hayamix.com Open in urlscan Pro
66.235.200.147 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.hayamix.com/
Effective URL:
https://hayamix.com/
Submission: On October 29 via manual (October 29th 2023, 8:03:32 am UTC) from SA — Scanned from DE

Summary HTTP 130 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 13 domains to perform 130 HTTP transactions. The main IP is 66.235.200.147, located in United States and belongs to CLOUDFLARENET, US. The main domain is hayamix.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 2nd 2023. Valid for: a year.

This is the only time hayamix.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 43	66.235.200.147 66.235.200.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::ac43:ca2d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6814:81f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	158.69.254.144 158.69.254.144	16276 (OVH) (OVH)
2 18	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
5	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
130	20

43 66.235.200.147 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)
PTR: host77.ipowerweb.com

www.hayamix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hayamix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:ca2d (United States)

ASN13335 (CLOUDFLARENET, US)

data.almaydan.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:81f (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.69.254.144 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns548341.ip-158-69-254.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	hayamix.com 1 redirects www.hayamix.com hayamix.com	905 KB
35	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	480 KB
13	criteo.net static.criteo.net — Cisco Umbrella Rank: 668 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986 csm.eu.criteo.net — Cisco Umbrella Rank: 10557	182 KB
13	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	149 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	63 KB
5	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1181 www.googleadservices.com — Cisco Umbrella Rank: 145	463 B
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	236 KB
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 10450 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 16925 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552	51 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	118 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 14333 s4.histats.com — Cisco Umbrella Rank: 14235	5 KB
1	almaydan.net data.almaydan.net	435 B
130	13

	Domain	Requested by
42	hayamix.com	hayamix.com
22	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
13	pagead2.googlesyndication.com	hayamix.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	static.criteo.net	ads.eu.criteo.com
5	imageproxy.eu.criteo.net	ads.eu.criteo.com
4	www.googleadservices.com	hayamix.com googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	cdnjs.cloudflare.com	hayamix.com cdnjs.cloudflare.com
2	fonts.gstatic.com	fonts.googleapis.com
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	hayamix.com
1	data.almaydan.net	hayamix.com
1	www.hayamix.com	1 redirects
130	22

This site contains links to these domains. Also see Links.

Domain
www.coolshe.net
www.tknulji.com

Subject Issuer	Validity	Valid
hayamix.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-02` - `2024-11-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
almaydan.net GTS CA 1P5	`2023-09-15` - `2023-12-14`	3 months	crt.sh
histats.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://hayamix.com/
Frame ID: 630A29941D3756DDAF739AC92F2866D2
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/zrt_lookup.html
Frame ID: 81DDC52E517D39008B6261EC90DFC1E0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9313502399336827&output=html&adk=1812271804&adf=3025194257&lmt=1698525237&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fhayamix.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698566606137&bpp=4&bdt=272&idt=361&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=110782429223&frm=20&pv=2&ga_vid=831320395.1698566607&ga_sid=1698566607&ga_hid=1910659718&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079087%2C44805934%2C44806738%2C31078301%2C31079247%2C44806255&oid=2&pvsid=1825073074502368&tmod=968270166&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=401
Frame ID: 04E09216189D6E1ECEE097CABE091277
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9313502399336827&output=html&h=280&slotname=7268117941&adk=113027812&adf=2717762101&pi=t.ma~as.7268117941&w=1200&fwrn=4&fwrnh=100&lmt=1698525237&rafmt=1&format=1200x280&url=https%3A%2F%2Fhayamix.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698566606141&bpp=3&bdt=276&idt=401&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=110782429223&frm=20&pv=1&ga_vid=831320395.1698566607&ga_sid=1698566607&ga_hid=1910659718&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079087%2C44805934%2C44806738%2C31078301%2C31079247%2C44806255&oid=2&pvsid=1825073074502368&tmod=968270166&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mhlt7w8DBC&p=https%3A//hayamix.com&dtd=406
Frame ID: B3C7C40BBB16736CAEF188DC0C8C5EF6
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9313502399336827&output=html&h=280&slotname=7268117941&adk=113027812&adf=2113917864&pi=t.ma~as.7268117941&w=1200&fwrn=4&fwrnh=100&lmt=1698525237&rafmt=1&format=1200x280&url=https%3A%2F%2Fhayamix.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698566606144&bpp=1&bdt=280&idt=410&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=110782429223&frm=20&pv=1&ga_vid=831320395.1698566607&ga_sid=1698566607&ga_hid=1910659718&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079087%2C44805934%2C44806738%2C31078301%2C31079247%2C44806255&oid=2&pvsid=1825073074502368&tmod=968270166&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=VAyqg2Yu8N&p=https%3A//hayamix.com&dtd=413
Frame ID: EC358CF816A56CB7C7FFEED8FCB8CAA2
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZT4RzgAI3ckI9lXzAAJU4VBvYgi7mvHUCokngQ&u=%7CaDUaw8pFRjVHb3Dj3DxW%2BhXoESpDT93bxzZnaFDKZUs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC860ZOzfSbC2FE70O6M26IJB0KXIRX9kUASnoTNDeqkkbIOZgHp-EK6HFGJwew_Wuo5JxFQm3UoyWi0D82rLsCWS6yxBpP7392wc0CdBaKpcOPH6VhI-ZhlA_U2hGCC4FYth8nk2qxqNGNlYYeOAQ_pER-mvHqs6FfCVmLjWXod_wLhNTqOkqybq5Z465P8aaW_ZVm3qAXDKjdnyu2ZUX63Cxobol4zZuopAyOtJsZwrbDDpjG9lmBmyGpFZVkvaXUP9f-zkvUeg9cK7CIA80CFbcClxIq_BTzOkYNHLZ3QmWZx-GyketqjOWDHvsMzOg4a8xQiyp-j2XXmC91Ef_h5A13lZAe9Vbodx_DIyDTzpoIX3aj7gOql8WFRT5zGyOocLU1JMJn8rrMipd0uNAzvswIUh42LlYzRiGziMjfClhX04RAi1wo4I8o0EUd1TqswnyGbnFB12w2GY9inkzFcL7KhPbxxQhJBNWlar2q6Lg0bqUOg957l3z1B8_FR_9kxHpqDglzwD3lLoFrFhtOeIgxoWsJNg59mk1-PySgtw6yGyBDxo6EC7E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo9tkzhE-Zcm7I_Or2fcP4amJyAjJntKxXMWMi-CaAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05MzEzNTAyMzk5MzM2ODI3yAEJqQK00IIZf7mxPqgDAcgDAqoE6QFP0KIarp5esYtm15i6Gbv2yO6IFrJ_Tc62chm-3NjMUjyGHLw6eC1ngeCVPjjnRw_sW9i7WUwlTCBvGJDYxvJRnKdb2vaz842Owz7AGFvDBA6-NlyAygOSmQBJVxk-P97q2JewoEFngNTEU5H2IfMittmX4EHytCwY8CJzB8ox2OZ1FzSRShjC6QF5pSFotQBDvRrti6ugbuJC6gWwhrLhIdnNekgxNHPIYFFYogDnhsbC6gjF9sQTV86AL8WfVgWRw92foqH5sIXPlU_6af0x-mrxrknep8dg7-NyNITo-mKo01RC7FzC44AGtsqS35-o2p6WAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2QHKVsEVLIm-DwC6J5vDvq2-eIUg%26client%3Dca-pub-9313502399336827%26adurl%3D
Frame ID: 4C8EC7A11143008B537AA71FF7001AD2
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9qemsZs9kbLqAx5V3XgDphQAvLyKuqTQONNcKdPC_g4.js
Frame ID: 8F48D519EEBF523484630955D9CE2AD5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4588E51D543DE63CF1BEB5AEFAEC7FD6
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1483385395D651ECF6B191FC56453B24
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CDC965357992DC1FF33669F12FB6A0B3
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 2EA6A63AD563C5CEC1874C077B10962F
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8B083C4015158EA77E4C79356110DDD8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9qemsZs9kbLqAx5V3XgDphQAvLyKuqTQONNcKdPC_g4.js
Frame ID: 487BA4552D69DA695DE2C1B5BC49C651
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9qemsZs9kbLqAx5V3XgDphQAvLyKuqTQONNcKdPC_g4.js
Frame ID: B94D9A41B7DCED5C7BAAF08E4A5305F2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DEC8EC0594D84D86673A2A0E6D0045B4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E3D0A3B87B487675A01F5058B415B16D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

الحياة مكس

Page URL History Show full URLs

https://www.hayamix.com/ HTTP 301
https://hayamix.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

130
Requests

98 %
HTTPS

79 %
IPv6

13
Domains

22
Subdomains

20
IPs

4
Countries

2193 kB
Transfer

4621 kB
Size

13
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.coolshe.net/
Title: كل شي

Search URL Search Domain Scan URL

URL: https://www.tknulji.com/
Title: تكنولوجي

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.hayamix.com/ HTTP 301
https://hayamix.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://googleads.g.doubleclick.net/pagead/adview?ai=CjaX8zhE-ZcWVI8zbzQbLl4aoAo3-_LRy97yi-uUR3NkeEAEg9pvBgAFglYKAgLAHoAGOwKTnAsgBCakCtNCCGX-5sT6oAwHIA8sEqgTzAU_Qyp-KIcOFeNzrB-okBwZkAme8oqtAnFd5PbISzIJw9a-cJCqHZqtdy8qVycTUoXqHZyhkWNRSFyeT6uiMiT2Bx-ih_EoZN-YXqe4F_f9jtUZUrbYpNkNSmhaq95FSt6LxbJ_oSzY-01yiqKQUyySBew8B8bUSJytK_KbhDwQH1DJ484-0Wf8JAMrYl5evCPmSGzfYJtHitD0ObA9rw6v6KeWxnFt-3K9QGev9XYiuC6O577AKCNln2kL53s13kaT2jA97Rl0nnwyut0nxel41Wq-QoIz4m0v1KnD7jndhaeJGuvsH1K0oM73MiyC7fexAo8AEtLWB4dcEiAXBrdmbTKAGLoAHsu22CagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEN7xBdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCbkBaHR0cHM6Ly93d3cuc2lnbmFsLWlkdW5hLmRlL2xlYmVuc3ZlcnNpY2hlcnVuZy9yaXNpa29sZWJlbnN2ZXJzaWNoZXJ1bmcvaW1tby5waHA_dXRtX21lZGl1bT1kaXNwbGF5JnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9jYW1wYWlnbj1nZG5fcmx2X3NxLWJmX3pnLWltbW9fZXgtb2huZS1yZGEmdXRtX2NvbnRlbnQ9b2huZS1yZGGACgHICwG4E-QD2BMDiBQB0BUBgBcBshccChoIABIUcHViLTkzMTM1MDIzOTkzMzY4MjcYAA&sigh=jKQXlrdDqXY&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNDJeUwDN7BxP2W3rx1b5DLNr96wGOOK8p-16sscDIHqF918hxchlCMD__owFZjYQS8CtL01slpBYl1n2YcHWz7vI1M5p5EJwYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226035845929047822836%22,%22debug_reporting%22:true,%22destination%22:%22https://signal-iduna.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22753475598%22],%224%22:[%2210-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225201290869046762433%22}&andc=true

