software

nginx /

Resource Hash

60cf4f39cb77869418f3ced2474cda79ba80829dd03d0c04367967e1d3d05518

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 07:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type: application/javascript
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8017 0
0 44ms
43ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssheuyRSpbzeUy2Ulfl8YhrdV6nwNNWvz9pcHDsUWQ-9f_SI4KUzv5afJQ0PnCdqpJQ3HlwJDFg4xJ1HwJ8MSBFxrCXb62Qp_O7kTeRP1NFX3ACPNClr7bG4XpbtvCOtUVvFfNSXFgEljmWVopptt5eCKMlTjbNLaNDd0lIi6Jxnu7m2HPnWpBia9G9aSI2PLC0KQQZjAM8XuI294XE6_KRt8BSdWbF-_P0g7rDKyhu1DcgB3HrJJJUrYsE_oLA5GQ87wCoBvHBH9eMafjRR5PQz7CEtQq2nvza0rS2hdsLviZeaGxXzBmC2dSNwx06M_ZVL0OHV7kcB1AOgedBQ0DvBMzly20o7NSxS7mXICk&sai=AMfl-YT8yQpDsp_-JvIZ8rd40pjIyvK2RIzSKqAAZT4SmPR7QHLytvXPm1oXaMa37d9PHS_AE4iNX96Jg0f-p9HEMJ0tLWbY3KaUHCKEOg&sig=Cg0ArKJSzC1KL_3UaTc8EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 19 May 2023 07:08:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A4A8 0
0 44ms
43ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjste5WXfPPbLb1uHKfzL4d6ZLmBjOA9k7wfuSG_7tvPD-EgtV5XAXH1XMaYrSgZ93MgAiUdkZrupg73UNust9xUDjXURPiwT7gCfGHOaEVH8Y5VQdZyuzrngYazbfjlWakQU7PnjfZ6TbwMj0GpWWqBqZMRxqX3pnQEM3oH-nmT2m4khKEe5MOBVymtfigPlYpVKzy-u-GIIpg30V4Obd0FgkdnSg6kJpA1FQmSYsFdKEQT2PQA3Do7-2Y8G9v1pV_aWhgldLrOKCyEYuenbLHM_QmmQcGrecif_nZAXUWkFP4qmZgcWCYECFReU4UhT6S8IxVAa3bY_pIF8TcBB-43so9PWCOaJami23mWoDCI&sai=AMfl-YQBtws4l6DwLCojFk02zne3x47q_xLSBu9_yXpyePSDS81FV0uyTMawSCMYHYPR8Dv7QidwpUqFj1ooW98j0Xrr88cAWWwWow7ZIA&sig=Cg0ArKJSzGUwBVn8aaTvEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 19 May 2023 07:08:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A96B 0
0 46ms
46ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvsJOKpu5Y4HU_hTH1hyyWsUrwvX3zScQXrEYS9tqxY5BCSoi0HM200DsXcfinDB0iyGy5M57VactEY8F7frt79605rD4IVm6rUZhBVXxfzXe_TtRE5MKLs7JLmP_eNGKXpb9DuExddrmSqwzkIULCxNrBX1yskGJXST9yD6Sod1GYveqiRGHcy2tV_hDGfHckbAuByFEe5oxeW9ehuh28sk3C9F4Og2kA3IsAPQiyfS-TgmHcwpqRF7BYEmGVzMq9-HIJnP8fvi0OdHnUpp7YaBXJVf5rhfFdKH5LyyRVaS2hHW50qB9-1SdBrqNIa_hzaIFxnvSo4NoRDc4_Y-yefHTI0qVg57okF&sai=AMfl-YS6GdmgAvPqPSDWqOykqFR2QeVq7DiF086GboWWtwosoRMKgOpB5GwEhA1lURe_0z_QWim-CRKEosAyGcjpeaxzS1ekDoQpCBL1LA&sig=Cg0ArKJSzEuw0dPZUSCiEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 19 May 2023 07:08:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A13E 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgsfpUNTdtLRJ7ctEHWbmpKJXb2znhv2nT7WCUNuSCyOWaZFXaQPptnad0mOuhu3iJD33Hajzd6IYXPjNkVw4B1QoB8CeNPs1g_OzjkAOAvljUtdNBRZRAds8M9sFZ0TxrjAKyYfxqNGEdodaoStYEIVCsgMsquApccZhN0nD57LqxVPBZan9Pma6GSeWl03vMHxsrC4Zdn3wqbvHADu1JUDzTL_NCotlXTDlaaInqbneuaDm6rSd8xkedaabezbkSAqEmKrgn8eEJWXST2KQimrZ4foLWgAGSCT83pjPCwQGkXwMPht6xFrC79tMe1u_kFNONbKKqaDWAI4CmYu90FuaGLnbhOKNxmHwckCE&sai=AMfl-YSADxjTARxFCLil_cQ0W36WCyfTC1YlE_9d_ac5Gpbn7zEIj8BEiK5Zf-irWI2N-i9LmExpJuOhXq7ELsfpIescGyIg7i1bbQdL2Q&sig=Cg0ArKJSzIgoMTZnPQ_YEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 19 May 2023 07:08:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1C57 0
0 118ms
118ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvd486hokfnIlsjpc_Tu_rA497LmWv4vg3zWqBch7o-UQexjkWR5o0hRKo736Ngg1lDQfwf4YepznNycyVAwiKokD6TmoPxYMSgEpLUCf-uIL0y_7_hqUYBDPgT_L9on51gwnk5E3JN2NI3H4Ur7mtKfdvjZINDQ6NfAbILU7NgnV7syumprCrJAvdKZc_TAy625SLDm1mCAp3Qw0VgjeqSGtSzMQ0rQNuk_yk-QGABjngKyJCceMzCMOoGxJ5Uh34yb4FPwvGFIkUw_i9m4VXlJZgAWus47RDFjdLeUlyOStIFOIKmGE5XVFYw5Mj9ZilN9c7b4tx18gVJ5qUnAkee2-jC-P0Cplbxfnr-c1g&sai=AMfl-YTeEr-kHiBtOUKswevV2xVOJF93MnVWgyyylSZXSrNgTws6GPG277NZ3hy3ibDeFS00QtLJu7ezz60pIiRvWIuuq86BaJ5pQ37w7g&sig=Cg0ArKJSzDIaDvBLyp2cEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 19 May 2023 07:08:17 GMT

GET
H/1.1 200
OK dvbs_src_internal117.js Show response
cdn.doubleverify.com/ Frame A73B 57 KB
19 KB 14ms
14ms Script
application/javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15627557&cmp=29914643&plc=367016469&sid=1854396&dvregion=0&unit=300x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:08:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 11:00:18 GMT
Server: Microsoft-IIS/10.0
ETag: "0cda5b9e224d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18840

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6F3D 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjfxTq_4zFKq0CEEesWCXt0JWTGYt9vPyyroyeGNlYkzng5LIwi87xqO-FjSF-exiqPDmX8z7UXD9sQx0_0eWeQmCe68tk4gFd-yMbYbHNERPFHrmorkmjgWhBHNSNgkc63nENWMCJdspcMvTNHMdns_G0v9mucp6XomfvD5N3065N4gXKocTMFMzZmgxL01OJ_fKXFiElRYouOedKrW4WcbRrbSbiozPYb7XYzZa1UbYZm93W13ld-5oYsCW8osdP7-soX-T_lEP2hpTmV_OtyOssE08LsCj6IZdpVAXr5DK55gC4hu2CHulLvDr2EkbrqhF206mc-HCQ3_HVQErVWxLeJGnXaCEq&sai=AMfl-YRTJtUaT1Oin0jTyWJlhFtOop7__cg1LrO7OWbFhZNTWuRg9hqYO-7RTDoRgxHv7241IVkZUgT00vr7MVaZ1dS-Wln0WwUULMBB4g&sig=Cg0ArKJSzK0zkjsI3HOZEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 19 May 2023 07:08:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5E15 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJ3zunCMNF48NDUgq8WHSFHPY3puMcRoHFsAbXhGEwHJSH9r_MqTSGLMbYPh_dzCfntLXwztwTwkegsiE3bck01hPkD9YpEWUArit2jBHpZClJ0z5IY5GhHUj3EJxpXsPIfZZwpQtLHg2984LTWZaLDGqJgJPIkIfWv-3oFlMd3X2kxosAk6YUc-SjoCQm7v2KLcJiBOBLiAGo8GO8L_KRa92rqrurOw0ujH58ST1XrAYPITrHgloTfLu-iyiyDPvD9TXzBmUbsP8w1wSCkDSJxzC4zJ2PZG-RLn_FY7PJsL-HmxbYytdIAt6mie2t8sNWMNTQIijwVNPEdoM_mPq3qJmudEaMpXgigPzEVqqjlz546w&sai=AMfl-YTLhwqihYRJTeH7esta8KLWZaFB8YKzAjsJbvy5oV2Zuwfl_e_qky7OWIv8RzFXgyEMDE-gdqCNJay82MdiW3OXMmQG1zp4kqntOA&sig=Cg0ArKJSzPudz_-CWCuPEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 19 May 2023 07:08:18 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AF32 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuitVSG059TAHQ58wDjmAomPMJNspFmAVDdrRVlPqPJJZYeNhYDaMOxWUohLckaQvWuMFqYEGuyuDop2cbAQZmqf2C7mpYosZJkxZqq186lvLf7EFwBm3t042bax_OZGuzAncP6pb7W8NdUBJJrgd6A6w2RZa_OvI5cv-NtNWMW_KJEJcY0IJk_AQtFx5O-B92dnPhIcAur_auPGoWuQDSHb6eM6q_5YOAN5lqnPfmBakuAK-9TXLNIwG7Q2-aIYaqXzeXHp7p1gMHvWqFM9TObwe2Kd-XAMIP_8cIeijvGqwcjvIH4vKLJ5ziIrNAjJsjF3LG58Np7lVoswgzPubwTgOL2we96tU69&sai=AMfl-YR8cL7zYdqMZJ-alSf6M2uIykxNrn7RUpFjx36Jp_iGl2eXhThUNPw-oDB8o3RoP3DQTx4tpZxKfNfiaxx8xZVauotal-dfDVw8hA&sig=Cg0ArKJSzOkr_Ix6JahNEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 19 May 2023 07:08:18 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1385 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsut9h9Wq2rw13oO2Lx7SG6AG82aERACCSf9mjcvc5lpoWvnLCQYGCNXFQOTXzcyxuObI7YUpscYSysJvYX8wvCZSslJL_4WOhMvzgbqr7-1BZfvSogLKaxnUktJ3CgrWnvHDXD-yZRdDJPlwKv4wTXUTTzmc2M7fpopuaUV3OA1Oc2uCYNHjE_6MV7rWpISg3U4gLzEGWBnQF_mhRNiOlYOp5TIK2aoZH6tjJm1GFlnsGuU80v7bEIwHnwEnVnNp1Vh4snQAG6ztZ7z5wPCM0ud7WQEWjA0-eedab_21nEqVzq8jR4njvLpNdFScw9tkTGGx8P_WYgWh-TntnA8BA9XNLtaAJ4g6-pr575a&sai=AMfl-YS3uX0Lv2DM-t-T_7Sv0fJS1AqpiyLJNSHit3TR-W4-dGzq81HTRhS0lqqixsqtEjxkmLEv7sxymuOVb8jk-j7DPIIym38MVgi2CQ&sig=Cg0ArKJSzDEZvJjZUbNSEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com
URL: https://7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 app.js Show response
servedbyadbutler.com/ Frame 1385 67 KB
13 KB 15ms
15ms Script
application/javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/app.js
Requested by: Host: 7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com
URL: https://7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Weng, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 7d9b7ee9ae860b2f27e08578dacc166269ab838417994fb62c568ff40245b5a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:18 GMT
content-encoding: gzip
last-modified: Fri, 17 Mar 2023 20:55:24 GMT
server: nginx
etag: W/"6414d3bc-10c8e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
expires: Fri, 19 May 2023 07:38:18 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame A73B 443 B
578 B 139ms
25ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_130291079235&jsTagObjCallback=__tagObject_callback_130291079235&num=6&ctx=15627557&cmp=29914643&plc=367016469&sid=1854396&advid=&adsrv=&unit=300x250&isdvvid=&uid=130291079235&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.70&dvpx_strhd=0.70&brid=3&brver=113&bridua=3&dup=null&chro=1&hist=2&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=14&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEATbpTauTau4JE%4052J%5D6FTauU2%3F4r92%3A%3Fl9EEATbpTauTau4JE%4052J%5D6FTar9EEADTbpTauTauHHH%5DE%40E96%3E2%40%3F%3D%3A%3F6%5D4%40%3ETar9EEADTbpTauTauHHH%5DE%40E96%3E2%40%3F%3D%3A%3F6%5D4%40%3EU42%3FFC%3D9EEADTbpTauTauHHH%5DE%40E96%3E2%40%3F%3D%3A%3F6%5D4%40%3ETau&dvp_exetime=9.70&callbackName=__verify_callback_130291079235
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: eab318acc227a771f553c3cb6b26cc33b8559c776d99d1e48f298c633b53fc4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 May 2023 07:08:18 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 05/18/2023 07:08:18

GET
H2 200 ;libID=3804681
servedbyadbutler.com/getad.img/ Frame AEC9 89 KB
90 KB 11ms
11ms Image
image/jpeg 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/getad.img/;libID=3804681
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Weng, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 55922f1ce7500f39badcddf63c408a0afd332596973c424db417ca2cff2beb7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:18 GMT
last-modified: Fri, 07 Apr 2023 10:33:22 GMT
server: nginx
etag: "642ff172-165ee"
content-type: image/jpeg
access-control-allow-origin: https://www.tothemaonline.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="728x90px.jpg"
accept-ranges: bytes
content-length: 91630
expires: Sat, 18 May 2024 00:08:18 PDT

GET
H2 200 614dde080b28840562bdf39b Show response
c.bannerflow.net/a/ Frame FEE8 70 KB
24 KB 67ms
29ms Script
application/javascript 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/a/614dde080b28840562bdf39b?did=5d7106ae39d71e0001cd1b66&deeplink=on&responsive=on&redirecturl=http%3A%2F%2Fgml-grp.com%2FC.ashx%3Fbtag%3Da_162b_1283c_%26affid%3D162%26siteid%3D162%26adid%3D1283%26c%3D%26MediaID%3D2734%26IsAd%3D1%26IAref%3Dhttps%253A%252F%252Fwww.tothemaonline.com%252F%26asclurl%3D
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba1a0e0df408b04fbb403728881beac0b4920e090a9766d119e4d0cd291a3f19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gml-grp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:18 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 19 May 2023 06:13:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, s-maxage=10
cf-ray: 7c9a820588da9bc8-FRA
request-context: appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb

GET
H2 200 614dde080b28840562bdf39f Show response
c.bannerflow.net/a/ Frame 6457 71 KB
24 KB 52ms
32ms Script
application/javascript 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/a/614dde080b28840562bdf39f?did=5d7106ae39d71e0001cd1b66&deeplink=on&responsive=on&redirecturl=http%3A%2F%2Fgml-grp.com%2FC.ashx%3Fbtag%3Da_162b_1288c_%26affid%3D162%26siteid%3D162%26adid%3D1288%26c%3D%26MediaID%3D2739%26IsAd%3D1%26IAref%3Dhttps%253A%252F%252Fwww.tothemaonline.com%252F%26asclurl%3D
Requested by: Host: cytoday.eu
URL: http://cytoday.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1406f6297454b53a52b9c0bbe9cfe4f2c33140d8412bd09f476a1d30640db5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gml-grp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:18 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 19 May 2023 06:13:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, s-maxage=10
cf-ray: 7c9a820588dd9bc8-FRA
request-context: appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb

GET
H3 200 index_atlas_1.png
delivery.ced.cy/www/images/a6780b9224a783e89f128287d9845d3b/images/ Frame 9850 73 KB
74 KB 17ms
16ms Image
image/png 2606:4700:3032::6815:a86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.ced.cy/www/images/a6780b9224a783e89f128287d9845d3b/images/index_atlas_1.png?1681887563950
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:a86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 1440161293ce33c442515ed461c992565084664fac9e70ccce8882dbfe8e2b8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://delivery.ced.cy/www/images/a6780b9224a783e89f128287d9845d3b/index.html?clickTag=https%3A%2F%2Fdelivery.ced.cy%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D4724%26zoneid%3D3775%26sig%3D37540a9b8555e39f6b0359ecda3bfe6800847eeaaf4172979ce8dae74ca2fe7a%26oadest%3Dhttps%253A%252F%252Fwww.hellenicbank.com%252Fel%252Fpersonal%252Fpersonal%252Fconsumer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3829
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74836
last-modified: Thu, 04 May 2023 14:24:41 GMT
server: cloudflare
etag: "6453c029-12454"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzP0dJMIAhTDL6PNeN35CiBSCN8tVY0KNkgeQARe3OrsMxwLNKJKD%2FBeKeYIaKzyxYsZRpQKWYSEBJgWY5S5PLhEqeD%2FQcGNZ7C07jrZHMUSRtA1%2BTR5gqYItkJb7TJvY%2BoYonB8qQxVwYa4B%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7c9a8205796c6925-FRA

GET
H3 200 lg.php
delivery.ced.cy/www/delivery/ Frame 1C57 43 B
673 B 36ms
36ms Image
image/gif 2606:4700:3032::6815:a86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.ced.cy/www/delivery/lg.php?bannerid=4724&campaignid=1018&zoneid=3775&loc=https%3A%2F%2Fwww.tothemaonline.com%2F&referer=https%3A%2F%2Fwww.tothemaonline.com%2F&cb=8fbbe561ee
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:a86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33, PleskLin
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 07:08:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33, PleskLin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqJOU4JxxN0CdgLMdVClxACGe0cSLsqaTXvAdDyRTGixxLyZl7Bq%2BTO1Ju6BqQoXHAwQeWgIbwZavl4ouE2LRaxJabEsi2aFbXNK9Ur7ghhlwh29U9VcHo5lvUGkljmz5UDTuFyuT0B7FJZYlQ0%3D"}],"group":"cf-nel","max_age":604800}
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7c9a8205796f6925-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H3 200 index_atlas_1.png
delivery.ced.cy/www/images/11325a97188551ed795002a67d987b12/images/ Frame FDC6 84 KB
85 KB 20ms
19ms Image
image/png 2606:4700:3032::6815:a86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.ced.cy/www/images/11325a97188551ed795002a67d987b12/images/index_atlas_1.png?1681895173675
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:a86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 40c8e9c5196b1f893074eb54a6e605b742972ef2fe8ffca25e853739e0c59226

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://delivery.ced.cy/www/images/11325a97188551ed795002a67d987b12/index.html?clickTag=https%3A%2F%2Fdelivery.ced.cy%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D4726%26zoneid%3D3776%26sig%3D0e8ef3be333ae73bd65aa09fff9e01390ed88997ef4c03a6d6970111f100a587%26oadest%3Dhttps%253A%252F%252Fwww.hellenicbank.com%252Fel%252Fpersonal%252Fpersonal%252Fconsumer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 676
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 86352
last-modified: Mon, 08 May 2023 07:29:31 GMT
server: cloudflare
etag: "6458a4db-15150"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oCblftfcxZQ%2FdjeZCYFs6kAoz2D9BAWZsWv4SVME6pub0kEO9ahn8ZMvboFRNeGYfzXfaToyZwDzfYc3bPL3VwYQf8cn30VilwBztwNpxA%2BfOJ44YaKqocUerMwwDygUQRKC8cWd5RtWqcAZ9X4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7c9a820579716925-FRA

GET
H3 200 lg.php
delivery.ced.cy/www/delivery/ Frame AF32 43 B
674 B 41ms
40ms Image
image/gif 2606:4700:3032::6815:a86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.ced.cy/www/delivery/lg.php?bannerid=4726&campaignid=1018&zoneid=3776&loc=https%3A%2F%2Fwww.tothemaonline.com%2F&referer=https%3A%2F%2Fwww.tothemaonline.com%2F&cb=7edcae18f3
Requested by: Host: www.tothemaonline.com
URL: https://www.tothemaonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:a86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33, PleskLin
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 07:08:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33, PleskLin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MzNhw2oalirsMVHrcz1sr8OkUjZLd0AdQFvmBH%2Fbhnaomct32c3eVOZhmR3cU%2FyWa9gK0oO2HbeV%2Fa5X1B7eB7hnMm%2BbdX0DOqQ4aOXvJdlbQj3lOBTgeeFBtrhIjLhu7B1haZlTPcRKcTU3jyc%3D"}],"group":"cf-nel","max_age":604800}
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7c9a820579726925-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 200 ;ID=167774;size=300x250;setID=201432;type=async;domid=placement_201432_0;place=0;pid=9853926;sw=1600;sh=1200;spr=1;rnd=9853926;referrer=http%3A%2F%2Fcytoday.eu;click=CLICK_MACRO_PLACEHOLDER Show response
servedbyadbutler.com/adserve/ Frame 1385 709 B
782 B 17ms
15ms Script
application/javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://servedbyadbutler.com/adserve/;ID=167774;size=300x250;setID=201432;type=async;domid=placement_201432_0;place=0;pid=9853926;sw=1600;sh=1200;spr=1;rnd=9853926;referrer=http%3A%2F%2Fcytoday.eu;click=CLICK_MACRO_PLACEHOLDER