Request Chain 116

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 117

https://googleads.g.doubleclick.net/pagead/adview?ai=CjpNCzhE-ZaXhIseO2fcP3-6vmAi79KvYc5rR5cuKEtzZHhABIPabwYABYJXKn4KwB6AB7Nq-8gLIAQOpArTQghl_ubE-qAMByAPJBKoE7AFP0KIwNkdql-RzSfXmh5hwMMa3Xqu2HRUnILk6gGTeNza9qm1k8Wz6NxCH2cZksOza5_-kAsROLLdtgLG8yvZ-rMavM2R8sM9VIgVUgHdyVHLTUvOuj02nzi7crU9zZwl-qQeLR8h1bnqnwuAbx4s7yECeshZ7hB8Zi8i2ZBoqI8QD2l-vyGuu-KcnlUvsHGHtWKQiSudvA0Wkvc_7x3gxqGEbc6vDY_HcdlkpRLyLNFl0Ga9tLhwSTLOJMxm8D93GzYJQgJny2Iq5vV8175S-C9emYpVcaC_55YYry-XuUGT8EgPy-n-pquyDGMAEzrG33rsEiAXo0OaCTZIFBAgEGAGSBQQIBRgEoAYDgAf8pMGNAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENStX9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCZ4BaHR0cHM6Ly9kYWNoLnRkc3lubmV4LmNvbS9kZS9ocC1rYW1wYWduZW53ZWx0L2h5YnJpZHdvcmsvP3V0bV9zb3VyY2U9QVotRGlyZWN0JnV0bV9tZWRpdW09R0ROX0Rpc3BsYXkmdXRtX2NhbXBhaWduPTIzUTRfREVfSHlicmlkX1dvcmtfSW50ZWxfdlByb19EaXN0cmlidXRpb26ACgHICwHYEwLQFQGYFgGAFwGyFxwKGggAEhRwdWItOTMxMzUwMjM5OTMzNjgyNxgA&sigh=FcI6uWQchPY&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaN-PIMpUYhmdgRf3yjdHGtzVFg7-fqTyvPgR1WTtSigwviE3oYI9UjprknnkyAYOTOVn50ayhilpVSZBxrJjqIfcVd3ff2-xgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225313123043970218317%22,%22debug_reporting%22:true,%22destination%22:%22https://tdsynnex.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22776973676%22],%224%22:[%2210-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227935292812774600641%22}&andc=true

Request Chain 118

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

130 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hayamix.com/
Redirect Chain

https://www.hayamix.com/
https://hayamix.com/

56 KB
12 KB

588ms
512ms

Document
text/html

66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 85f58bcbb3750d6164121e5495736d947826f01ffd6f5ce06d139a141d6a7bb8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=7200
cf-cache-status: EXPIRED
cf-ray: 81d9e6e36ab5bb7a-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 29 Oct 2023 08:03:25 GMT
expires: Sun, 29 Oct 2023 10:03:25 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Sat, 28 Oct 2023 22:33:57 GMT
link: <https://hayamix.com/wp-json/>; rel="https://api.w.org/"
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
x-nginx-cache: WordPress

Redirect headers

cache-control: max-age=7200
cf-cache-status: MISS
cf-ray: 81d9e6df1fa99295-FRA
content-type: text/html; charset=UTF-8
date: Sun, 29 Oct 2023 08:03:25 GMT
expires: Sun, 29 Oct 2023 10:03:24 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
location: https://hayamix.com/
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-redirect-by: WordPress

GET
H2 200 style-rtl.min.css
hayamix.com/wp-includes/css/dist/block-library/ 102 KB
19 KB 37ms
33ms Stylesheet
text/css 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hayamix.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.3.2
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: c0f27ee92a26e2bbb2393e7695351be1c91d890492943f52cf18fcfd899666ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:25 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Mon, 02 Oct 2023 10:13:23 GMT
server: cloudflare
cf-cache-status: HIT
age: 4870
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray: 81d9e6e6beaebb7a-FRA
expires: Mon, 30 Oct 2023 06:42:15 GMT

GET
H2 200 screen.min.css
hayamix.com/wp-content/plugins/table-of-contents-plus/ 1 KB
523 B 59ms
55ms Stylesheet
text/css 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hayamix.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2309
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:25 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4870
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 458
x-nginx-cache: WordPress
last-modified: Mon, 02 Oct 2023 10:13:23 GMT
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 81d9e6e6ceafbb7a-FRA
expires: Mon, 30 Oct 2023 06:42:15 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/ 58 KB
11 KB 69ms
24ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Requested by

Host: hayamix.com
URL: https://hayamix.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4436620
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10491
last-modified: Thu, 22 Jun 2023 11:02:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a3b-28fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iXowkBjOL%2FdiwqRvcSWhqGow%2BElAaOfIZbhwDQwKPGZC5my4LmcbFpvHDNZmz3oqa0%2FMIlGVPOFuoxjoHJ0mTqnsrK4MRA8ONfpnFUd%2F5nIU9m6sZsJh3qWm3z7SH4Lv2D86jTsEWOqulTQqdMGR2%2B9u"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81d9e6e6fe988fe2-FRA
expires: Fri, 18 Oct 2024 08:03:25 GMT

GET
H2 200 bootstrap.rtl.min.css
hayamix.com/wp-content/themes/boxnews/assets/css/ 150 KB
34 KB 58ms
55ms Stylesheet
text/css 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hayamix.com/wp-content/themes/boxnews/assets/css/bootstrap.rtl.min.css
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 5b023b1d27287f33aa24ac8f77d5d5f2ca9688eba142a9656927bbd778894614

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:25 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Mon, 02 Oct 2023 10:13:23 GMT
server: cloudflare
cf-cache-status: HIT
age: 4870
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray: 81d9e6e6ceb0bb7a-FRA
expires: Mon, 30 Oct 2023 06:42:15 GMT

GET
H2 200 style.css
hayamix.com/wp-content/themes/boxnews/ 41 KB
11 KB 57ms
53ms Stylesheet
text/css 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hayamix.com/wp-content/themes/boxnews/style.css?ver=36.00
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: fa84561c598f21cdd13cbf75c93f79b7078c282f78ef0243badea2f970c8eb44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:25 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4870
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 11637
x-nginx-cache: WordPress
last-modified: Mon, 02 Oct 2023 10:13:22 GMT
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 81d9e6e6ceb1bb7a-FRA
expires: Mon, 30 Oct 2023 06:42:15 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 140ms
82ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9313502399336827

Requested by

Host: hayamix.com
URL: https://hayamix.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48bf50c412bc17d7c860de747a658522c9902239f3014b23237b00e2a6e3a082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hayamix.com/
Origin: https://hayamix.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51649
x-xss-protection: 0
server: cafe
etag: 2810481394299783821
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 08:03:26 GMT

GET
H2 200 hylogo-1.png
hayamix.com/wp-content/uploads/2023/10/ 42 KB
43 KB 37ms
34ms Image
image/png 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/hylogo-1.png
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 40d3a6139558c67a487d2364ea565655ec5fc546c9ae2c6381e4458e6075dacc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:25 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 19:15:11 GMT
server: cloudflare
age: 220
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray: 81d9e6e6ceb3bb7a-FRA
content-length: 43401

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 77ms
33ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: hayamix.com
URL: https://hayamix.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1923861
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27958
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DlJ7GHzf8U6Nzm%2F8iPXzy8DR%2BtfUWbeNBAKp%2FK0RsgRzv4W%2BL6jbm6XyUhXkY5rik9OoNFAPyRc0qQVSH2bv7zAPyHUXvx1MllxejYIYxyGdYkxIEvtG9H3VYN%2Br6U96SXUNfMP8%2FH2g6JmotJbACrs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81d9e6e6fe9b8fe2-FRA
expires: Fri, 18 Oct 2024 08:03:25 GMT

GET
H2 200 front.min.js Show response
hayamix.com/wp-content/plugins/table-of-contents-plus/ 6 KB
3 KB 42ms
39ms Script
application/javascript 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hayamix.com/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2309
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: c18f5c0855f4b76c30dd796f7164f9d1bb23c2c85b070cfad938787a214a2639

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:25 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 220
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2588
x-nginx-cache: WordPress
last-modified: Mon, 02 Oct 2023 10:13:21 GMT
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 81d9e6e71f0ebb7a-FRA
expires: Mon, 30 Oct 2023 07:59:45 GMT

GET
H2 200 style.js Show response
hayamix.com/wp-content/themes/boxnews/assets/js/ 7 KB
2 KB 37ms
36ms Script
application/javascript 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hayamix.com/wp-content/themes/boxnews/assets/js/style.js?ver=36.00
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: e4b989097fdac78716f7b617f895b9856d9ae2526a6c0e5b7bee77ed850155f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:25 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 219
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2010
x-nginx-cache: WordPress
last-modified: Mon, 02 Oct 2023 10:13:22 GMT
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 81d9e6e73f36bb7a-FRA
expires: Mon, 30 Oct 2023 07:59:46 GMT

GET
H2 200 jquery9.php Show response
data.almaydan.net/script/mix/ 0
435 B 510ms
347ms Script
text/javascript 2606:4700:3037::ac43:ca2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data.almaydan.net/script/mix/jquery9.php?h=0&w=yx&i=yx-yt-3a&md=on&cd=iv&n=1
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ca2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aw4up7umP%2Fnp50Kp%2FBmMS6Qi7MTcJlu3LWdkzVkYj3aw3vMhDrjKMvBwr6W%2BXHDoL5OhZe7m%2F2FFRCw%2ByuBWhq950o8dz8rd9HeT37UEciUgzf0Lmzilkx8KP%2FqSQ6Ox%2BIBxFbUxAoNnAFNetE7QMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cf-ray: 81d9e6e83d8d9bd6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
BLOB 200
OK 3c777dad-4eea-4086-b632-b8bd37cd9446
https://hayamix.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hayamix.com/3c777dad-4eea-4086-b632-b8bd37cd9446
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 106ms
31ms Script
text/javascript 2606:4700:10::6814:81f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:81f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 57789
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 81d9e6e7ade85c1a-FRA
content-length: 4547

GET
H2 200 %D8%AF%D8%B9%D8%A7%D8%A1-%D9%84%D8%A3%D9%87%D9%84-%D9%81%D9%84%D8%B3%D8%B7%D9%8A%D9%86-%D9%82%D8%B5%D9%8A%D8%B1-%D9%85%D9%83%D8%AA%D9%88%D8%A8-360x358.jpg
hayamix.com/wp-content/uploads/2023/10/ 38 KB
38 KB 58ms
42ms Image
image/jpeg 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/%D8%AF%D8%B9%D8%A7%D8%A1-%D9%84%D8%A3%D9%87%D9%84-%D9%81%D9%84%D8%B3%D8%B7%D9%8A%D9%86-%D9%82%D8%B5%D9%8A%D8%B1-%D9%85%D9%83%D8%AA%D9%88%D8%A8-360x358.jpg?v=1697532815
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: ac15297fc61b30297c7538ae2f1c2976b45388ab42dca34d0250242316fd96ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:25 GMT
cf-cache-status: HIT
age: 4869
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 39157
x-nginx-cache: WordPress
cf-bgj: h2pri
last-modified: Tue, 17 Oct 2023 08:53:35 GMT
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 81d9e6e75f58bb7a-FRA
expires: Mon, 30 Oct 2023 06:42:16 GMT

GET
H2 200 download-4-1.jpg
hayamix.com/wp-content/uploads/2023/10/ 7 KB
7 KB 62ms
46ms Image
image/jpeg 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/download-4-1.jpg?v=1696848379
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 48a192b936f3e3b9362759391003c88bcbd9adad3101e8a45b3f91862fe4e040