Requested by

Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

116.202.46.88 Weng, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88.46.202.116.clients.your-server.de

Software

nginx /

Resource Hash

fd4011fad5768e3e0acc913d90766c9cc5654c1a2952fb601195d29b1423b316

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 07:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
content-type: application/javascript
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AEC9 0
0 44ms
43ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzKvnf5bfA6vqAvvnjLNcCUsRwdR_X8845SQLzAactZHVCW97ARPWc25wCpqyhmg8cCLXGW7TcCiYaodplBZuQDWxf_1jYrNSqVCmgtuCwz2OYt-qxJRpe8QYyp6jsN-JHYAFBj_Yf3MB5E8KDJFpl2fdy4PSpTv-ts9Mn7rBYdyNvZrLs78IAn8H2Vc85dHic0-lWGGKoyv3tP7TbtVRLSM55ZMYbi0Ip1hDD-X3Kdyaw9SmubV7-YXGlZ2kH6DgZRzFaNKqCV-iB34xG_ALeVOGIBaj4CZiEb6NVJW4l8rnBqSahXx8oAc07ZF4IHStcyckayErInqNa456eT77ke1pqYwMfj3vo&sai=AMfl-YSicNVxLhaDRNXYevFaZgjLYVxmPfI1F-Eipe7QhtAlf_4E7gjqumYFGW_DRw1ygadLxr4BqkqKpO1fBZcZpfBhse3gVyI5cgZV7A&sig=Cg0ArKJSzE0aw4NgdnPaEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 19 May 2023 07:08:18 GMT

GET
H2 200 ;libID=3804677
servedbyadbutler.com/getad.img/ Frame 1385 45 KB
45 KB 13ms
12ms Image
image/jpeg 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/getad.img/;libID=3804677
Requested by: Host: 7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com
URL: https://7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Weng, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 99012590044da8494dd3b3f1d629a9c144ba85b33126137be520d7b6b0a030ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:18 GMT
last-modified: Fri, 07 Apr 2023 10:30:19 GMT
server: nginx
etag: "642ff0bb-b3e6"
content-type: image/jpeg
access-control-allow-origin: https://7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="300x250px.jpg"
accept-ranges: bytes
content-length: 46054
expires: Sat, 18 May 2024 00:08:18 PDT

GET
H2 200 webPushIframe Show response
tothemaonline.onesignal.com/ Frame 9FB9 493 B
440 B 38ms
17ms Document
text/html 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tothemaonline.onesignal.com/webPushIframe

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

447b38898396de8e8628a7f0744d08d490fd424073cb425043c3bbc74bf76a03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tothemaonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2687
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7c9a8205cec603d0-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 19 May 2023 07:08:18 GMT
expires: Fri, 19 May 2023 08:08:18 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 064b5e4b-f90d-4045-9ebf-7123690cf5c2
x-runtime: 0.011336
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1385 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNaz6hxsYvYWsQLikrGMXq_qSFnPJYc95fqm4mFVZmWcUJLwuIr3Oq3poF-RNVK6RQGkD7CqAYKnc4dy6pnBL9b_kbo4s-AShK5BKuW54rhhvE9e9OoXkXRxdzA8DgNlI2_nz13nSDk-LoO8j5N4KBmy3IEuFcgSRsLYbCB_ixJFzsmQdUQQUeB-3pQzWlWFiId_U8NQXsn9UDRq23h3N14ihu4MF-7_fdbhaq4BQaCQPNLYMOGtA1a0gFJpDAoRYAPuKfqzTRqfiC4Idl8y12qstbC2TMjaTLW0RNbrbWFH_OgRFsQj4zjoRU8C9JCpPC2GnznZQ4o0p2f57WlVrPimFetVAB7VxlvIe8wTA&sai=AMfl-YSsHMxVgv2Cen-0Xg_-2LKXJAJV5PNqroPKAJVm6dLiRhHi1O4stFOe-j5NOLeLDD0Q4J4Y1X_HMOhJ_DKwrTkAIrzddILuQ8PyDw&sig=Cg0ArKJSzP7AqmmJMfEzEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 19 May 2023 07:08:18 GMT

GET
H2 200 preload.jpg
c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/published/3955892/5084485/ Frame FEE8 7 KB
7 KB 12ms
12ms Image
image/jpeg 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/published/3955892/5084485/preload.jpg
Requested by: Host: gml-grp.com
URL: https://gml-grp.com/I.ashx?btag=a_162b_1283c_&affid=162&siteid=162&adid=1283&c=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 204c986c99f90e619656d950ac23720e1e332550db48ab9df1876adfc334d1c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gml-grp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 May 2023 07:08:18 GMT
cf-cache-status: HIT
age: 468959
content-length: 7163
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Mon, 13 Mar 2023 08:05:31 GMT
server: cloudflare
etag: "0x8DB2399B719ECAC"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: a8ac1176-101e-007e-33dc-857d61000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
accept-ranges: bytes
cf-ray: 7c9a8205e97f9bc8-FRA

GET
H2 200 preload.jpg
c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/published/2944555/6126359/ Frame 6457 10 KB
10 KB 13ms
13ms Image
image/jpeg 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/published/2944555/6126359/preload.jpg
Requested by: Host: gml-grp.com
URL: https://gml-grp.com/I.ashx?btag=a_162b_1288c_&affid=162&siteid=162&adid=1288&c=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6a3f28a2cdb9332898e204fdab067a7ae3097a79c396c7d1add14b67afcbf9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gml-grp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 May 2023 07:08:18 GMT
cf-cache-status: HIT
age: 243003
content-length: 10198
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Tue, 16 May 2023 11:36:58 GMT
server: cloudflare
etag: "0x8DB5601DBC1FE9B"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 92cfd5be-801e-000e-64ea-87c496000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
accept-ranges: bytes
cf-ray: 7c9a8205f98f9bc8-FRA

GET
H3 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ Frame 9FB9 9 KB
3 KB 18ms
17ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: tothemaonline.onesignal.com
URL: https://tothemaonline.onesignal.com/webPushIframe

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tothemaonline.onesignal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:18 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2552
etag: W/"06f50014011c1fcd9e21b6b0481979de"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7c9a8205fcce366e-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 22 May 2023 07:08:18 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-ew1.doubleverify.com/ Frame A73B 0
234 B 33ms
15ms Ping
text/plain 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-ew1.doubleverify.com/bsevent.gif?flvr=0&impid=4c9f1f863aab428a96cdcd0f188cf9cd&vfdur=140&cbust=1684480098248426
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 19 May 2023 07:08:18 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 05/18/2023 07:08:18

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A73B 0
0 46ms
46ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuopkPvzv6R1fcEhQKIBCC8U1SwMshM3Auvit8nlhcYrSRDtmA06225-uuzmnUgKLhUXU6QG4X57z2IyUt_QV8bwonFzFOGypN1AdEN_gqtS-9xVN4mJAST9JjTwDiBF8b6Ulv-GfPyFSrzD-qDBZ9744zAzdGTlDe8jQAm8SLuQAwlT69m2WFFS8zsqWIy8tP3OEmaAg8j8zJ4t54drgM6iKVog1KhxEQI7IKC7oVG5kRPGnoHxKh9iD3TgviOwSYExvlPv-kIA9KbKB-cx87cq7BcBXjKt4nLKfd-vuIkCmJ9kiDVhzUezG2QCPh1DzXF96IZ1f5ews4ShGoF5HTjWTx7hMO406vgMkMoZJOsTJcBcg&sai=AMfl-YQ5RTFCnUQp52sq5359DH9ZN6t7YjjURHY-ybL-9QvG8dPpYHY9XJJhyFZ9q81dXnAyqdX5ZmE53BXRzTLicZxDybFMu6zHSjELNA&sig=Cg0ArKJSzP38nHdQgyUHEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 19 May 2023 07:08:18 GMT

POST
H2 200 /
c.bannerflow.net/tr/v2/pixel/ Frame FEE8 0
81 B 27ms
26ms Ping
text/plain 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel/
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/614dde080b28840562bdf39b?did=5d7106ae39d71e0001cd1b66&deeplink=on&responsive=on&redirecturl=http%3A%2F%2Fgml-grp.com%2FC.ashx%3Fbtag%3Da_162b_1283c_%26affid%3D162%26siteid%3D162%26adid%3D1283%26c%3D%26MediaID%3D2734%26IsAd%3D1%26IAref%3Dhttps%253A%252F%252Fwww.tothemaonline.com%252F%26asclurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gml-grp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 19 May 2023 07:08:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7c9a82064a019bc8-FRA
content-length: 0
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

POST
H2 200 /
c.bannerflow.net/tr/v2/pixel/ Frame 6457 0
33 B 38ms
38ms Ping
text/plain 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel/
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/614dde080b28840562bdf39f?did=5d7106ae39d71e0001cd1b66&deeplink=on&responsive=on&redirecturl=http%3A%2F%2Fgml-grp.com%2FC.ashx%3Fbtag%3Da_162b_1288c_%26affid%3D162%26siteid%3D162%26adid%3D1288%26c%3D%26MediaID%3D2739%26IsAd%3D1%26IAref%3Dhttps%253A%252F%252Fwww.tothemaonline.com%252F%26asclurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gml-grp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 19 May 2023 07:08:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7c9a82065a119bc8-FRA
content-length: 0
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ Frame 9FB9 284 KB
68 KB 30ms
30ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tothemaonline.onesignal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:18 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2552
etag: W/"2cf94922e2d551e8dc7c38c022a9a3ca"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7c9a82065d6c366e-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 22 May 2023 07:08:18 GMT

GET
H3 200 web Show response
onesignal.com/api/v1/sync/deac3b01-432a-498f-b6a7-3a0b55325fe9/ Frame 9FB9 3 KB
2 KB 17ms
17ms Script
text/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/deac3b01-432a-498f-b6a7-3a0b55325fe9/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f34a3ad42d6d8666f875af08ad86fd1c6072b0b5fb8ae1fc297d69214b6c01d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tothemaonline.onesignal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:18 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 608
cf-polished: origSize=3459
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 2ff3bf06-b69a-4003-a108-c2956184dcf1
x-runtime: 0.023768
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"9c840cf877f873ff02767b2bc0f47486"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 7c9a8206add0366e-FRA
access-control-allow-headers: SDK-Version
expires: Fri, 19 May 2023 08:08:18 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 662B 14 KB
11 KB 60ms
59ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230515&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae9ae9fe2a341d86f61075608bf31952985877340c644422da455d820e36abf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11093
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 662B 17 KB
6 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 May 2023 07:08:18 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 23DC 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tothemaonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 46974
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 18:05:24 GMT
expires: Fri, 17 May 2024 18:05:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B1C0 783 B
535 B 17ms
17ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

52f7b0b4410320d302822641a5f2532ed35374bca322b0a077373635a6dfe04d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fB6usEVF8pS06gSCm_VYEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tothemaonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-fB6usEVF8pS06gSCm_VYEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 07:08:18 GMT
expires: Fri, 19 May 2023 07:08:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js Show response
pagead2.googlesyndication.com/bg/ Frame 23DC 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 11:07:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 May 2024 11:07:22 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B1C0 0
0 41ms
40ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230515&jk=4158685256257974&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 23DC 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?mFOLjg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 662B 0
0 46ms
46ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230515&jk=4158685256257974&bg=!trWlteHNAAYldGN0BXQ7ADkAdvg8Wt3gslMCLJ1L7ypgGSJ5uxEgLxJlIkjvO6WNjFfKLi2x4IjBVhNJdGnP_S-yB473vhOYtWcCAAAAYFIAAAAEaAEHmQK-n-6Gd3QTxYL0c8kNH3UZVVW5CfSBYhCgG9RKftmxotrUu_k9LS_kQJW6gg-WeJx_8xck4PNhEjUrWy-1z2pahKx0uMk9RQD8Jyb4K76e4y87S89grfXcSOVuvPpgLB0S-TJeOKxwlgJQOWpnVy6UqVmVwteFCZzZL4t4M75Ze0y212AWypUJkgGpyGoe9pQofgGKhF6mAgCtbCBRU5U9KeKgn4_l9QuA3fayxEMvJXvnM5DLXwIxDBS_PH69cqnBiZHXNxoI-YvPwc0M_rYaPkBiRHeSpq39CnifBL2mn1WUoQpkEmNCmlFNytM8L_eHs7TNsVasjQ6Z1CbzscztDW12AGZMiYzmRNFL9Xg6Sxp_zSD03taKUILSGRXpZwugUj8Ffhln4qf5oCoX7EfjFyNe1xIRc4_Y-tWaJw-kvCinYnibebcXoMe7pcUtZyfU3OVz_eQGdbF6Sn9TtYLkj8cw1q2DOQ1OJogaE7Hv3RChHQWg0LWdmXVhveXTZy0Lvz5DrpLOTY7fOSW9pToEBwq81fVjhqL3_SdzVlYJbKlrgqApAzPjsSedf09TllJHhIDDHsM5nNQ8pYTXQWQj8JSdU02uxtAMoo5UImmGPOTU9osTXivccZUDarDDE_oT2ZOlJholorTS6snoms2AqaOiV5Y35mEbow_1y_GGeynPzvRw3R-A8iJudoFUWfQRkx7b6IAfQNE5EFRjLOoS23mIQpA-e6EkbGXYrfPNXGLn1N3qFwyZ4LZWNLj-F--CoPQ2NIsp_6n7IyoBK-DYNjXNadg_QLoDJfH0AJ5Wtwh1-mH9VNRVx_qiqz6XZZmbBZT3wp5N1yP5c3nOVC-ZuTJqFDsRDKPV2o6uoNjW-4MklAWdoyKZAI_1ZrbdYAjQObno-lcQ7HqCFL0KA8czPqC5hSOk9cEjlNmSc2Zg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tothemaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 200 widget.e41a0c4132970d505cc8.js Show response
c.bannerflow.net/scripts/ Frame FEE8 20 KB
7 KB 16ms
14ms Script
application/javascript 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/widget.e41a0c4132970d505cc8.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/614dde080b28840562bdf39b?did=5d7106ae39d71e0001cd1b66&deeplink=on&responsive=on&redirecturl=http%3A%2F%2Fgml-grp.com%2FC.ashx%3Fbtag%3Da_162b_1283c_%26affid%3D162%26siteid%3D162%26adid%3D1283%26c%3D%26MediaID%3D2734%26IsAd%3D1%26IAref%3Dhttps%253A%252F%252Fwww.tothemaonline.com%252F%26asclurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be1d882665dbe8315c44ea23b1ef040acee463dbc2df107f77909afa4ec72142

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gml-grp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 May 2023 07:08:19 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: nZPaCeepSHMZbbh+xShfnA==
age: 3119274
cf-polished: origSize=20123
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Tue, 07 Mar 2023 10:29:01 GMT
server: cloudflare
etag: W/"0x8DB1EF6C4FEC22F"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6cdc4a26-701e-0025-41c2-6d445a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7c9a820c29309bc8-FRA

GET
H2 200 feed.ac107082df06007ec521.js Show response
c.bannerflow.net/scripts/ Frame FEE8 5 KB
3 KB 15ms
13ms Script
application/javascript 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/feed.ac107082df06007ec521.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/614dde080b28840562bdf39b?did=5d7106ae39d71e0001cd1b66&deeplink=on&responsive=on&redirecturl=http%3A%2F%2Fgml-grp.com%2FC.ashx%3Fbtag%3Da_162b_1283c_%26affid%3D162%26siteid%3D162%26adid%3D1283%26c%3D%26MediaID%3D2734%26IsAd%3D1%26IAref%3Dhttps%253A%252F%252Fwww.tothemaonline.com%252F%26asclurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e59e11845d0bb2a6aef1777b9a763f0970e609a16f4967614451b84913556eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gml-grp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 May 2023 07:08:19 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: qmBi7t8dubW0rznrBiyB8A==
age: 6381538
cf-polished: origSize=5175
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Mon, 06 Mar 2023 09:10:27 GMT
server: cloudflare
etag: W/"0x8DB1E22A0CC5F3F"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6193e311-501e-0050-7116-502f76000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7c9a820c29349bc8-FRA

GET
H2 200 document.000000C7C5FE55.js Show response
c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/published/3955892/5084485/ Frame FEE8 144 KB
27 KB 18ms
17ms Script
application/javascript 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/published/3955892/5084485/document.000000C7C5FE55.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/614dde080b28840562bdf39b?did=5d7106ae39d71e0001cd1b66&deeplink=on&responsive=on&redirecturl=http%3A%2F%2Fgml-grp.com%2FC.ashx%3Fbtag%3Da_162b_1283c_%26affid%3D162%26siteid%3D162%26adid%3D1283%26c%3D%26MediaID%3D2734%26IsAd%3D1%26IAref%3Dhttps%253A%252F%252Fwww.tothemaonline.com%252F%26asclurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 632d5260b6a50807420fd4cb09e1c39bde45cd9fe380a04c9d2590c8d01509cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gml-grp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 May 2023 07:08:19 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: OiYk+6VJcJgWiiTb+Q1EAA==
age: 468959
cf-polished: origSize=159299
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Mon, 13 Mar 2023 08:05:33 GMT
server: cloudflare
etag: W/"0x8DB2399B83222F1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1a6b5b0a-501e-0032-79dc-85ed51000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7c9a820c29359bc8-FRA

GET
H2 200 animated-creative.0d17da23618f24b974cb.js Show response
c.bannerflow.net/scripts/ Frame FEE8 156 KB
53 KB 17ms
17ms Script
application/javascript 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/animated-creative.0d17da23618f24b974cb.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/614dde080b28840562bdf39b?did=5d7106ae39d71e0001cd1b66&deeplink=on&responsive=on&redirecturl=http%3A%2F%2Fgml-grp.com%2FC.ashx%3Fbtag%3Da_162b_1283c_%26affid%3D162%26siteid%3D162%26adid%3D1283%26c%3D%26MediaID%3D2734%26IsAd%3D1%26IAref%3Dhttps%253A%252F%252Fwww.tothemaonline.com%252F%26asclurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb6cef3eb76ec26c8bb8cb59e1ccf16d2facd9a1c387978948ce98664d2ca71f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gml-grp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 May 2023 07:08:19 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: Gq90Z8yQaZwoZjD0SNt4Ow==
age: 1865077
cf-polished: origSize=159436
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Tue, 07 Mar 2023 10:29:01 GMT
server: cloudflare
etag: W/"0x8DB1EF6C4EBD802"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 542ba855-701e-00a3-1e2a-7988e3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7c9a820c293c9bc8-FRA

GET
H2 200 document.0000002D96156F.js Show response
c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/published/2944555/6126359/ Frame 6457 34 KB
7 KB 19ms
18ms Script
application/javascript 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/published/2944555/6126359/document.0000002D96156F.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/614dde080b28840562bdf39f?did=5d7106ae39d71e0001cd1b66&deeplink=on&responsive=on&redirecturl=http%3A%2F%2Fgml-grp.com%2FC.ashx%3Fbtag%3Da_162b_1288c_%26affid%3D162%26siteid%3D162%26adid%3D1288%26c%3D%26MediaID%3D2739%26IsAd%3D1%26IAref%3Dhttps%253A%252F%252Fwww.tothemaonline.com%252F%26asclurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad2b3ba09f156ae62e460776184bf7885c1ab3e9cabd9b049ec8a71e0f415685

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gml-grp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 May 2023 07:08:19 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: klaW9l/OevdNbFsFvEMiSA==
age: 243003
cf-polished: origSize=39205
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Tue, 16 May 2023 11:37:00 GMT
server: cloudflare
etag: W/"0x8DB5601DCB96949"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ffb626f8-501e-00a4-07ea-87e480000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7c9a820c39439bc8-FRA

GET
H2 200 animated-creative.322e55c9365620f3a62c.js Show response
c.bannerflow.net/scripts/ Frame 6457 156 KB
53 KB 20ms
19ms Script
application/javascript 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/animated-creative.322e55c9365620f3a62c.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/614dde080b28840562bdf39f?did=5d7106ae39d71e0001cd1b66&deeplink=on&responsive=on&redirecturl=http%3A%2F%2Fgml-grp.com%2FC.ashx%3Fbtag%3Da_162b_1288c_%26affid%3D162%26siteid%3D162%26adid%3D1288%26c%3D%26MediaID%3D2739%26IsAd%3D1%26IAref%3Dhttps%253A%252F%252Fwww.tothemaonline.com%252F%26asclurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56ce92887c108586bf63058a06f051e957f58936396e829d5fddeb59dbab0e59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gml-grp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 May 2023 07:08:19 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: juPt1GbRx23XCKIRo1MiKA==
age: 685722
cf-polished: origSize=159689
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Thu, 11 May 2023 08:35:06 GMT
server: cloudflare
etag: W/"0x8DB51FA9F714A4E"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 519b5b89-b01e-0083-3ae4-83f344000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7c9a820c39459bc8-FRA

GET
DATA 200
OK truncated
/ Frame FEE8 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/webp

GET
BLOB 200
OK cd0a9afb-56d6-4d7d-afe2-c2ed743d251b Show response
https://gml-grp.com/ Frame 33F1 668 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://gml-grp.com/cd0a9afb-56d6-4d7d-afe2-c2ed743d251b
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.0d17da23618f24b974cb.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length: 668
Content-Type

GET
DATA 200
OK truncated
/ Frame 6457 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/webp

GET
BLOB 200
OK be11337a-fd61-44d4-801a-790a39b1aaaa Show response
https://gml-grp.com/ Frame 1920 668 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://gml-grp.com/be11337a-fd61-44d4-801a-790a39b1aaaa
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.322e55c9365620f3a62c.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length: 668
Content-Type