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:25 GMT
cf-cache-status: HIT
age: 4870
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 7161
x-nginx-cache: WordPress
cf-bgj: h2pri
last-modified: Mon, 09 Oct 2023 10:46:19 GMT
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 81d9e6e75f5abb7a-FRA
expires: Mon, 30 Oct 2023 06:42:15 GMT

GET
H2 200 download-1.png
hayamix.com/wp-content/uploads/2023/10/ 35 KB
35 KB 60ms
45ms Image
image/png 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/download-1.png?v=1696847723
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 3f79b15b5ce19ed10706bb70c715c56b2bb050ab477fd0b217208484946023db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:25 GMT
x-nginx-cache: WordPress
last-modified: Mon, 09 Oct 2023 10:35:23 GMT
server: cloudflare
cf-cache-status: HIT
age: 4870
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e75f5dbb7a-FRA
content-length: 35773
expires: Mon, 30 Oct 2023 06:42:15 GMT

GET
H2 200 download-3-2.jpg
hayamix.com/wp-content/uploads/2023/10/ 20 KB
20 KB 63ms
47ms Image
image/jpeg 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/download-3-2.jpg?v=1696847180
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 2e94a354042fc69b62c5ee4a2d581240bc79100d874c6ef42c64de406e83f156

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:25 GMT
cf-cache-status: HIT
age: 4870
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 20741
x-nginx-cache: WordPress
cf-bgj: h2pri
last-modified: Mon, 09 Oct 2023 10:26:20 GMT
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 81d9e6e75f5ebb7a-FRA
expires: Mon, 30 Oct 2023 06:42:15 GMT

GET
H2 200 download-2-2.jpg
hayamix.com/wp-content/uploads/2023/10/ 14 KB
14 KB 219ms
204ms Image
image/jpeg 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/download-2-2.jpg?v=1696846550
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 803a2534e98d9a332c7a23ed6bf9c202e9bf6c37f75de79ba9f54c891051dc1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
x-nginx-cache: WordPress
last-modified: Mon, 09 Oct 2023 10:15:50 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e75f60bb7a-FRA
content-length: 14638
expires: Mon, 30 Oct 2023 08:03:26 GMT

GET
H2 200 download-1-3.jpg
hayamix.com/wp-content/uploads/2023/10/ 10 KB
10 KB 220ms
205ms Image
image/jpeg 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/download-1-3.jpg?v=1696845996
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 278072f4f65d087983bd378634400dbfd5ebc5d8e3c03a8bc4f9c47e067546f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
x-nginx-cache: WordPress
last-modified: Mon, 09 Oct 2023 10:06:36 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e75f61bb7a-FRA
content-length: 10329
expires: Mon, 30 Oct 2023 08:03:26 GMT

GET
H2 200 MP_endo_liverpool_vs_machida_union-360x360.webp
hayamix.com/wp-content/uploads/2023/10/ 24 KB
24 KB 226ms
211ms Image
image/webp 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/MP_endo_liverpool_vs_machida_union-360x360.webp
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 4adc1c7d07631d732d6e14739cdbf5cdcdfae85aec38dc80a1b2e35d4bc84f19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
x-nginx-cache: WordPress
last-modified: Thu, 05 Oct 2023 08:59:03 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/webp
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e75f62bb7a-FRA
content-length: 24622
expires: Mon, 30 Oct 2023 08:03:26 GMT

GET
H2 200 images-5.jpg
hayamix.com/wp-content/uploads/2023/10/ 10 KB
10 KB 258ms
243ms Image
image/jpeg 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/images-5.jpg?v=1696495998
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: e810285c7adae72cc14f297960620cae623b8bb8f7df01c8c80f0b539cf3007e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
x-nginx-cache: WordPress
last-modified: Thu, 05 Oct 2023 08:53:18 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e75f64bb7a-FRA
content-length: 9969
expires: Mon, 30 Oct 2023 08:03:26 GMT

GET
H2 200 %D8%A7%D9%84%D8%A7%D8%B3%D8%AA%D8%B9%D9%84%D8%A7%D9%85-%D8%B9%D9%86-%D8%A7%D9%84%D8%B4%D9%87%D8%A7%D8%AF%D8%A9-%D8%A7%D9%84%D8%B5%D8%AD%D9%8A%D8%A9-%D8%A8%D8%B1%D9%82%D9%85-%D8%A7%D9%84%D9%87%D9%88...
hayamix.com/wp-content/uploads/2023/10/ 11 KB
11 KB 249ms
235ms Image
image/jpeg 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/%D8%A7%D9%84%D8%A7%D8%B3%D8%AA%D8%B9%D9%84%D8%A7%D9%85-%D8%B9%D9%86-%D8%A7%D9%84%D8%B4%D9%87%D8%A7%D8%AF%D8%A9-%D8%A7%D9%84%D8%B5%D8%AD%D9%8A%D8%A9-%D8%A8%D8%B1%D9%82%D9%85-%D8%A7%D9%84%D9%87%D9%88%D9%8A%D8%A9-360x360.jpg?v=1696494820
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: e170f66bc5df509ce08eb7341a2839cdadfd157b45f1e2384e6026de7877c571

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
x-nginx-cache: WordPress
last-modified: Thu, 05 Oct 2023 08:33:40 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e75f66bb7a-FRA
content-length: 11426
expires: Mon, 30 Oct 2023 08:03:26 GMT

GET
H2 200 download.png
hayamix.com/wp-content/uploads/2023/10/ 45 KB
45 KB 300ms
286ms Image
image/png 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/download.png?v=1696494687
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 4c3d89219f70b6a1fdea80ea89ce8a0ad80c2b73106b36747937f17e0a135d88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
x-nginx-cache: WordPress
last-modified: Thu, 05 Oct 2023 08:31:27 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e77f84bb7a-FRA
content-length: 45707
expires: Mon, 30 Oct 2023 08:03:26 GMT

GET
H2 200 download-9.jpg
hayamix.com/wp-content/uploads/2023/10/ 9 KB
9 KB 231ms
217ms Image
image/jpeg 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/download-9.jpg?v=1696494183
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 1b560b9ed7667764ca4ca77dc706ef6df9bfbabab7709e898e0812ee7b7afcb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
x-nginx-cache: WordPress
last-modified: Thu, 05 Oct 2023 08:23:03 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e77f86bb7a-FRA
content-length: 9594
expires: Mon, 30 Oct 2023 08:03:26 GMT

GET
H2 200 %D9%85%D9%86-%D8%AA%D8%B9%D8%A7%D8%B1-%D9%85%D9%86-%D8%A7%D9%84%D9%84%D9%8A%D9%84-%D8%AF%D8%B9%D8%A7%D8%A1-%D8%A7%D9%84%D8%AA%D8%B9%D8%A7%D8%B1-%D9%85%D9%86-%D8%A7%D9%84%D9%84%D9%8A%D9%84-360x360.jpg
hayamix.com/wp-content/uploads/2023/10/ 28 KB
28 KB 278ms
265ms Image
image/jpeg 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/%D9%85%D9%86-%D8%AA%D8%B9%D8%A7%D8%B1-%D9%85%D9%86-%D8%A7%D9%84%D9%84%D9%8A%D9%84-%D8%AF%D8%B9%D8%A7%D8%A1-%D8%A7%D9%84%D8%AA%D8%B9%D8%A7%D8%B1-%D9%85%D9%86-%D8%A7%D9%84%D9%84%D9%8A%D9%84-360x360.jpg?v=1696485454
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 592b708a380d1753e4e21a1cbca99eb6543aa8f8363f664a46b11e2b2a8c756e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
x-nginx-cache: WordPress
last-modified: Thu, 05 Oct 2023 05:57:34 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e77f88bb7a-FRA
content-length: 28871
expires: Mon, 30 Oct 2023 08:03:26 GMT

GET
H2 200 %D9%85%D8%A7%D8%B0%D8%A7-%D9%8A%D8%AD%D8%AF%D8%AB-%D9%81%D9%8A-%D9%85%D8%B7%D8%B1%D9%88%D8%AD-%D8%A7%D9%84%D8%A7%D9%86-360x360.jpg
hayamix.com/wp-content/uploads/2023/10/ 18 KB
18 KB 332ms
319ms Image
image/jpeg 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/%D9%85%D8%A7%D8%B0%D8%A7-%D9%8A%D8%AD%D8%AF%D8%AB-%D9%81%D9%8A-%D9%85%D8%B7%D8%B1%D9%88%D8%AD-%D8%A7%D9%84%D8%A7%D9%86-360x360.jpg?v=1696476333
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: fae7df6760f284dfa8cf06ecfa5e98b46042c68e52c1a0dafdfd4316c580ae83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
x-nginx-cache: WordPress
last-modified: Thu, 05 Oct 2023 03:25:33 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e77f8abb7a-FRA
content-length: 18103
expires: Mon, 30 Oct 2023 08:03:26 GMT

GET
H2 200 %D8%A7%D9%84%D9%81%D8%B1%D9%82-%D8%A8%D9%8A%D9%86-%D8%A7%D9%84%D8%A7%D8%AE%D8%AA%D8%B1%D8%A7%D9%82-%D8%A7%D9%84%D8%A3%D9%85%D9%86%D9%8A-%D9%88%D8%A7%D9%84%D9%87%D8%AC%D9%85%D8%A7%D8%AA-%D8%A7%D9%84...
hayamix.com/wp-content/uploads/2023/10/ 25 KB
25 KB 336ms
323ms Image
image/jpeg 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/%D8%A7%D9%84%D9%81%D8%B1%D9%82-%D8%A8%D9%8A%D9%86-%D8%A7%D9%84%D8%A7%D8%AE%D8%AA%D8%B1%D8%A7%D9%82-%D8%A7%D9%84%D8%A3%D9%85%D9%86%D9%8A-%D9%88%D8%A7%D9%84%D9%87%D8%AC%D9%85%D8%A7%D8%AA-%D8%A7%D9%84%D8%A5%D9%84%D9%83%D8%AA%D8%B1%D9%88%D9%86%D9%8A%D8%A9-360x360.jpg?v=1696454477
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 532001c91647680a9170fdf732faffeae9330ed9f8c4eae560775c384141402a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
x-nginx-cache: WordPress
last-modified: Wed, 04 Oct 2023 21:21:17 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e77f8bbb7a-FRA
content-length: 25978
expires: Mon, 30 Oct 2023 08:03:26 GMT

GET
H2 200 %D8%AA%D8%B1%D8%AF%D8%AF-%D9%82%D9%86%D8%A7%D8%A9-%D9%86%D8%A7%D8%B4%D9%8A%D9%88%D9%86%D8%A7%D9%84-%D8%AC%D9%8A%D9%88%D8%BA%D8%B1%D8%A7%D9%81%D9%8A%D9%83-National-Geographic-2023-%D8%B9%D9%84%D9%89...
hayamix.com/wp-content/uploads/2022/10/ 14 KB
14 KB 314ms
302ms Image
image/jpeg 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2022/10/%D8%AA%D8%B1%D8%AF%D8%AF-%D9%82%D9%86%D8%A7%D8%A9-%D9%86%D8%A7%D8%B4%D9%8A%D9%88%D9%86%D8%A7%D9%84-%D8%AC%D9%8A%D9%88%D8%BA%D8%B1%D8%A7%D9%81%D9%8A%D9%83-National-Geographic-2023-%D8%B9%D9%84%D9%89-%D8%AC%D9%85%D9%8A%D8%B9-%D8%A7%D9%84%D8%A3%D9%82%D9%85%D8%A7%D8%B1-%D8%A7%D9%84%D8%B5%D9%86%D8%A7%D8%B9%D9%8A%D8%A9-360x360.jpg?v=1696452945
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: dfa0b4811a1891004840b5dc8291ee197f69db5aed89d559c867ad0f9f046e23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
x-nginx-cache: WordPress
last-modified: Wed, 04 Oct 2023 20:55:45 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e77f8cbb7a-FRA
content-length: 14424
expires: Mon, 30 Oct 2023 08:03:26 GMT