GET
H2 200 63d8f9d5144978874a1ea15c.json Show response
c.bannerflow.net/sfeeds/5e317daec4d26a13444955b1/ Frame FEE8 4 KB
1 KB 71ms
54ms Fetch
application/json 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/sfeeds/5e317daec4d26a13444955b1/63d8f9d5144978874a1ea15c.json
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/feed.ac107082df06007ec521.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1de58c495de3ede0aba0622b17e1b0e045e09dcdf21bd26f0494c79c89322962

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gml-grp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:19 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 19 May 2023 07:08:00 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=15, stale-if-error=28800, stale-while-revalidate=28800
cf-ray: 7c9a820f5ca49bd4-FRA
request-context: appId=cid-v1:ab2f42fc-6a35-4ceb-b810-86e88366fb0b

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 6457 4 KB
4 KB 18ms
13ms Font
font/woff 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2Ff3fb295b-06f3-4992-95f5-f613b3a7e00a.woff&t=%20%2101o%CE%91%CE%93%CE%95%CE%97%CE%99%CE%9D%CE%9F%CE%A1%CE%A6%CE%A7%CE%AC%CE%AD%CE%AF%CE%B1%CE%B4%CE%B5%CE%B9%CE%BA%CE%BB%CE%BC%CE%BD%CE%BF%CF%80%CF%81%CF%83%CF%84%CF%85%CF%86%CF%87%CF%89%CF%8D
Requested by: Host: gml-grp.com
URL: https://gml-grp.com/I.ashx?btag=a_162b_1288c_&affid=162&siteid=162&adid=1288&c=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee7fcd9774648b1ad4c3f626c5f14d11665c5b2cc1677a1aaa020cb12991337f

Request headers

Referer: https://gml-grp.com/
Origin: https://gml-grp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:19 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Apr 2023 04:41:26 GMT
server: cloudflare
age: 3119213
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=f3fb295b-06f3-4992-95f5-f613b3a7e00a-subset.woff
cf-ray: 7c9a820f4ca29bd4-FRA
expires: Fri, 12 Apr 2024 04:41:26 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 6457 11 KB
11 KB 14ms
14ms Font
font/woff 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2F12277ada-0667-42ba-a007-0836e523ef8a.woff&t=%0A%20%2B.18ABCEFGILMNORSVWY%7C%CE%91%CE%94%CE%95%CE%97%CE%98%CE%99%CE%9C%CE%9D%CE%9E%CE%9F%CE%A0%CE%A1%CE%A3%CE%A4%CE%A5
Requested by: Host: gml-grp.com
URL: https://gml-grp.com/I.ashx?btag=a_162b_1288c_&affid=162&siteid=162&adid=1288&c=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ad65b157ec84a7fbbce6d43047679566979178399d31aa60db37b9c1bcd7d6c

Request headers

Referer: https://gml-grp.com/
Origin: https://gml-grp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:19 GMT
cf-cache-status: HIT
last-modified: Sat, 13 May 2023 13:05:01 GMT
server: cloudflare
age: 496998
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=12277ada-0667-42ba-a007-0836e523ef8a-subset.woff
cf-ray: 7c9a820f9ce49bd4-FRA
expires: Sun, 12 May 2024 13:05:01 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame FEE8 24 KB
24 KB 13ms
12ms Font
font/woff 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2F5d6666bb-a1c9-4a8c-893d-c33c89639940.woff&t=%20%28%29%2B.01238%3AABEGILNORUXabcefgilmnorsvwy%7C%CE%8F%CE%91%CE%93%CE%95%CE%97%CE%9C%CE%A0%CE%A1%CE%A3%CE%A5%CE%AC%CE%AE%CE%AF%CE%B1%CE%B2%CE%B4%CE%B5%CE%B8%CE%B9%CE%BA%CE%BC%CE%BD%CE%BE%CE%BF%CF%80%CF%81%CF%82%CF%83%CF%84%CF%85%CF%8C%CF%8D
Requested by: Host: gml-grp.com
URL: https://gml-grp.com/I.ashx?btag=a_162b_1283c_&affid=162&siteid=162&adid=1283&c=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 912a5cee598c9a445c0b8724fa223965f9cec2f532f33fddf8d3aee8add75a39

Request headers

Referer: https://gml-grp.com/
Origin: https://gml-grp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:19 GMT
cf-cache-status: HIT
last-modified: Thu, 18 May 2023 19:09:30 GMT
server: cloudflare
age: 43129
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=5d6666bb-a1c9-4a8c-893d-c33c89639940-subset.woff
cf-ray: 7c9a82100d449bd4-FRA
expires: Fri, 17 May 2024 19:09:30 GMT

GET
H2 200 895658b0-c240-4ea8-9185-03115a4c4e39.svg
c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/images/ Frame CC2A 9 KB
4 KB 16ms
16ms Image
image/svg+xml 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/images/895658b0-c240-4ea8-9185-03115a4c4e39.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 529a6491568f5c098cee97a0594c2b1f6a0c4051c72c39f6c26ba0b5b4a0b3e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 May 2023 07:08:19 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: V+Oh95MNKtBGc7TgkQOiIw==
age: 6601
x-ms-lease-status: unlocked
last-modified: Tue, 23 Aug 2022 13:53:12 GMT
server: cloudflare
etag: W/"0x8DA850ED1CC64B6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 4a5f8225-401e-0063-0137-0870dd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7c9a82109ebd9bc8-FRA

GET
H2 200 3342e3f0-a47d-456d-995a-13c869e0c907.svg
c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/images/ Frame CC2A 742 B
588 B 15ms
14ms Image
image/svg+xml 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/images/3342e3f0-a47d-456d-995a-13c869e0c907.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 260c4bed22b81bc006a79173aa9ca654471df9a1c760deb59c07ef94c87bf375

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 May 2023 07:08:19 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: ldyR1Ei/eEFCmOWcsP/7uA==
age: 5227
x-ms-lease-status: unlocked
last-modified: Tue, 23 Aug 2022 15:15:00 GMT
server: cloudflare
etag: W/"0x8DA851A3F84ED23"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 594059f0-f01e-0049-281f-22afcd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7c9a82109ec89bc8-FRA

GET
H2 200 78c15051-3abf-4132-a9a1-3b47c962980d.svg
c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/images/ Frame CC2A 2 KB
948 B 14ms
13ms Image
image/svg+xml 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/images/78c15051-3abf-4132-a9a1-3b47c962980d.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 832866c47db97cbc29d4cfa3dcf2b9b52cf8db4c735089ae1a3a54b7053e7260

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 May 2023 07:08:19 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: h3rno2zn9xDKUurkpCkAFQ==
age: 5227
x-ms-lease-status: unlocked
last-modified: Tue, 23 Aug 2022 13:53:12 GMT
server: cloudflare
etag: W/"0x8DA850ED1D3900F"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: cfb679c5-d01e-004e-2540-01c3ae000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7c9a8210aece9bc8-FRA

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame CC2A 2 KB
3 KB 16ms
15ms Image
image/webp 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e317daec4d26a13444955b1%2Fimages%2F5c954136-9d01-40e0-a687-8cf20d9477bf.png&w=107&h=80&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 113dce095cc0001c89c517d5564f88e6519889200e2a396d5a684ac468243b01

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:19 GMT
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 05:01:58 GMT
api-supported-versions: 2.0
server: cloudflare
age: 7581
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 7c9a8210aecf9bc8-FRA
content-length: 2542
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 e32d7e47-4d13-4481-840d-d1ef4f108803.svg
c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/images/ Frame CC2A 13 KB
4 KB 21ms
20ms Image
image/svg+xml 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/images/e32d7e47-4d13-4481-840d-d1ef4f108803.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9f91fe59ffbec7b680bad00168795b12dbb3a32250f5e5c3cbba03c06dacf4c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 May 2023 07:08:19 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 5oD5k/82KVGPFQsTzazxFw==
age: 5368
x-ms-lease-status: unlocked
last-modified: Thu, 26 May 2022 08:04:08 GMT
server: cloudflare
etag: W/"0x8DA3EEE4F5AFBFF"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 6fbfd552-201e-0038-8014-5b49e6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7c9a8210aed09bc8-FRA

GET
H2 200 d7fb39dc-58e6-4356-88a8-b2ced561954d.svg
c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/images/ Frame CC2A 23 KB
7 KB 25ms
25ms Image
image/svg+xml 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/images/d7fb39dc-58e6-4356-88a8-b2ced561954d.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 213bd9eb4b88d0464828f28f804f80f914aeab56e0419c2972656c5a2706a2a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 May 2023 07:08:19 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: NVMZhm8+62foYV5dPmIAfQ==
age: 4524
x-ms-lease-status: unlocked
last-modified: Thu, 26 May 2022 08:04:08 GMT
server: cloudflare
etag: W/"0x8DA3EEE4F702FE6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 5fcfc721-c01e-0042-1029-1554a6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7c9a8210aed19bc8-FRA

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame FEE8 15 KB
15 KB 12ms
12ms Font
font/woff 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2F12277ada-0667-42ba-a007-0836e523ef8a.woff&t=%20.01234569ACEFHKMOPSTW%CE%88%CE%93%CE%9B%CE%9C%CE%9F%CE%A1%CE%A3%CE%A7%CE%AC%CE%AD%CE%AF%CE%B1%CE%B4%CE%B5%CE%B7%CE%B9%CE%BA%CE%BB%CE%BC%CE%BD%CE%BF%CF%80%CF%81%CF%82%CF%83%CF%84%CF%85%CF%8A%CF%8C
Requested by: Host: gml-grp.com
URL: https://gml-grp.com/I.ashx?btag=a_162b_1283c_&affid=162&siteid=162&adid=1283&c=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32c88eb8f8f4b83e5bec0d485fb1a17a22bada143ed4427835d23dde86d8bfc6

Request headers

Referer: https://gml-grp.com/
Origin: https://gml-grp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:19 GMT
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 06:38:57 GMT
server: cloudflare
age: 1762
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=12277ada-0667-42ba-a007-0836e523ef8a-subset.woff
cf-ray: 7c9a8210ce059bd4-FRA
expires: Sat, 18 May 2024 06:38:57 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame FEE8 5 KB
5 KB 14ms
14ms Font
font/woff 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2Fef03324c-fc77-4063-9e1a-48b39a27aec5.woff&t=v
Requested by: Host: gml-grp.com
URL: https://gml-grp.com/I.ashx?btag=a_162b_1283c_&affid=162&siteid=162&adid=1283&c=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3acf82ac173a7685eea7f3d49c36f4795733a91d5599248828050c2cc89b04f9

Request headers

Referer: https://gml-grp.com/
Origin: https://gml-grp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:19 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Apr 2023 07:28:36 GMT
server: cloudflare
age: 3109183
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=ef03324c-fc77-4063-9e1a-48b39a27aec5-subset.woff
cf-ray: 7c9a8210de1f9bd4-FRA
expires: Fri, 12 Apr 2024 07:28:36 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame FEE8 10 KB
10 KB 13ms
13ms Font
font/woff 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2F48f4755a-a559-48ad-a034-7f8a8a7dc006.woff&t=SV
Requested by: Host: gml-grp.com
URL: https://gml-grp.com/I.ashx?btag=a_162b_1283c_&affid=162&siteid=162&adid=1283&c=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16d31bf88e080abab068a308de61d20c0ec0b20f1e3c9972f96e2721ff05435a