GET
H2 200 %D9%83%D9%8A%D9%81%D9%8A%D8%A9-%D8%A7%D9%84%D8%AA%D8%B3%D8%AC%D9%8A%D9%84-%D9%81%D9%8A-%D8%A7%D9%84%D9%84%D9%88%D8%AA%D8%B1%D9%8A-%D8%A7%D9%84%D8%A3%D9%85%D8%B1%D9%8A%D9%83%D9%8A-.%D8%B4%D8%B1%D9%8...
hayamix.com/wp-content/uploads/2021/09/ 19 KB
20 KB 332ms
320ms Image
image/jpeg 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2021/09/%D9%83%D9%8A%D9%81%D9%8A%D8%A9-%D8%A7%D9%84%D8%AA%D8%B3%D8%AC%D9%8A%D9%84-%D9%81%D9%8A-%D8%A7%D9%84%D9%84%D9%88%D8%AA%D8%B1%D9%8A-%D8%A7%D9%84%D8%A3%D9%85%D8%B1%D9%8A%D9%83%D9%8A-.%D8%B4%D8%B1%D9%88%D8%B7-%D8%A7%D9%84%D8%AA%D8%B3%D8%AC%D9%8A%D9%84-%D9%81%D9%8A-%D8%A7%D9%84%D9%82%D8%B1%D8%B9%D8%A9-2023-360x360.jpg?v=1696437086
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: cc7fda04e809c97a626a735f9a44b494b2cb2ae0992886a9b005676f61a0482c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
x-nginx-cache: WordPress
last-modified: Wed, 04 Oct 2023 16:31:26 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e77f8ebb7a-FRA
content-length: 19785
expires: Mon, 30 Oct 2023 08:03:26 GMT

GET
H2 200 %D9%85%D9%88%D8%B9%D8%AF-%D8%A7%D9%84%D8%AA%D8%B3%D8%AC%D9%8A%D9%84-%D9%81%D9%8A-%D8%A7%D9%84%D9%82%D8%B1%D8%B9%D8%A9-%D8%A7%D9%84%D8%B9%D8%B4%D9%88%D8%A7%D8%A6%D9%8A%D8%A9.-%D8%AE%D8%B7%D9%88%D8%A...
hayamix.com/wp-content/uploads/2021/10/ 20 KB
20 KB 679ms
668ms Image
image/jpeg 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2021/10/%D9%85%D9%88%D8%B9%D8%AF-%D8%A7%D9%84%D8%AA%D8%B3%D8%AC%D9%8A%D9%84-%D9%81%D9%8A-%D8%A7%D9%84%D9%82%D8%B1%D8%B9%D8%A9-%D8%A7%D9%84%D8%B9%D8%B4%D9%88%D8%A7%D8%A6%D9%8A%D8%A9.-%D8%AE%D8%B7%D9%88%D8%A7%D8%AA-%D8%A7%D9%84%D8%AA%D9%82%D8%AF%D9%8A%D9%85-%D9%81%D9%8A-%D8%A7%D9%84%D9%84%D9%88%D8%AA%D8%B1%D9%8A-%D8%A7%D9%84%D8%A3%D9%85%D8%B1%D9%8A%D9%83%D9%8A-360x360.jpg?v=1696435187
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 8eacc47c5a14459f168cd9c0114c92c8b483633cd009eb9be0dd7dc5fed1505a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
x-nginx-cache: WordPress
last-modified: Wed, 04 Oct 2023 15:59:47 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e77f90bb7a-FRA
content-length: 20632
expires: Mon, 30 Oct 2023 08:03:26 GMT

GET
H2 200 %D8%A7%D9%84%D8%AA%D9%82%D8%AF%D9%8A%D9%85-%D9%81%D9%8A-%D8%A7%D9%84%D9%84%D9%88%D8%AA%D8%B1%D9%8A2024.jpg
hayamix.com/wp-content/uploads/2022/10/ 102 KB
102 KB 511ms
500ms Image
image/jpeg 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2022/10/%D8%A7%D9%84%D8%AA%D9%82%D8%AF%D9%8A%D9%85-%D9%81%D9%8A-%D8%A7%D9%84%D9%84%D9%88%D8%AA%D8%B1%D9%8A2024.jpg
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: c4fbe66aaeb9d93b93884701b5cb8835e6e003c0a12f81325aea0f721ff1cf45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
x-nginx-cache: WordPress
last-modified: Mon, 02 Oct 2023 10:11:08 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e77f91bb7a-FRA
content-length: 104076
expires: Mon, 30 Oct 2023 08:03:26 GMT

GET
H2 200 %D9%83%D9%84%D9%85%D8%A9-%D8%B9%D9%86-%D9%8A%D9%88%D9%85-%D8%A7%D9%84%D9%85%D8%B9%D9%84%D9%85-%D9%85%D9%82%D8%AF%D9%85%D8%A9-%D8%A5%D8%B0%D8%A7%D8%B9%D8%A9-%D8%B9%D9%86-%D9%8A%D9%88%D9%85-%D8%A7%D9...
hayamix.com/wp-content/uploads/2023/10/ 27 KB
27 KB 314ms
304ms Image
image/jpeg 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/%D9%83%D9%84%D9%85%D8%A9-%D8%B9%D9%86-%D9%8A%D9%88%D9%85-%D8%A7%D9%84%D9%85%D8%B9%D9%84%D9%85-%D9%85%D9%82%D8%AF%D9%85%D8%A9-%D8%A5%D8%B0%D8%A7%D8%B9%D8%A9-%D8%B9%D9%86-%D9%8A%D9%88%D9%85-%D8%A7%D9%84%D9%85%D8%B9%D9%84%D9%85-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%D9%8A-360x336.jpg?v=1696432311
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 78cae80e23b0905c19eb2cd455865fdebdf02eef45b500c2e932d93e2e8797be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
x-nginx-cache: WordPress
last-modified: Wed, 04 Oct 2023 15:11:51 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e77f94bb7a-FRA
content-length: 27540
expires: Mon, 30 Oct 2023 08:03:26 GMT

GET
H2 200 %D9%85%D9%86-%D9%87%D9%88-%D8%A7%D9%84%D9%85%D9%85%D8%AB%D9%84-%D9%87%D8%B4%D8%A7%D9%85-%D8%B9%D8%A8%D8%AF-%D8%A7%D9%84%D9%84%D9%87-%D8%B2%D9%88%D8%AC-%D8%A7%D9%84%D9%86%D8%A7%D8%B4%D8%B7%D8%A9-%D8...
hayamix.com/wp-content/uploads/2023/10/ 14 KB
14 KB 317ms
306ms Image
image/jpeg 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/%D9%85%D9%86-%D9%87%D9%88-%D8%A7%D9%84%D9%85%D9%85%D8%AB%D9%84-%D9%87%D8%B4%D8%A7%D9%85-%D8%B9%D8%A8%D8%AF-%D8%A7%D9%84%D9%84%D9%87-%D8%B2%D9%88%D8%AC-%D8%A7%D9%84%D9%86%D8%A7%D8%B4%D8%B7%D8%A9-%D8%A7%D9%84%D8%B3%D9%8A%D8%A7%D8%B3%D9%8A%D8%A9-%D8%BA%D8%A7%D8%AF%D8%A9-%D9%86%D8%AC%D9%8A%D8%A8-360x360.jpg?v=1696422145
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: b688686218e31f16ef1fb79bcda33086b741ed599d3c5221a8457cd4d0ba1ff0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
x-nginx-cache: WordPress
last-modified: Wed, 04 Oct 2023 12:22:25 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e77f96bb7a-FRA
content-length: 14213
expires: Mon, 30 Oct 2023 08:03:26 GMT

GET
H2 200 751-360x338.webp
hayamix.com/wp-content/uploads/2023/10/ 9 KB
9 KB 307ms
296ms Image
image/webp 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/751-360x338.webp
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: abe1559ad78d35ccaa5475daff1dc24fa2586e6ffd9853228e74b9c09e4de367

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
x-nginx-cache: WordPress
last-modified: Wed, 04 Oct 2023 10:49:06 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/webp
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e77f97bb7a-FRA
content-length: 9366
expires: Mon, 30 Oct 2023 08:03:26 GMT

GET
H2 200 download-8.jpg
hayamix.com/wp-content/uploads/2023/10/ 18 KB
18 KB 306ms
295ms Image
image/jpeg 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/download-8.jpg?v=1696415212
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 000db428843e05013dbee91711992d7965ba154ec84071cce778a801f6700c67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
x-nginx-cache: WordPress
last-modified: Wed, 04 Oct 2023 10:26:52 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e77f99bb7a-FRA
content-length: 18012
expires: Mon, 30 Oct 2023 08:03:26 GMT

GET
H2 200 download-7.jpg
hayamix.com/wp-content/uploads/2023/10/ 6 KB
7 KB 264ms
254ms Image
image/jpeg 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/download-7.jpg?v=1696414790
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 4de1c225aaae2a9c6db51c7275223fd7d8b2b5d0875da2a1feba43ebcab4ce92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
x-nginx-cache: WordPress
last-modified: Wed, 04 Oct 2023 10:19:50 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e77f9abb7a-FRA
content-length: 6606
expires: Mon, 30 Oct 2023 08:03:26 GMT

GET
H2 200 download-6.jpg
hayamix.com/wp-content/uploads/2023/10/ 13 KB
13 KB 660ms
650ms Image
image/jpeg 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/download-6.jpg?v=1696414569
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: cc797eb21846081edec317ea96736cefaee62411145577bcb1150f7b463bdbeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
x-nginx-cache: WordPress
last-modified: Wed, 04 Oct 2023 10:16:09 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e77f9cbb7a-FRA
content-length: 13470
expires: Mon, 30 Oct 2023 08:03:26 GMT

GET
H2 200 download-5.jpg
hayamix.com/wp-content/uploads/2023/10/ 11 KB
11 KB 315ms
305ms Image
image/jpeg 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/download-5.jpg?v=1696414293
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 0cc7854dafea07cab7907165035839f3b6c280de497ed681912da724779d2c10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
x-nginx-cache: WordPress
last-modified: Wed, 04 Oct 2023 10:11:33 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e77f9dbb7a-FRA
content-length: 11410
expires: Mon, 30 Oct 2023 08:03:26 GMT

GET
H2 200 %D8%AE%D8%AF%D9%85%D8%A9-%D8%A8%D8%AF%D9%84-%D8%AA%D8%B1%D8%AD%D9%8A%D9%84-%D9%81%D9%8A-%D9%86%D8%B8%D8%A7%D9%85-%D9%81%D8%A7%D8%B1%D8%B3-1445-360x251-1.webp
hayamix.com/wp-content/uploads/2023/10/ 3 KB
3 KB 319ms
309ms Image
image/webp 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/%D8%AE%D8%AF%D9%85%D8%A9-%D8%A8%D8%AF%D9%84-%D8%AA%D8%B1%D8%AD%D9%8A%D9%84-%D9%81%D9%8A-%D9%86%D8%B8%D8%A7%D9%85-%D9%81%D8%A7%D8%B1%D8%B3-1445-360x251-1.webp
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: b8adb506628a2366db9423750a866811ed5661c7123539abd88a7c2375af04a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
x-nginx-cache: WordPress
last-modified: Wed, 04 Oct 2023 10:04:53 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/webp
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e77f9fbb7a-FRA
content-length: 3222
expires: Mon, 30 Oct 2023 08:03:26 GMT