Request headers

Referer: https://gml-grp.com/
Origin: https://gml-grp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:20 GMT
cf-cache-status: HIT
last-modified: Thu, 11 May 2023 05:40:35 GMT
server: cloudflare
age: 696465
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=48f4755a-a559-48ad-a034-7f8a8a7dc006-subset.woff
cf-ray: 7c9a8210fe399bd4-FRA
expires: Fri, 10 May 2024 05:40:35 GMT

GET
H2 200 e32d7e47-4d13-4481-840d-d1ef4f108803.svg
c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/images/ Frame 5AEC 13 KB
4 KB 14ms
13ms Image
image/svg+xml 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/images/e32d7e47-4d13-4481-840d-d1ef4f108803.svg
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.0d17da23618f24b974cb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9f91fe59ffbec7b680bad00168795b12dbb3a32250f5e5c3cbba03c06dacf4c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 May 2023 07:08:20 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 5oD5k/82KVGPFQsTzazxFw==
age: 5369
x-ms-lease-status: unlocked
last-modified: Thu, 26 May 2022 08:04:08 GMT
server: cloudflare
etag: W/"0x8DA3EEE4F5AFBFF"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 6fbfd552-201e-0038-8014-5b49e6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7c9a82112f969bc8-FRA

GET
H2 200 d7fb39dc-58e6-4356-88a8-b2ced561954d.svg
c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/images/ Frame 5AEC 23 KB
7 KB 14ms
14ms Image
image/svg+xml 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/images/d7fb39dc-58e6-4356-88a8-b2ced561954d.svg
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.0d17da23618f24b974cb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 213bd9eb4b88d0464828f28f804f80f914aeab56e0419c2972656c5a2706a2a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 May 2023 07:08:20 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: NVMZhm8+62foYV5dPmIAfQ==
age: 4525
x-ms-lease-status: unlocked
last-modified: Thu, 26 May 2022 08:04:08 GMT
server: cloudflare
etag: W/"0x8DA3EEE4F702FE6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 5fcfc721-c01e-0042-1029-1554a6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7c9a82112f989bc8-FRA

GET
H2 200 895658b0-c240-4ea8-9185-03115a4c4e39.svg
c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/images/ Frame 5AEC 9 KB
3 KB 14ms
13ms Image
image/svg+xml 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/images/895658b0-c240-4ea8-9185-03115a4c4e39.svg
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.0d17da23618f24b974cb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 529a6491568f5c098cee97a0594c2b1f6a0c4051c72c39f6c26ba0b5b4a0b3e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 May 2023 07:08:20 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: V+Oh95MNKtBGc7TgkQOiIw==
age: 6602
x-ms-lease-status: unlocked
last-modified: Tue, 23 Aug 2022 13:53:12 GMT
server: cloudflare
etag: W/"0x8DA850ED1CC64B6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 4a5f8225-401e-0063-0137-0870dd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7c9a82112f9d9bc8-FRA

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 5AEC 1 KB
1 KB 13ms
13ms Image
image/webp 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e317daec4d26a13444955b1%2Fimages%2F5c954136-9d01-40e0-a687-8cf20d9477bf.png&w=76&h=57&q=85&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 521c5769e9e8006d5eb16d0da1f3edf49ccd6a50a95b26e15c3ecd17d331b914

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:20 GMT
cf-cache-status: HIT
last-modified: Thu, 18 May 2023 09:51:55 GMT
api-supported-versions: 2.0
server: cloudflare
age: 76585
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 7c9a8211b8299bc8-FRA
content-length: 1308
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 ff488f5d-048d-437d-a444-2f84dc5ddcef.svg
c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/images/ Frame 5AEC 5 KB
2 KB 15ms
14ms Image
image/svg+xml 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/images/ff488f5d-048d-437d-a444-2f84dc5ddcef.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c806742c0529236e3f2f6766d274f44dd0479e8ee7cfb9b9c015acb832122adf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 May 2023 07:08:20 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: zR7lok9RgGINbQgyKR5p1g==
age: 1789
x-ms-lease-status: unlocked
last-modified: Fri, 14 Oct 2022 09:12:29 GMT
server: cloudflare
etag: W/"0x8DAADC438286B55"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 21f60a0e-401e-0001-167d-6bb2fa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7c9a8211c8349bc8-FRA

GET
H2 200 aabcfbe1-86bb-485e-898c-73f4a1ffdb1d.svg
c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/images/ Frame 5AEC 5 KB
2 KB 14ms
14ms Image
image/svg+xml 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/images/aabcfbe1-86bb-485e-898c-73f4a1ffdb1d.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed32d61ce99c149d2d7f8d723c4604a94b3d4b49dd655442eee8c2e525fe6334

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 May 2023 07:08:20 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 9HKVhq8bC/r2Gpj4q4WjZg==
age: 1789
x-ms-lease-status: unlocked
last-modified: Fri, 14 Oct 2022 11:24:40 GMT
server: cloudflare
etag: W/"0x8DAADD6AF83AAB3"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: d6de427b-801e-0021-747d-6bc95d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7c9a8211d8429bc8-FRA

GET
H2 200 2b0109ea-7d15-4213-89a4-b3c761632fdf.svg
c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/images/ Frame 5AEC 3 KB
2 KB 15ms
14ms Image
image/svg+xml 2606:4700::6812:ae65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/betano-stoiximan/5e317daec4d26a13444955b1/images/2b0109ea-7d15-4213-89a4-b3c761632fdf.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ae65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e93053ca9da4e0f62eacf12657feb6acbe689e714eaa492e00f21a215c6e599d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 May 2023 07:08:20 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: IeyUAcS9igtIAuoa1dbAeg==
age: 1789
x-ms-lease-status: unlocked
last-modified: Fri, 14 Oct 2022 11:24:40 GMT
server: cloudflare
etag: W/"0x8DAADD6AF8383A1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 439d2ca1-d01e-0061-3f7d-6bce65000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7c9a8211d84f9bc8-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cytoday.com.cy
URL: https://cytoday.com.cy/ads/www/delivery/afr.php?refresh=120&zoneid=59&cb=INSERT_RANDOM_NUMBER_HERE

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cytoday.eu/	1969-12-31 23:59:59	Name: SN586cf2fd12a47 Value: 49ae60b8c08bb5e0b408adf2482675ae
cytoday.eu/	1970-01-20 13:23:56	Name: cookie_consent_level Value: %7B%22strictly-necessary%22%3Atrue%2C%22functionality%22%3Afalse%2C%22tracking%22%3Afalse%2C%22targeting%22%3Afalse%7D
cytoday.eu/	1970-01-20 16:13:52	Name: Exitbee_vid Value: 8f10b5e9-a1b5-4054-9e89-392a385810ea
cytoday.eu/	1970-01-20 16:13:52	Name: Exitbee_sessionCampaigns Value: []
cytoday.eu/	1970-01-20 16:13:52	Name: Exitbee_nrPagesVisited Value: 0
cytoday.eu/	1970-01-20 16:13:52	Name: Exitbee_visitsCount Value: 1
cytoday.eu/	1970-01-20 16:13:52	Name: Exitbee_source Value:
.onesignal.com/	1970-01-20 11:54:41	Name: __cf_bm Value: NInDzzp1yxFO6tE7PyUnHChxMWbh4Mw6e6vDLqlQziA-1684480096-0-AZmR7+qRZ1jzPQgCspqfsTABv4HaJsWMCKSQ4Vp48qWJahIJ2Fqhlcc0z66VHVZobmufKsmAMgiW5YAjtC/fVC8=
.doubleclick.net/	1970-01-20 21:16:16	Name: IDE Value: AHWqTUkR35z6AyERmalwMaRvci3YN3_FwNWK7YsFdyrJtdgyG0M5_pfGn4yhGn9yOzg
.ced.cy/	1970-01-20 20:40:16	Name: CEDGDPR Value: 01000111010001000101000001010010