GET
H2 200 %D9%86%D8%B8%D8%A7%D9%85-%D9%81%D8%A7%D8%B1%D8%B3-%D8%AA%D8%B9%D8%B1%D9%8A%D9%81-%D8%A8%D8%A7%D9%84%D8%B1%D8%A7%D8%AA%D8%A8-%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF-1445-sshr.moe_.gov_.sa-%D8%A7%D9%84%...
hayamix.com/wp-content/uploads/2023/10/ 14 KB
14 KB 230ms
220ms Image
image/jpeg 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/%D9%86%D8%B8%D8%A7%D9%85-%D9%81%D8%A7%D8%B1%D8%B3-%D8%AA%D8%B9%D8%B1%D9%8A%D9%81-%D8%A8%D8%A7%D9%84%D8%B1%D8%A7%D8%AA%D8%A8-%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF-1445-sshr.moe_.gov_.sa-%D8%A7%D9%84%D8%AE%D8%AF%D9%85%D8%A9-%D8%A7%D9%84%D8%B0%D8%A7%D8%AA%D9%8A%D8%A9-360x360.jpg?v=1696413589
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: df332409e3397b049fcc1ccb16e6789d2371350ef494a38ebd695fdfc0f7841c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
x-nginx-cache: WordPress
last-modified: Wed, 04 Oct 2023 09:59:49 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e77fa0bb7a-FRA
content-length: 14192
expires: Mon, 30 Oct 2023 08:03:26 GMT

GET
H2 200 download-4.jpg
hayamix.com/wp-content/uploads/2023/10/ 14 KB
15 KB 316ms
307ms Image
image/jpeg 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/download-4.jpg?v=1696413493
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 0231a4a35d9eab0149b0d0a42026cec218ec7980057db6562b517baad31be5af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
x-nginx-cache: WordPress
last-modified: Wed, 04 Oct 2023 09:58:13 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e77fa2bb7a-FRA
content-length: 14776
expires: Mon, 30 Oct 2023 08:03:26 GMT

GET
H2 200 download-3-1.jpg
hayamix.com/wp-content/uploads/2023/10/ 10 KB
10 KB 291ms
282ms Image
image/jpeg 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/download-3-1.jpg?v=1696410775
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 0f6637b41a216b9c0f8c58f66ef8147fec1f6c83940b060c26172cf83ffdb436

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
x-nginx-cache: WordPress
last-modified: Wed, 04 Oct 2023 09:12:55 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e77fa3bb7a-FRA
content-length: 10119
expires: Mon, 30 Oct 2023 08:03:26 GMT

GET
H2 200 %D8%BA%D8%A7%D8%AF%D8%A9-%D9%86%D8%AC%D9%8A%D8%A8-360x360.jpg
hayamix.com/wp-content/uploads/2023/10/ 23 KB
23 KB 302ms
292ms Image
image/jpeg 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/%D8%BA%D8%A7%D8%AF%D8%A9-%D9%86%D8%AC%D9%8A%D8%A8-360x360.jpg?v=1696409027
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: f05ff05bcab29f7333d215c8c711ec65aa09aa402f5d798b46b5c8b727b58ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
x-nginx-cache: WordPress
last-modified: Wed, 04 Oct 2023 08:43:47 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e77fa5bb7a-FRA
content-length: 23042
expires: Mon, 30 Oct 2023 08:03:26 GMT

GET
H2 200 %D8%B3%D8%A8%D8%A8-%D8%A7%D9%84%D9%82%D8%A8%D8%B6-%D8%B9%D9%84%D9%8A-%D8%A8%D8%AF%D8%B1-%D8%A8%D9%86-%D8%B9%D8%A8%D8%AF%D8%A7%D9%84%D9%84%D9%87-360x360.jpg
hayamix.com/wp-content/uploads/2023/10/ 29 KB
29 KB 280ms
271ms Image
image/jpeg 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/%D8%B3%D8%A8%D8%A8-%D8%A7%D9%84%D9%82%D8%A8%D8%B6-%D8%B9%D9%84%D9%8A-%D8%A8%D8%AF%D8%B1-%D8%A8%D9%86-%D8%B9%D8%A8%D8%AF%D8%A7%D9%84%D9%84%D9%87-360x360.jpg?v=1696408506
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 3d4e92e13e127db5d26835a9ce4eee93761e58e0203aa48c35b65bc86c7307ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
x-nginx-cache: WordPress
last-modified: Wed, 04 Oct 2023 08:35:06 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e77fa6bb7a-FRA
content-length: 29992
expires: Mon, 30 Oct 2023 08:03:26 GMT

GET
H2 200 %D8%AA%D8%B1%D8%AF%D8%AF-%D9%82%D9%86%D9%88%D8%A7%D8%AA-%D8%A7%D9%84%D8%A3%D8%B7%D9%81%D8%A7%D9%84-%D8%B9%D9%84%D9%89-%D8%AC%D9%85%D9%8A%D8%B9-%D8%A7%D9%84%D8%A3%D9%82%D9%85%D8%A7%D8%B1-%D8%A7%D9%8...
hayamix.com/wp-content/uploads/2023/10/ 28 KB
28 KB 243ms
233ms Image
image/jpeg 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayamix.com/wp-content/uploads/2023/10/%D8%AA%D8%B1%D8%AF%D8%AF-%D9%82%D9%86%D9%88%D8%A7%D8%AA-%D8%A7%D9%84%D8%A3%D8%B7%D9%81%D8%A7%D9%84-%D8%B9%D9%84%D9%89-%D8%AC%D9%85%D9%8A%D8%B9-%D8%A7%D9%84%D8%A3%D9%82%D9%85%D8%A7%D8%B1-%D8%A7%D9%84%D8%B5%D9%86%D8%A7%D8%B9%D9%8A%D8%A9-360x360.jpg?v=1696408200
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 1467673dd0eb38b9c27e0f80806fac828438c66e3ad111f09db4d6a04084902f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
x-nginx-cache: WordPress
last-modified: Wed, 04 Oct 2023 08:30:00 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 81d9e6e77fa8bb7a-FRA
content-length: 28260
expires: Mon, 30 Oct 2023 08:03:26 GMT

GET
H2 200 Greta_Arabic_Regular.otf
hayamix.com/wp-content/themes/boxnews/assets/fonts/ 376 KB
102 KB 53ms
44ms Font
font/otf 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hayamix.com/wp-content/themes/boxnews/assets/fonts/Greta_Arabic_Regular.otf
Requested by: Host: hayamix.com
URL: https://hayamix.com/wp-content/themes/boxnews/style.css?ver=36.00
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 5d791ce5dac426e6f09e019b704a5bb8d7bba3da761c1a54d9c506760682ddc8

Request headers

Referer: https://hayamix.com/wp-content/themes/boxnews/style.css?ver=36.00
Origin: https://hayamix.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:25 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Mon, 02 Oct 2023 10:13:23 GMT
server: cloudflare
cf-cache-status: HIT
age: 4870
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: font/otf
cache-control: max-age=86400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray: 81d9e6e75f55bb7a-FRA
expires: Mon, 30 Oct 2023 06:42:15 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 78 KB
79 KB 82ms
43ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Origin: https://hayamix.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3771676
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 80300
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-139ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2ByGZ6YC3yM6EmqphsHy9J4NjxzP99TNtIQ5n3CqQ1n1ESQgWVIEzUoK%2FCJ9zx51SSeIVK8rf2W1TaxVzE4fvP%2FeKQfIQEFlqpwODcct8jMf02cKvyK29JWC5EOGammBotEXhqReUyxgwBWhA2lVDORZg"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81d9e6e79fd0bbdd-FRA
expires: Fri, 18 Oct 2024 08:03:26 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 114 B
249 B 349ms
114ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?3239351&@f16&@g1&@h1&@i1&@j1698566606051&@k0&@l1&@m%D8%A7%D9%84%D8%AD%D9%8A%D8%A7%D8%A9%20%D9%85%D9%83%D8%B3&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-112735133&@b3:1698566606&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fhayamix.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 85838e919557cbd4bf490dbe8bc20e79654b9507dd6b2c5034c0438fadd8be6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Sun, 29 Oct 2023 08:03:26 GMT
Connection: close
Content-Length: 114
Content-Type: text/html;charset=UTF-8

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/ 396 KB
134 KB 143ms
101ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9313502399336827&plah=hayamix.com&bust=31079247

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9313502399336827

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea112c1ece8849c04476af104f88caa59db145b37b50d2d60668e1c80b5c9eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137531
x-xss-protection: 0
server: cafe
etag: 5075598225200003601
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 08:03:26 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/ Frame 81DD 10 KB
5 KB 74ms
20ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9313502399336827

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hayamix.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 67902
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 13:11:44 GMT
etag: 4569948109300706969
expires: Sat, 11 Nov 2023 13:11:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 wp-emoji-release.min.js Show response
hayamix.com/wp-includes/js/ 18 KB
5 KB 36ms
35ms Script
application/javascript 66.235.200.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hayamix.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2
Requested by: Host: hayamix.com
URL: https://hayamix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4870
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 5344
x-nginx-cache: WordPress
last-modified: Mon, 02 Oct 2023 10:13:22 GMT
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 81d9e6ea8b3bbb7a-FRA
expires: Mon, 30 Oct 2023 06:42:16 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
463 B 29ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=hayamix.com&callback=_gfp_s_&client=ca-pub-9313502399336827

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9313502399336827&plah=hayamix.com&bust=31079247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74afb570c39a56918e583f754f3578804889cd9d0255f33db957d7fb503fe57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 04E0 311 KB
78 KB 1011ms
1009ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9313502399336827&output=html&adk=1812271804&adf=3025194257&lmt=1698525237&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fhayamix.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698566606137&bpp=4&bdt=272&idt=361&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=110782429223&frm=20&pv=2&ga_vid=831320395.1698566607&ga_sid=1698566607&ga_hid=1910659718&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079087%2C44805934%2C44806738%2C31078301%2C31079247%2C44806255&oid=2&pvsid=1825073074502368&tmod=968270166&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=401

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be7d912e0d2a1674d372b0c062fa6d42d521707b7ea03790a291f5f20f429862

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hayamix.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 79903
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 08:03:27 GMT
expires: Sun, 29 Oct 2023 08:03:27 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B3C7 125 KB
42 KB 560ms
560ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9313502399336827&output=html&h=280&slotname=7268117941&adk=113027812&adf=2717762101&pi=t.ma~as.7268117941&w=1200&fwrn=4&fwrnh=100&lmt=1698525237&rafmt=1&format=1200x280&url=https%3A%2F%2Fhayamix.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698566606141&bpp=3&bdt=276&idt=401&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=110782429223&frm=20&pv=1&ga_vid=831320395.1698566607&ga_sid=1698566607&ga_hid=1910659718&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079087%2C44805934%2C44806738%2C31078301%2C31079247%2C44806255&oid=2&pvsid=1825073074502368&tmod=968270166&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mhlt7w8DBC&p=https%3A//hayamix.com&dtd=406

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e0f8a2d6b1f26b0f612be1c020ba44cb6fbadcff5709fd0dd9a44ef56cab099