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://akousa.com/ Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
network	error	URL: https://www.com2go.com/newcreatives/demo2/assets/advScripts/css/c2g_fullscreen_scroll.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1946006275855017&output=html&adk=1812271804&adf=3279755399&plat=1%3A147968%2C2%3A147968%2C3%3A2163200%2C4%3A2163200%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fcytoday.eu%2F&ea=0&pra=5&wgl=1&dt=1684480096394&bpp=7&bdt=1135&idt=373&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&nras=1&correlator=7459885805512&frm=24&ife=1&pv=2&ga_vid=1546676210.1684480097&ga_sid=1684480097&ga_hid=1182705147&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2773230960&scr_x=-12245933&scr_y=-12245933&eid=44792108%2C44759842%2C44759927%2C44759876%2C31074546%2C31074690%2C44788441%2C44792089&oid=2&pvsid=4158685256257974&tmod=213473809&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=1.cmvrw6aggsau&fsb=1&dtd=393 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1946006275855017&output=html&h=100&slotname=4023649764&adk=2185297144&adf=94566886&pi=t.ma~as.4023649764&w=300&format=300x100&url=http%3A%2F%2Fcytoday.eu%2F&ea=0&wgl=1&dt=1684480096401&bpp=2&bdt=1142&idt=430&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7459885805512&frm=24&ife=1&pv=1&ga_vid=1546676210.1684480097&ga_sid=1684480097&ga_hid=1182705147&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2773230960&scr_x=-12245933&scr_y=-12245933&eid=44792108%2C44759842%2C44759927%2C44759876%2C31074546%2C31074690%2C44788441%2C44792089&oid=2&pvsid=4158685256257974&tmod=213473809&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=2.filntamxjo4q&fsb=1&dtd=455 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1946006275855017&output=html&h=90&slotname=5694195407&adk=3963360467&adf=3160588074&pi=t.ma~as.5694195407&w=728&format=728x90&url=http%3A%2F%2Fcytoday.eu%2F&ea=0&wgl=1&dt=1684480096403&bpp=1&bdt=1144&idt=614&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&prev_fmts=0x0%2C300x100&nras=1&correlator=7459885805512&frm=24&ife=1&pv=1&ga_vid=1546676210.1684480097&ga_sid=1684480097&ga_hid=1182705147&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2773230960&scr_x=-12245933&scr_y=-12245933&eid=44792108%2C44759842%2C44759927%2C44759876%2C31074546%2C31074690%2C44788441%2C44792089&oid=2&pvsid=4158685256257974&tmod=213473809&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CenE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=3.s0epaex0wslw&fsb=1&dtd=619 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1946006275855017&output=html&h=250&slotname=5147400497&adk=1406498851&adf=4038599406&pi=t.ma~as.5147400497&w=300&format=300x250&url=http%3A%2F%2Fcytoday.eu%2F&ea=0&wgl=1&dt=1684480096404&bpp=1&bdt=1144&idt=641&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&prev_fmts=0x0%2C300x100%2C728x90&nras=1&correlator=7459885805512&frm=24&ife=1&pv=1&ga_vid=1546676210.1684480097&ga_sid=1684480097&ga_hid=1182705147&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2773230960&scr_x=-12245933&scr_y=-12245933&eid=44792108%2C44759842%2C44759927%2C44759876%2C31074546%2C31074690%2C44788441%2C44792089&oid=2&pvsid=4158685256257974&tmod=213473809&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=4.8ld2ztsa3h3r&fsb=1&dtd=647 Message: Failed to load resource: the server responded with a status of 403 ()
security	error	URL: https://wlstoiximan.eacdn.com/TrafficOpt/s.5.6.min.js?t=1 Message: Mixed Content: The page at 'https://gml-grp.com/I.ashx?btag=a_162b_1283c_&affid=162&siteid=162&adid=1283&c=' was loaded over HTTPS, but requested an insecure frame 'http://gml-grp.com/T.ashx?btag=a_162b_1283c_&affid=162&siteid=162&adid=1283&c=&t=638200768981280000&MediaID=2734&MediaIndex=0&XYZ=120%260%26148%26%26%26%260%260%26%26'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://wlstoiximan.eacdn.com/TrafficOpt/s.5.6.min.js?t=1 Message: Mixed Content: The page at 'https://gml-grp.com/I.ashx?btag=a_162b_1288c_&affid=162&siteid=162&adid=1288&c=' was loaded over HTTPS, but requested an insecure frame 'http://gml-grp.com/T.ashx?btag=a_162b_1288c_&affid=162&siteid=162&adid=1288&c=&t=638200768981460000&MediaID=2739&MediaIndex=0&XYZ=120%260%26148%26%26%26%260%260%26%26'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7fb57f0be571dcd679b993e5818c335f.safeframe.googlesyndication.com
adsbydelema.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
akousa.com
c.bannerflow.net
cdn.cookie-script.com
cdn.doubleverify.com
cdn.exitbee.com
cdn.onesignal.com
com2go.com
connect.facebook.net
cytoday.com.cy
cytoday.eu
delivery.ced.cy
fonts.googleapis.com
gml-grp.com
googleads.g.doubleclick.net
images.tothemaonline.com
omegalive.com.cy
onesignal.com
pagead2.googlesyndication.com
region1.google-analytics.com
rtb0.doubleverify.com
rtbc-ew1.doubleverify.com
s.exitbee.com
s0.2mdn.net
scontent-fra5-1.xx.fbcdn.net
securepubads.g.doubleclick.net
servedbyadbutler.com
static.xx.fbcdn.net
tothemaonline.onesignal.com
tothemaonline.os.tc
tpc.googlesyndication.com
wlstoiximan.eacdn.com
www.com2go.com
www.cytoday.com.cy
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.termsfeed.com
www.tothemaonline.com
xtenzio1.com
cytoday.com.cy
pagead2.googlesyndication.com
116.202.46.88
116.203.90.127
130.211.44.5
136.243.19.70
148.251.165.170
148.251.165.175
2001:4860:4802:32::36
213.133.111.3
2606:4700:20::681a:931
2606:4700:20::ac43:4b95
2606:4700:3032::6815:a86
2606:4700:3034::6815:4466
2606:4700:3037::ac43:d57a
2606:4700::6810:9017
2606:4700::6812:ae65
2606:4700::6812:d73b
2620:1ec:29:1::45
2a00:1450:4001:808::2001
2a00:1450:4001:808::200a
2a00:1450:4001:809::2001
2a00:1450:4001:809::2008
2a00:1450:4001:80b::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::200e
2a00:1450:4001:827::2006
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:831::200a
2a02:26f0:6c00::210:ba29
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a06:98c1:3120::3
35.240.50.85
95.216.18.154
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8
03ed77ef1a42cb211427ca64afa6809773256ac4180e73313e2a86c01bc92d15
043f8f5640d558a90672b7115bb0b6e39cc1442293a1281bd07c048b9d5356bd
047ca6bd7f9127b112867b9c1131c9c7e1e8fdd89373515b3612896b5aaaf98e
04a73e017d87f24e46cc51a788e00477adef6549faa29286e16f77487a9d9199
05ea13d8ed892263f26efb80aa9d2954d46ed608d7f1542400e667026ffb824a
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b08e4d0d50ba92f9f6334d784c28b82b6394c7679c5d3d6fb71b79f32c9da8a
0b1b035a93ee59c16ce727289417fd13474d8f2ebdcf93ffc6b7577df145866a
0c54a6381fae81ec651384ca6678474635d6117365285b6288579718d10456c6
0d6077ae557cda7105d642c914743349557b3772a6beaca4886d9672b23abfe8
0fc1289eed4c57aaba8ca2129a9ae0efc22de7a2bd2e4cbf14a15a7508ae998e
0fd3429f62cc930c85f023feb786c8bbf5526671a8e3f731741c39db927c9cdd
113dce095cc0001c89c517d5564f88e6519889200e2a396d5a684ac468243b01
1440161293ce33c442515ed461c992565084664fac9e70ccce8882dbfe8e2b8a
16d31bf88e080abab068a308de61d20c0ec0b20f1e3c9972f96e2721ff05435a
17056e52b03a9e5d7818f38bd76f79c7f55a128b05c5390992d63609f7e0cf0c
18d513b1e635736256316dc905968b0c7607e4f7037d7156c268eea7d16616fd
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
1ca1f5e2f4db8c3665c557bb57241926eb46c38d2d75209dc356c922a98a285e
1de58c495de3ede0aba0622b17e1b0e045e09dcdf21bd26f0494c79c89322962
1fdbb2180496fca532f43deaffec879f8ca6990258b38a469aed4120d6c0d2fe
204c986c99f90e619656d950ac23720e1e332550db48ab9df1876adfc334d1c4
21036e66f4b87a6bab47e326b0be63e4941b632152e988d7fa43f0e6d51b0322
213bd9eb4b88d0464828f28f804f80f914aeab56e0419c2972656c5a2706a2a1
2171ec5fb0ffa4c9aa59114703b10f6a17ed6dd0d2672b01ca75b4c5346115ce
2208187333e71f82e2b7bd5b3cbed90f42f10e5563acf5dc1c5b74ba8ce3f011
22856c7842a74a22e23539f9d130010a9db015c3c135487f7202ec2454bcfa73
25178aeef6eb6b83b96f5f2d004eda3bffbb37122de64afbaef7107b384a4132
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
260c4bed22b81bc006a79173aa9ca654471df9a1c760deb59c07ef94c87bf375
2a0460155602bc34a29b28217507cdd4e1a941304d1a8fe3dc10a9aedde85d09
2e1697fef8f386fe8d38f69e45cb1c791de8e1ccdf2359846ca9da4dca70559b
2e59e11845d0bb2a6aef1777b9a763f0970e609a16f4967614451b84913556eb
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d922826754bc6a1bdceb84c4173da905cf9e9b4866a96f9cac0c729ed142eb
32c88eb8f8f4b83e5bec0d485fb1a17a22bada143ed4427835d23dde86d8bfc6
338986cec037a913f593ce26bebe495bd51fdd9aefb0919bf652ce13b42b10cd
34cae1eff2b8486f4d8bd8a00e488a8b0ae6d7b2a8130b77418581acd1a91514
388284f365d9b826b434f6fa199d16af2ad3496c61a21834fe4f9dbc5cab61a0
39664f033eb3df8bc1823919606218c05c54ea8fa8ca389d5ff03bb814605134
3acf82ac173a7685eea7f3d49c36f4795733a91d5599248828050c2cc89b04f9
3ad65b157ec84a7fbbce6d43047679566979178399d31aa60db37b9c1bcd7d6c
3be64a84adbf206a6f81d9da0049f4dba9f829852d1945dbe8fffd659fac89ae
3d425ea6a98a1d7007e58d585ba1e99574ab7b6541a0fc8d8de250ebc927f10a
3dfd28d9708a81e197bfbb4b06c712681906b48638bd0be8a4f927855a9743fb
3fba6f72333e98747b5a84a42395a844f80f8424bc33b10472a02d6b6387b958
40c8e9c5196b1f893074eb54a6e605b742972ef2fe8ffca25e853739e0c59226
41ee3d9346567ac5c126a1d9f1650495a3200242609dfe0a39362aaa97b7542d
447b38898396de8e8628a7f0744d08d490fd424073cb425043c3bbc74bf76a03
44ea57bfb7d9e276e06dc23ea0f9d1d11abd4688c12b7e1bf9503ebbfdeb919e
45a433f800bbb43a0c6bbc2407ab71955b61e2fd2cedfb8a86e45e4986a693e4
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