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hayamix.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43041
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 08:03:27 GMT
expires: Sun, 29 Oct 2023 08:03:27 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EC35 35 KB
14 KB 340ms
340ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9313502399336827&output=html&h=280&slotname=7268117941&adk=113027812&adf=2113917864&pi=t.ma~as.7268117941&w=1200&fwrn=4&fwrnh=100&lmt=1698525237&rafmt=1&format=1200x280&url=https%3A%2F%2Fhayamix.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698566606144&bpp=1&bdt=280&idt=410&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=110782429223&frm=20&pv=1&ga_vid=831320395.1698566607&ga_sid=1698566607&ga_hid=1910659718&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079087%2C44805934%2C44806738%2C31078301%2C31079247%2C44806255&oid=2&pvsid=1825073074502368&tmod=968270166&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=VAyqg2Yu8N&p=https%3A//hayamix.com&dtd=413

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0aabd5081b6e6c37d719e674b709dfbc3f6227d6fa06201429bfeb66122e66cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hayamix.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14539
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 08:03:26 GMT
expires: Sun, 29 Oct 2023 08:03:26 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame EC35 3 KB
2 KB 68ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9313502399336827&output=html&h=280&slotname=7268117941&adk=113027812&adf=2113917864&pi=t.ma~as.7268117941&w=1200&fwrn=4&fwrnh=100&lmt=1698525237&rafmt=1&format=1200x280&url=https%3A%2F%2Fhayamix.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698566606144&bpp=1&bdt=280&idt=410&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=110782429223&frm=20&pv=1&ga_vid=831320395.1698566607&ga_sid=1698566607&ga_hid=1910659718&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079087%2C44805934%2C44806738%2C31078301%2C31079247%2C44806255&oid=2&pvsid=1825073074502368&tmod=968270166&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=VAyqg2Yu8N&p=https%3A//hayamix.com&dtd=413

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 21:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 21:42:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame EC35 20 KB
8 KB 69ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 02:48:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18883
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 02:48:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EC35 187 KB
59 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Oct 2023 08:03:26 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 4C8E 153 KB
51 KB 174ms
95ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZT4RzgAI3ckI9lXzAAJU4VBvYgi7mvHUCokngQ&u=%7CaDUaw8pFRjVHb3Dj3DxW%2BhXoESpDT93bxzZnaFDKZUs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC860ZOzfSbC2FE70O6M26IJB0KXIRX9kUASnoTNDeqkkbIOZgHp-EK6HFGJwew_Wuo5JxFQm3UoyWi0D82rLsCWS6yxBpP7392wc0CdBaKpcOPH6VhI-ZhlA_U2hGCC4FYth8nk2qxqNGNlYYeOAQ_pER-mvHqs6FfCVmLjWXod_wLhNTqOkqybq5Z465P8aaW_ZVm3qAXDKjdnyu2ZUX63Cxobol4zZuopAyOtJsZwrbDDpjG9lmBmyGpFZVkvaXUP9f-zkvUeg9cK7CIA80CFbcClxIq_BTzOkYNHLZ3QmWZx-GyketqjOWDHvsMzOg4a8xQiyp-j2XXmC91Ef_h5A13lZAe9Vbodx_DIyDTzpoIX3aj7gOql8WFRT5zGyOocLU1JMJn8rrMipd0uNAzvswIUh42LlYzRiGziMjfClhX04RAi1wo4I8o0EUd1TqswnyGbnFB12w2GY9inkzFcL7KhPbxxQhJBNWlar2q6Lg0bqUOg957l3z1B8_FR_9kxHpqDglzwD3lLoFrFhtOeIgxoWsJNg59mk1-PySgtw6yGyBDxo6EC7E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo9tkzhE-Zcm7I_Or2fcP4amJyAjJntKxXMWMi-CaAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05MzEzNTAyMzk5MzM2ODI3yAEJqQK00IIZf7mxPqgDAcgDAqoE6QFP0KIarp5esYtm15i6Gbv2yO6IFrJ_Tc62chm-3NjMUjyGHLw6eC1ngeCVPjjnRw_sW9i7WUwlTCBvGJDYxvJRnKdb2vaz842Owz7AGFvDBA6-NlyAygOSmQBJVxk-P97q2JewoEFngNTEU5H2IfMittmX4EHytCwY8CJzB8ox2OZ1FzSRShjC6QF5pSFotQBDvRrti6ugbuJC6gWwhrLhIdnNekgxNHPIYFFYogDnhsbC6gjF9sQTV86AL8WfVgWRw92foqH5sIXPlU_6af0x-mrxrknep8dg7-NyNITo-mKo01RC7FzC44AGtsqS35-o2p6WAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2QHKVsEVLIm-DwC6J5vDvq2-eIUg%26client%3Dca-pub-9313502399336827%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6798bb594f931dc5399ef1f4d05717de572783a687b175212dcfa81e96d45c8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 08:03:26 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=SuGVdQLUUJx3hkaEHcaGFSbuFA5mLRHgLMFelod7Hnex-nSYJj2kfu_k6ww6G0GmlW8n2sdBCd_s79v45mLB1Vl3Ils2aGrYNaPQHIwqrGq7iW7O6xg12oAINCzUj_ieBdeo1g_grLT_55W_F6Fu9d2pbc64dUvlLK3pICI5QARVhbx4ir2sruJ0z65WiMTyO-MVKbZ8xA1PwPKWIpe9_sfizniXUEQgLyKcON0FGX8k5x2vDhoK_REUvSyfhPv4nT6SuQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 52434991
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame EC35 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7cf470403439a36cef117ce3461eb3f7a5b873d1ad70d0ee3e75db1fc4da675b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EC35 0
23 B 69ms
68ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CbM5uzhE-Zcm7I_Or2fcP4amJyAjJntKxXMWMi-CaAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05MzEzNTAyMzk5MzM2ODI3yAEJqQK00IIZf7mxPqgDAcgDAqoE5gFP0KIarp5esYtm15i6Gbv2yO6IFrJ_Tc62chm-3NjMUjyGHLw6eC1ngeCVPjjnRw_sW9i7WUwlTCBvGJDYxvJRnKdb2vaz842Owz7AGFvDBA6-NlyAygOSmQBJVxk-P97q2JewoEFngNTEU5H2IfMittmX4EHytCwY8CJzB8ox2OZ1FzSRShjC6QF5pSFotQBDvRrti6ugbuJC6gWwhrLhIdnNekgxNHPIYFFYogDnhsbC6gjF9sQTV86AL8WfVgXTwfwNIjIpjSMfspV2SRSV9E37GEPwv0XUJ97Uxjv21nowGcBiBYAGtsqS35-o2p6WAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05MzEzNTAyMzk5MzM2ODI3GAA&sigh=yj-zZKam0oA&uach_m=[UACH]&cid=CAQSSwDICaaNeTyinBONzuLFj7GayM_Shx8522DJa9bWK4H85BwzP_6M6WxvlkG0_hrsxYphLPVoVams0QHojcUDnn_Pi_ip52UJ4VvBaRgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9313502399336827&output=html&h=280&slotname=7268117941&adk=113027812&adf=2113917864&pi=t.ma~as.7268117941&w=1200&fwrn=4&fwrnh=100&lmt=1698525237&rafmt=1&format=1200x280&url=https%3A%2F%2Fhayamix.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698566606144&bpp=1&bdt=280&idt=410&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=110782429223&frm=20&pv=1&ga_vid=831320395.1698566607&ga_sid=1698566607&ga_hid=1910659718&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079087%2C44805934%2C44806738%2C31078301%2C31079247%2C44806255&oid=2&pvsid=1825073074502368&tmod=968270166&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=VAyqg2Yu8N&p=https%3A//hayamix.com&dtd=413
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 29 Oct 2023 08:03:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Oct 2023 08:03:27 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame EC35 0
126 B 122ms
35ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kMHZGMz6RLAJmAKdg2ICAgAAAOIHHExvtQAeEM0RPmU1WNEHTbMWqRS-AAASAAAKCkFRVUJBUUVCQVE&wp=ZT4RzgAI3ckI9lXzAAJU4VBvYgi7mvHUCokngQ&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 156062
server: Kestrel
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 4C8E 2 KB
1 KB 142ms
69ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZT4RzgAI3ckI9lXzAAJU4VBvYgi7mvHUCokngQ&u=%7CaDUaw8pFRjVHb3Dj3DxW%2BhXoESpDT93bxzZnaFDKZUs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC860ZOzfSbC2FE70O6M26IJB0KXIRX9kUASnoTNDeqkkbIOZgHp-EK6HFGJwew_Wuo5JxFQm3UoyWi0D82rLsCWS6yxBpP7392wc0CdBaKpcOPH6VhI-ZhlA_U2hGCC4FYth8nk2qxqNGNlYYeOAQ_pER-mvHqs6FfCVmLjWXod_wLhNTqOkqybq5Z465P8aaW_ZVm3qAXDKjdnyu2ZUX63Cxobol4zZuopAyOtJsZwrbDDpjG9lmBmyGpFZVkvaXUP9f-zkvUeg9cK7CIA80CFbcClxIq_BTzOkYNHLZ3QmWZx-GyketqjOWDHvsMzOg4a8xQiyp-j2XXmC91Ef_h5A13lZAe9Vbodx_DIyDTzpoIX3aj7gOql8WFRT5zGyOocLU1JMJn8rrMipd0uNAzvswIUh42LlYzRiGziMjfClhX04RAi1wo4I8o0EUd1TqswnyGbnFB12w2GY9inkzFcL7KhPbxxQhJBNWlar2q6Lg0bqUOg957l3z1B8_FR_9kxHpqDglzwD3lLoFrFhtOeIgxoWsJNg59mk1-PySgtw6yGyBDxo6EC7E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo9tkzhE-Zcm7I_Or2fcP4amJyAjJntKxXMWMi-CaAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05MzEzNTAyMzk5MzM2ODI3yAEJqQK00IIZf7mxPqgDAcgDAqoE6QFP0KIarp5esYtm15i6Gbv2yO6IFrJ_Tc62chm-3NjMUjyGHLw6eC1ngeCVPjjnRw_sW9i7WUwlTCBvGJDYxvJRnKdb2vaz842Owz7AGFvDBA6-NlyAygOSmQBJVxk-P97q2JewoEFngNTEU5H2IfMittmX4EHytCwY8CJzB8ox2OZ1FzSRShjC6QF5pSFotQBDvRrti6ugbuJC6gWwhrLhIdnNekgxNHPIYFFYogDnhsbC6gjF9sQTV86AL8WfVgWRw92foqH5sIXPlU_6af0x-mrxrknep8dg7-NyNITo-mKo01RC7FzC44AGtsqS35-o2p6WAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2QHKVsEVLIm-DwC6J5vDvq2-eIUg%26client%3Dca-pub-9313502399336827%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 23 Oct 2024 08:03:27 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4C8E 2 KB
1 KB 109ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 23 Oct 2024 08:03:27 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 4C8E 308 B
637 B 99ms
35ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 23 Oct 2024 08:03:27 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 4C8E 293 B
621 B 133ms
69ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 23 Oct 2024 08:03:27 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 4C8E 43 B
348 B 88ms
26ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=PGMsGrJJ1NWGcSKhkbfRcEAoML1ZHPiM_EQL3cFw4HXJNH6UunvtLcFaTV82xviYt3MobErt5JQl8xQgbDxTV0K2N-XY8kMVFLWqBWY4p4Zk-k1yZcFjZXccI0yjf-LRzBH_k_ouhoHW8mdtF3oElaEQzcIJJM9ysFy3uy7OdwXZbwCTH2ZMUHbN-_Fv_ZX0FoyRZsLp6fEgAzI3gC4Vn6nxKQ-FZksLbEp0qqIFJ8SOQwf-RkSBw3YNIUnjQ8rHpahr4akecRIfhLA3Briw0tbgsW3XNUgy-obKHn_-5Iw-3WnELTW0RyzRaIMzTi9nL_LWh1d46NKR6FmoaR1XMZA1Y7mgDzgiXvXHqxOgRxQPJbdLKnGGis2jX8pewYNYeej219D4utiEALMdWkv2OSAqg9ExOM-6ZErnmS_AVELAZX1jNmWNNZlVZPdvfb4CjxHinA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 08:03:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1681115
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B3C7 4 KB
1 KB 88ms
38ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9313502399336827&output=html&h=280&slotname=7268117941&adk=113027812&adf=2717762101&pi=t.ma~as.7268117941&w=1200&fwrn=4&fwrnh=100&lmt=1698525237&rafmt=1&format=1200x280&url=https%3A%2F%2Fhayamix.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698566606141&bpp=3&bdt=276&idt=401&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=110782429223&frm=20&pv=1&ga_vid=831320395.1698566607&ga_sid=1698566607&ga_hid=1910659718&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079087%2C44805934%2C44806738%2C31078301%2C31079247%2C44806255&oid=2&pvsid=1825073074502368&tmod=968270166&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mhlt7w8DBC&p=https%3A//hayamix.com&dtd=406