47e27e5aeff0e1eb4cd57c105721ca231f2b88442b94522bf042fd08b7a53df7
4933c3beeb47d41c577272e53ff1fe8039b259ce6bd257bc785285ac68c68e9b
4dc3d432dde2f522090140ed462d4736f9cc19104c1f633b0a243622635609e2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50c156adeaa92b60b22c6572e0a0134f596701a1c62bfadbafbfa5adea0fe27d
512ca79eead5a0d3f9a10de763339ae03bd8448862b012819157976762ab0a8b
515b83580607a0740411c249a43b9a699a352def59e5833692f88dfc0c82fffc
521c5769e9e8006d5eb16d0da1f3edf49ccd6a50a95b26e15c3ecd17d331b914
523dc7daefb7fee5576899eb614dc96c3117fe14457249b6be7b645ed3a48649
529a6491568f5c098cee97a0594c2b1f6a0c4051c72c39f6c26ba0b5b4a0b3e6
52f7b0b4410320d302822641a5f2532ed35374bca322b0a077373635a6dfe04d
55922f1ce7500f39badcddf63c408a0afd332596973c424db417ca2cff2beb7e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56ce92887c108586bf63058a06f051e957f58936396e829d5fddeb59dbab0e59
571798c300d18ec26605a74b02467ab00c4f18e1fe265bdd1a806a292cc9d0f7
581814005c548c7da0c34469b70ab0b51a228f3cbbea0474bab60a99d5f9050f
5f240ee48f59813b40eb7886578d2e57cc2a4966ad3a00a216907ab5e379cf32
60cf4f39cb77869418f3ced2474cda79ba80829dd03d0c04367967e1d3d05518
60ef701a9e3a323a0b981b412ab596a7a10a63b990f836c5e70f1cd7f4fc2d40
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6218fe43fa2938fe13988554b7f4137028cc0ea1a8bc777e82b32b265f675755
632d5260b6a50807420fd4cb09e1c39bde45cd9fe380a04c9d2590c8d01509cd
640b5c7b44c28222525b21c62fcc914d4c284886da90510e94f8e98bed8a57c9
65ab95b0a57d4fa12ccb83a19088bfc1a593c982dc9fe6f1e7ecc1eb8ab313d0
65bf05ef601e896db4c968daa976218300b6ab6858501420d6a7d0463a74f01d
698d9dc0603bf500f26d935fa1386f1f79c33187413daf383dbd83799aa23462
6a15c4647fa1ec8f29d29492c6182ac3ae91779fb842bc70a6fca6999ad2eedf
6a89431d4b5f6dcc37d448bf2eda662118c4402859875ec9a38b4ea44c3fe251
6bba408c37009bf0815f4871d12bc9a4df8905cadcd87eabbb36303422400d14
6dc0816ad4b4762837cc86109d4a07ca75044cfa62457a517f3a8da1440ad3e1
6e5236f939ad01a5348627f0581aca4dc357dc3c858ddc91df1c668563f15104
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
758e0bc527b49b78b76897cfb4c14bd776bc8cfefd7c6500a52a7166a0dc50a1
77f3ceafaf969d65a159035882066879d8970e2da1add9c546dcdcc74bd8349c
7938dce6735ac40e6b08b17d19cd4ad7938034e5dedae0713ab71d0e642688a4
797e79e220fdb3c48f6df26b879543102479491611940c8acc81a905da5c6858
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a86ba2abbe5e3e332010f9747446be224099c45c0c273e27052a125adfd0f1c
7ac9d104d543540e7371eccfbd2ebbd6aa8457b59c8c512f55d8d9154df3fd90
7d9b7ee9ae860b2f27e08578dacc166269ab838417994fb62c568ff40245b5a3
7eb5be4562167caca46fe48c4b1e80f188dec9c2860df52b079f9ede933acb90
822525d3bdd8caf154168e4410e6fdadab41effa135ba6fb50c523ed6eaac66c
832866c47db97cbc29d4cfa3dcf2b9b52cf8db4c735089ae1a3a54b7053e7260
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84180e1697f65e4101dc623065f262374151308d72461d87198b3d3257fdf2f7
846ff7dd11671dcc228d1a51bfddf2663145e13eeab7c885ae386fa16c4c0b0c
84c0afef4c75786c7b5723789e1e3111612a8c88a53162f42e5d96b426b40754
88588caa6221f1e64548aa532e6e1cc47feb67f244a0f890be1889952860fd6e
894755a38e27cbfadeb33bc21a101e0d906350b54aa23abb187b1b5e22ea0ef6
8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87
8d2fd8f1fcb109cc3f315f8f1df48f4a49cc1486d803e4c2b0c54f60e28de0aa
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
912a5cee598c9a445c0b8724fa223965f9cec2f532f33fddf8d3aee8add75a39
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
97dedc182efdc13aa68bc47c6dc070bbb31b0a6b7601768ce73e20b80953242e
99012590044da8494dd3b3f1d629a9c144ba85b33126137be520d7b6b0a030ed
9a67d907485c19a45a5b28b3bebffc727b65f77717cec85972798c46cd445a0b
9c19215cd92dc80f13462cbec173ea80310b20a46a4e690159afcae9608221d7
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a1406f6297454b53a52b9c0bbe9cfe4f2c33140d8412bd09f476a1d30640db5a
a1ddb8ffea8569b01bc4ab2b7787f6350b3b135506b4dbec013acce78e9b867e
a1eb48eeb3b3f2ba41940d3041464f0b386b7a7c4a8acb42f3017e691f4b116e
a3d4dfd11e9e024b09a71eb05330784ac08f8afbbaa6f4ca7d0ac805ad2ae1e3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9f91fe59ffbec7b680bad00168795b12dbb3a32250f5e5c3cbba03c06dacf4c
aafcf79544e2430a0b437420f288f5240fb0c022a69ca89826013dce0c7783f1
ad2b3ba09f156ae62e460776184bf7885c1ab3e9cabd9b049ec8a71e0f415685
adf803ef6300ff1668bc3a85c840c60d41079c1aa1d1fba1f373f87262e641ab
ae9ae9fe2a341d86f61075608bf31952985877340c644422da455d820e36abf5
aebc858b3ecd13958ea8d80d864c5e0af44b1240b77646d3c81e8b4d789cd8ea
b06b921fc565f191fd269c0df815ff21ef62dc70e451a609b482afd6a9e92399
b0c7e6712ecbf97a1e3a14f19e3aed5dbd6553f21a2852565bfc5518925713db
b16a18a3568a4f13d906f95c5709c442a84ca5a82bdc5241016a7c1bcfae2a71
b2623771bd2c172cd2017035e8aee1760b821a6026c5933fec575a93bf96d6ff
b34e26ab9a8d7fae9b41f0c72ecdc5b26fbfdc94005639e5a21492a6f443532d
b36f27566d5904347cd9c75d6f4eac94cf9bf5078f59e3f940aca2fbc8d66ae3
b44bee48eed38b583979654094c4129d802777a8d118c4aeff8c656373173631
b59e259f90c1c6b998ae9757ffb23575e50c925d6a08ca1ff281345aa1f20366
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b8c5d557edd56d18888fca4e0ae90b9a194e8adb227e91d641312657467655a6
b95a2b8f9bcbce932bfb42a565e006214b24a072d8d9cf9089262aa03501d622
ba1a0e0df408b04fbb403728881beac0b4920e090a9766d119e4d0cd291a3f19
ba50e77487e64f9fc95e19c377874845015c53f4ea08541a434d0e0e35c39bf7
bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc1faf3fa2ad951c56020d7ac04c16f9bd508e8107e2edac95c263c84b12d382
bdef5b9f6e1ace7d12a12904c3b4817701ae5368826e3288dc1c7e8235f8415b
be1d882665dbe8315c44ea23b1ef040acee463dbc2df107f77909afa4ec72142
bf932a393aa009f8c8c382a3f875c5fa9975c4eb26ca2643bbb5eef842bead81
c3451ad2d56c5fa6b366c9711bf894d766e9f5614cc54dde5b6177b0ff55c9c8
c53696e7ecdb66622eed2fa572c6195904de06485261b19e53a10573bddb1293
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c
c7a60ff8091ac08fdd8b89f5f67c039f1234303d4ae00eb79c24c40eac4c4ce1
c7c406fe6c38d320a271441c8b565acc62611bb2925f5cb80a6667987a4b9130
c806742c0529236e3f2f6766d274f44dd0479e8ee7cfb9b9c015acb832122adf
c857fb6fef23c39fcc520009f3bb839d56a5994325e1d86718227938faeddd00
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
c909c28a92bf7b48807218b7eb333d2e6700bd123064a9625b63e36764ae3d91
ca0f45da4c50a923b50db8c85b642f68157fd8f486454b7b89f289962615f035
cbe8f53e3cd032697a99a246b87d96f2b323d3fe1d88f492902497d8aebd3459
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
ce1ce3cc314fc86a8ba7ebfaf42b792d58f520bc49a7edb5822b4f806c91f727
d030b7b392bd3d0a59dc2ccd82c8a3c974a16bd111b2b292cfb6af424a2cc191
d4b3d09942e86b4924d2eab08edd8830f9448aab165d29a0b3b9ab79f2fd59ce
d5e9635a59793bd14e49a8560dc419bb7ecabe2d2819d413db1838d3794fdc7a
d617fafbbb3d8e05d94b146ee8efd33122393722026dac23b405bc3b1a115b21
db2efa2cc11fc9e7488d27fd57b2dc5cbba6b7d7d6007fe8603626260ae010d2
dd3526ddba0514315d1dfabd7413c70fa2295b04c7c2b7764c7117803af3ea58
dd5e71dff90ee8a7e55d23639113a0b68bfb7861887a6c7db1070ed77061c827
df96fb5986765d4897bcbce7ce2e242d45b7d10b688cccf3901b9a8ce56b6057
e056455ca573477f3487219fde269d38f41b258ad87e53fa80dc3c05bed4ac2c
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
e358a0b740b3e22287b8ac3e7e92f9b508b4e4ff283d04c799009b6d79838c61
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5128d7f027aae53b2ddcadf5ddcabdbbd5b95f1bb06c11a7700b8104e3cebe3
e59d343e355646b2ec9bb7c1a58a2eebbea65a847e614e5ff13917eae54a9fde
e605a83f842cfcdba6511b64921aa3cc3fc9c579bf9f412db24c8d3d565535d2
e618106c2a10c644ce2c9e1f470f69486b68bbe286d6570a44f32d99f7eeac3f
e62fd4decd933ac13a710f2b657ef36323658542ef0adb703d90dc562c543787
e6a3f28a2cdb9332898e204fdab067a7ae3097a79c396c7d1add14b67afcbf9c
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e7c9361b9ec9652844da5e286b6778f0fba514a3228d3597384744b651182bf2
e93053ca9da4e0f62eacf12657feb6acbe689e714eaa492e00f21a215c6e599d
eab318acc227a771f553c3cb6b26cc33b8559c776d99d1e48f298c633b53fc4f
eb45768de1e018a349f4a59d14fd3bca8c4dbd082cb24f744586dd5ee9147c75
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ed32d61ce99c149d2d7f8d723c4604a94b3d4b49dd655442eee8c2e525fe6334
edb7f93ebc40bc62aaa4320546c77849777b863337f1ea0edb2ff5c0c05778fc
ee7fcd9774648b1ad4c3f626c5f14d11665c5b2cc1677a1aaa020cb12991337f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f34a3ad42d6d8666f875af08ad86fd1c6072b0b5fb8ae1fc297d69214b6c01d1
f4e5b25985c26f00e28ad7aa98c44e32b22bfeec3c95f8452ecf62e207658106
f643ed499751de274e8ad94ee3d7e78eb73e09af440cc5f63ec4e24fdd1e2542
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939
f8866a2e3d9a0379d0a84978a81b7f94c7c6143a8e3adb3fa7114f0b25d64718
f8ccf9b8b8999eebf5923cdad4d6fe3ebce5cf7e1c67e6c87aaedb2ce2edc7ba
fb6cef3eb76ec26c8bb8cb59e1ccf16d2facd9a1c387978948ce98664d2ca71f
fd4011fad5768e3e0acc913d90766c9cc5654c1a2952fb601195d29b1423b316
fef30923b42e21418b131694248e7dd55376159cac33cb19abbf4dc70140008f

cytoday.eu Open in urlscan Pro 148.251.165.175 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

299 Requests

90 %HTTPS

75 %IPv6

31 Domains

46 Subdomains

36 IPs

4 Countries

6354 kBTransfer

13906 kBSize

10 Cookies

5 Outgoing links

Redirected requests

299 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cytoday.eu Open in urlscan Pro
148.251.165.175 Public Scan

Screenshot
Live screenshot

Full Image

299
Requests

90 %
HTTPS

75 %
IPv6

31
Domains

46
Subdomains

36
IPs

4
Countries

6354 kB
Transfer

13906 kB
Size

10
Cookies

299 HTTP transactions
2 data transactions