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Oct 2023 08:03:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 29 Oct 2023 08:01:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 29 Oct 2023 08:03:27 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame B3C7 2 KB
907 B 24ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9313502399336827&output=html&h=280&slotname=7268117941&adk=113027812&adf=2717762101&pi=t.ma~as.7268117941&w=1200&fwrn=4&fwrnh=100&lmt=1698525237&rafmt=1&format=1200x280&url=https%3A%2F%2Fhayamix.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698566606141&bpp=3&bdt=276&idt=401&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=110782429223&frm=20&pv=1&ga_vid=831320395.1698566607&ga_sid=1698566607&ga_hid=1910659718&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079087%2C44805934%2C44806738%2C31078301%2C31079247%2C44806255&oid=2&pvsid=1825073074502368&tmod=968270166&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mhlt7w8DBC&p=https%3A//hayamix.com&dtd=406

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 16:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 16:14:43 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/ Frame B3C7 23 KB
9 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9313502399336827&output=html&h=280&slotname=7268117941&adk=113027812&adf=2717762101&pi=t.ma~as.7268117941&w=1200&fwrn=4&fwrnh=100&lmt=1698525237&rafmt=1&format=1200x280&url=https%3A%2F%2Fhayamix.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698566606141&bpp=3&bdt=276&idt=401&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=110782429223&frm=20&pv=1&ga_vid=831320395.1698566607&ga_sid=1698566607&ga_hid=1910659718&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079087%2C44805934%2C44806738%2C31078301%2C31079247%2C44806255&oid=2&pvsid=1825073074502368&tmod=968270166&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mhlt7w8DBC&p=https%3A//hayamix.com&dtd=406

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 02:59:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 02:59:42 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame B3C7 3 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9313502399336827&output=html&h=280&slotname=7268117941&adk=113027812&adf=2717762101&pi=t.ma~as.7268117941&w=1200&fwrn=4&fwrnh=100&lmt=1698525237&rafmt=1&format=1200x280&url=https%3A%2F%2Fhayamix.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698566606141&bpp=3&bdt=276&idt=401&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=110782429223&frm=20&pv=1&ga_vid=831320395.1698566607&ga_sid=1698566607&ga_hid=1910659718&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079087%2C44805934%2C44806738%2C31078301%2C31079247%2C44806255&oid=2&pvsid=1825073074502368&tmod=968270166&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mhlt7w8DBC&p=https%3A//hayamix.com&dtd=406

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 21:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 21:42:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame B3C7 20 KB
8 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9313502399336827&output=html&h=280&slotname=7268117941&adk=113027812&adf=2717762101&pi=t.ma~as.7268117941&w=1200&fwrn=4&fwrnh=100&lmt=1698525237&rafmt=1&format=1200x280&url=https%3A%2F%2Fhayamix.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698566606141&bpp=3&bdt=276&idt=401&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=110782429223&frm=20&pv=1&ga_vid=831320395.1698566607&ga_sid=1698566607&ga_hid=1910659718&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079087%2C44805934%2C44806738%2C31078301%2C31079247%2C44806255&oid=2&pvsid=1825073074502368&tmod=968270166&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mhlt7w8DBC&p=https%3A//hayamix.com&dtd=406

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 02:48:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 02:48:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B3C7 187 KB
59 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9313502399336827&output=html&h=280&slotname=7268117941&adk=113027812&adf=2717762101&pi=t.ma~as.7268117941&w=1200&fwrn=4&fwrnh=100&lmt=1698525237&rafmt=1&format=1200x280&url=https%3A%2F%2Fhayamix.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698566606141&bpp=3&bdt=276&idt=401&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=110782429223&frm=20&pv=1&ga_vid=831320395.1698566607&ga_sid=1698566607&ga_hid=1910659718&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079087%2C44805934%2C44806738%2C31078301%2C31079247%2C44806255&oid=2&pvsid=1825073074502368&tmod=968270166&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mhlt7w8DBC&p=https%3A//hayamix.com&dtd=406

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Oct 2023 08:03:27 GMT

GET
H2 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame B3C7 36 KB
15 KB 66ms
18ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9313502399336827&output=html&h=280&slotname=7268117941&adk=113027812&adf=2717762101&pi=t.ma~as.7268117941&w=1200&fwrn=4&fwrnh=100&lmt=1698525237&rafmt=1&format=1200x280&url=https%3A%2F%2Fhayamix.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698566606141&bpp=3&bdt=276&idt=401&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=110782429223&frm=20&pv=1&ga_vid=831320395.1698566607&ga_sid=1698566607&ga_hid=1910659718&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079087%2C44805934%2C44806738%2C31078301%2C31079247%2C44806255&oid=2&pvsid=1825073074502368&tmod=968270166&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mhlt7w8DBC&p=https%3A//hayamix.com&dtd=406

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 17:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 399554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 16:29:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 17:04:13 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/6752767269488539624/ Frame B3C7 22 KB
23 KB 20ms
19ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6752767269488539624/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9313502399336827&output=html&h=280&slotname=7268117941&adk=113027812&adf=2717762101&pi=t.ma~as.7268117941&w=1200&fwrn=4&fwrnh=100&lmt=1698525237&rafmt=1&format=1200x280&url=https%3A%2F%2Fhayamix.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698566606141&bpp=3&bdt=276&idt=401&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=110782429223&frm=20&pv=1&ga_vid=831320395.1698566607&ga_sid=1698566607&ga_hid=1910659718&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079087%2C44805934%2C44806738%2C31078301%2C31079247%2C44806255&oid=2&pvsid=1825073074502368&tmod=968270166&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mhlt7w8DBC&p=https%3A//hayamix.com&dtd=406

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6288c50da49ba7de10dda65367b9e8577254da8bbb3c3485afd3bf938d2621bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 08:30:44 GMT
x-content-type-options: nosniff
age: 171163
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22895
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 04:35:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Oct 2024 08:30:44 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5810142944152785512/ Frame B3C7 2 KB
2 KB 28ms
27ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5810142944152785512/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9313502399336827&output=html&h=280&slotname=7268117941&adk=113027812&adf=2717762101&pi=t.ma~as.7268117941&w=1200&fwrn=4&fwrnh=100&lmt=1698525237&rafmt=1&format=1200x280&url=https%3A%2F%2Fhayamix.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698566606141&bpp=3&bdt=276&idt=401&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=110782429223&frm=20&pv=1&ga_vid=831320395.1698566607&ga_sid=1698566607&ga_hid=1910659718&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079087%2C44805934%2C44806738%2C31078301%2C31079247%2C44806255&oid=2&pvsid=1825073074502368&tmod=968270166&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mhlt7w8DBC&p=https%3A//hayamix.com&dtd=406

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dd4dc4f92441144c9d238555167d3488e4dc91094385629265a3436e72c80f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 07:27:03 GMT
x-content-type-options: nosniff
age: 434184
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2323
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 13:49:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 23 Oct 2024 07:27:03 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 4C8E 12 KB
6 KB 65ms
40ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 23 Oct 2024 08:03:27 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4C8E 3 KB
3 KB 223ms
145ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F9292%2F5048761%2Fa3f0898f86f64789bbd23c4401ec4120_kare-spassamwohnen-2020-clean-rgb.jpg&v=3&w=196&rid=4&s=AjH38EGiN5jxfqYIvDFkKu-i

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7954fe9614832a5c8356adb849ba452f10b14a1a7b84daa41aaca52207b04a84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3078
expires: Fri, 18 Oct 2024 12:21:21 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4C8E 28 KB
28 KB 206ms
128ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F9292%2F5048761%2F21393a45d2d04d6bbea2d1b316744f92_2023-09-native-ads-strong-man-640x360px.jpg&v=3&w=1200&rid=4&s=wGcMqd2HLx53ehIzq9jTzNfd

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

62ade288f2abf7a6aa32dd1342efedc3ae89cd69a61d55011e3ef07881bfcad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 28872
expires: Fri, 18 Oct 2024 12:21:30 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4C8E 11 KB
11 KB 197ms
119ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2F4ac45bfb288e37e9a2ee03853f99686a10e9253c.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=800&rid=4&s=93bwPaSp7iu8ubRWWHCfqIie&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9965d3f19ed45b672387e13c2077c670494feac6a8ad45170bada5bb732f1282

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 11130
expires: Fri, 04 Oct 2024 12:37:34 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4C8E 46 KB
46 KB 218ms
140ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2Ffb3c6521a2f2363dbee02d5c67b1049c48c25e52.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=800&rid=4&s=3lfh2AvOeTr-8bWNCVCMv3Gz&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

402898e83e739ae075e5394535bd812615d120b22193d0729ff6ae9288d0fbe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 46770
expires: Wed, 02 Oct 2024 08:25:20 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4C8E 81 KB
81 KB 143ms
65ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2F71b65d730aaaf408e626e32814b3dc46abb45166.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=800&rid=4&s=7TD_A3isgR1VcE5jAnyGlTga&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c54afa62a5e52b41d094941b5d467ebe04bd7262fec127940f1bb23931b5aa2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 83040
expires: Wed, 02 Oct 2024 09:46:06 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 4C8E 0
128 B 140ms
41ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=SuGVdQLUUJx3hkaEHcaGFSbuFA5mLRHgLMFelod7Hnex-nSYJj2kfu_k6ww6G0GmlW8n2sdBCd_s79v45mLB1Vl3Ils2aGrYNaPQHIwqrGq7iW7O6xg12oAINCzUj_ieBdeo1g_grLT_55W_F6Fu9d2pbc64dUvlLK3pICI5QARVhbx4ir2sruJ0z65WiMTyO-MVKbZ8xA1PwPKWIpe9_sfizniXUEQgLyKcON0FGX8k5x2vDhoK_REUvSyfhPv4nT6SuQ&sds=2&rev=89054&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 29 Oct 2023 08:03:26 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4C8E 2 KB
1 KB 45ms
41ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 23 Oct 2024 08:03:27 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 4C8E 2 KB
1 KB 46ms
46ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 23 Oct 2024 08:03:27 GMT

GET
DATA 200
OK truncated
/ Frame B3C7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83559c1aaf529c0bacec96825d893534efba13dbf4b4a5d579095aa93556d93f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B3C7 16 KB
16 KB 67ms
19ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:18:02 GMT
x-content-type-options: nosniff
age: 146725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 15:18:02 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B3C7 15 KB
15 KB 70ms
24ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 186995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 04:06:52 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B3C7
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CjaX8zhE-ZcWVI8zbzQbLl4aoAo3-_LRy97yi-uUR3NkeEAEg9pvBgAFglYKAgLAHoAGOwKTnAsgBCakCtNCCGX-5sT6oAwHIA8sEqgTzAU_Qyp-KIcOFeNzrB-okBwZkAme8oqtAnFd5PbI...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226035845929047822836%22,%22debug_reporting%22:true,%22destination%22:%22https://signal-iduna.de%22,%22event_report_window%2...

0
0

97ms
54ms

Fetch
text/css

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226035845929047822836%22,%22debug_reporting%22:true,%22destination%22:%22https://signal-iduna.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22753475598%22],%224%22:[%2210-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225201290869046762433%22}&andc=true

Requested by

Host: hayamix.com
URL: https://hayamix.com/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:27 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"6035845929047822836","debug_reporting":true,"destination":"https://signal-iduna.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["753475598"],"4":["10-29"],"6":["true"]},"priority":"500","source_event_id":"5201290869046762433"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Oct 2023 08:03:27 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 29 Oct 2023 08:03:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"6035845929047822836","debug_reporting":true,"destination":"https://signal-iduna.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["753475598"],"4":["10-29"],"6":["true"]},"priority":"500","source_event_id":"5201290869046762433"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 9qemsZs9kbLqAx5V3XgDphQAvLyKuqTQONNcKdPC_g4.js Show response
pagead2.googlesyndication.com/bg/ Frame 8F48 38 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9qemsZs9kbLqAx5V3XgDphQAvLyKuqTQONNcKdPC_g4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9313502399336827&output=html&h=280&slotname=7268117941&adk=113027812&adf=2717762101&pi=t.ma~as.7268117941&w=1200&fwrn=4&fwrnh=100&lmt=1698525237&rafmt=1&format=1200x280&url=https%3A%2F%2Fhayamix.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698566606141&bpp=3&bdt=276&idt=401&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=110782429223&frm=20&pv=1&ga_vid=831320395.1698566607&ga_sid=1698566607&ga_hid=1910659718&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079087%2C44805934%2C44806738%2C31078301%2C31079247%2C44806255&oid=2&pvsid=1825073074502368&tmod=968270166&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mhlt7w8DBC&p=https%3A//hayamix.com&dtd=406

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6a7a6b19b3d91b2ea031e55dd7803a61400bcbc8abaa4d038d35c29d3c2fe0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:18:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 139481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15015
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Oct 2024 17:18:46 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 103ms
55ms Preflight
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 29 Oct 2023 08:03:27 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 04E0 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=39&version=r20231025&sample=0.01

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9313502399336827&output=html&adk=1812271804&adf=3025194257&lmt=1698525237&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fhayamix.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698566606137&bpp=4&bdt=272&idt=361&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=110782429223&frm=20&pv=2&ga_vid=831320395.1698566607&ga_sid=1698566607&ga_hid=1910659718&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079087%2C44805934%2C44806738%2C31078301%2C31079247%2C44806255&oid=2&pvsid=1825073074502368&tmod=968270166&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=401

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 08:03:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/ 159 KB
54 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/reactive_library_fy2021.js?bust=31079247

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4ce6c88ffe8dc2551a9bfa26ca5d80803d26d6eb873bb7ed53a49a546dbe78d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55373
x-xss-protection: 0
server: cafe
etag: 4113149488765049038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 08:03:27 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/ Frame 4588 10 KB
4 KB 19ms
19ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hayamix.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 45192
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 19:30:15 GMT
etag: 4569948109300706969
expires: Sat, 11 Nov 2023 19:30:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/ Frame 1483 10 KB
4 KB 19ms
18ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hayamix.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 45192
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 19:30:15 GMT
etag: 4569948109300706969
expires: Sat, 11 Nov 2023 19:30:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 4588 4 KB
744 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Oct 2023 08:03:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 29 Oct 2023 06:59:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 29 Oct 2023 08:03:27 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4588 205 B
519 B 19ms
18ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 02:28:25 GMT
x-content-type-options: nosniff
age: 192902
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 26 Oct 2024 02:28:25 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4588 604 B
696 B 19ms
18ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 11:17:16 GMT
x-content-type-options: nosniff
age: 247571
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 25 Oct 2024 11:17:16 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/ Frame 4588 15 KB
7 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25bb559beb57a681fbcd6b749ea0c17ecf3939efc5127ac756520f819f0c8f9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 16:32:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6638
x-xss-protection: 0
server: cafe
etag: 5714928435844906340
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 16:32:55 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/ Frame 4588 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 16:20:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56558
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8598
x-xss-protection: 0
server: cafe
etag: 10300645532664441910
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 16:20:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/ Frame 1483 23 KB
9 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 02:59:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 02:59:42 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CDC9 143 B
166 B 21ms
20ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3204
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 07:10:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 1483 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 21:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 21:42:34 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 1483 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 02:48:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 02:48:43 GMT

GET
H3 200 13467714179648702833
tpc.googlesyndication.com/simgad/ Frame 1483 37 KB
37 KB 23ms
22ms Image
image/gif 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13467714179648702833

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78cc8103f625e5a42dd03d0dc5973eae18322b7b260440a71fc6d83cb6fd5d02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 08:45:59 GMT
x-content-type-options: nosniff
age: 256648
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37761
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 13:13:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 25 Oct 2024 08:45:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1483 187 KB
59 KB 34ms
31ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Oct 2023 08:03:27 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 1483 35 KB
14 KB 33ms
28ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

725dad3eb33d87fb72bac214bb1b69459441528260933eaeaf48b0f2caea0c60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 16:21:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56509
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14461
x-xss-protection: 0
server: cafe
etag: 11281912579417060447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 16:21:38 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2EA6 14 KB
1 KB 29ms
29ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Oct 2023 08:03:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 29 Oct 2023 06:57:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 29 Oct 2023 08:03:27 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 2EA6 2 KB
825 B 19ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 16:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 16:14:43 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/ Frame 2EA6 23 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 02:59:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 02:59:42 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8B08 143 B
166 B 22ms
21ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3204
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 07:10:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 2EA6 3 KB
1 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 21:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 21:42:34 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 2EA6 20 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 02:48:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 02:48:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2EA6 187 KB
59 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Oct 2023 08:03:27 GMT

GET
H3 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame 2EA6 36 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 17:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 399554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 16:29:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 17:04:13 GMT

GET
DATA 200
OK truncated
/ Frame 1483 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40e5ae0926e3571797570aa2e2ba183df266f372155f762a8a4c4dcc87834168

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CDC9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

28ms
28ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 08:03:27 GMT
expires: Sun, 29 Oct 2023 08:03:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 08:03:27 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1483
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CjpNCzhE-ZaXhIseO2fcP3-6vmAi79KvYc5rR5cuKEtzZHhABIPabwYABYJXKn4KwB6AB7Nq-8gLIAQOpArTQghl_ubE-qAMByAPJBKoE7AFP0KIwNkdql-RzSfXmh5hwMMa3Xqu2HRUnILk...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225313123043970218317%22,%22debug_reporting%22:true,%22destination%22:%22https://tdsynnex.com%22,%22event_report_window%22:%...

0
0

55ms
55ms

Fetch
text/css

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225313123043970218317%22,%22debug_reporting%22:true,%22destination%22:%22https://tdsynnex.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22776973676%22],%224%22:[%2210-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227935292812774600641%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:28 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5313123043970218317","debug_reporting":true,"destination":"https://tdsynnex.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["776973676"],"4":["10-29"],"6":["true"]},"priority":"500","source_event_id":"7935292812774600641"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Oct 2023 08:03:28 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 29 Oct 2023 08:03:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5313123043970218317","debug_reporting":true,"destination":"https://tdsynnex.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["776973676"],"4":["10-29"],"6":["true"]},"priority":"500","source_event_id":"7935292812774600641"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8B08
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

27ms
27ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 08:03:27 GMT
expires: Sun, 29 Oct 2023 08:03:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 08:03:27 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 54ms
54ms Preflight
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 29 Oct 2023 08:03:27 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 9qemsZs9kbLqAx5V3XgDphQAvLyKuqTQONNcKdPC_g4.js Show response
pagead2.googlesyndication.com/bg/ Frame 487B 38 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9qemsZs9kbLqAx5V3XgDphQAvLyKuqTQONNcKdPC_g4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6a7a6b19b3d91b2ea031e55dd7803a61400bcbc8abaa4d038d35c29d3c2fe0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:18:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 139481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15015
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Oct 2024 17:18:46 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 71ms
70ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231025&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6a328b1d12d6f88f75b326bc4d339899dc241ebd0e46b9aa0825d7eb318315e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12367
x-xss-protection: 0

GET
H3 200 9qemsZs9kbLqAx5V3XgDphQAvLyKuqTQONNcKdPC_g4.js Show response
pagead2.googlesyndication.com/bg/ Frame B94D 38 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9qemsZs9kbLqAx5V3XgDphQAvLyKuqTQONNcKdPC_g4.js

Requested by

Host: hayamix.com
URL: https://hayamix.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6a7a6b19b3d91b2ea031e55dd7803a61400bcbc8abaa4d038d35c29d3c2fe0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:18:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 139481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15015
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Oct 2024 17:18:46 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 Oct 2023 08:03:28 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DEC8 13 KB
5 KB 21ms
19ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hayamix.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 36478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 21:55:30 GMT
expires: Sun, 27 Oct 2024 21:55:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E3D0 829 B
999 B 30ms
29ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

132d2e3b8d72fd8ec853a4666ec2e1ed8208aa0d7f9ae3936f8699a5ae2bbeee

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IxpRCRhNhCO0YTRTgwzDIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hayamix.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-IxpRCRhNhCO0YTRTgwzDIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 08:03:28 GMT
expires: Sun, 29 Oct 2023 08:03:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame DEC8 38 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 05:36:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Oct 2024 05:36:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E3D0 0
0 54ms
53ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231025&jk=1825073074502368&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DEC8 0
10 B 19ms
18ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jrcC_A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:03:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B3C7 42 B
64 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHMM_xWhe6WMnzJMiEJIuxMtrzOypPVRf61Plf9C3WMTdfhNMiCRVMuhRHsOEiRc-YlZl_eyGZaZ0EeEeSTRR-RYFDU0OYlO7vnyJSNJwu85fwnyNXEmTFjkUHfavJvtNwAXDVTyIy89cAsHiGFG9cS6ZErGA_vpkarvhmhZIghe6FcwqMCZknEs8n46BpyXFW_Eb9sGUMrYnn-bbJRLzu0RAmXGq3NVt3gZns6hYZPt5Y8roCsFsIJ65Q1faKGKqz32qU9uponYUzE_5Z5KLiF7MYdjmq-brnMKOfOnYBEnuF8Z06sADeu-bxIpFM_tp_bWIaHVbI_mWZTztA7GToMeU2Aquqooo1GrYcMSKykO7jCyeHT9Wmhpl5Bxz_iCntK8UgIfkRTcBb46TAQlQGRp-AORvjSzc65hZkw1qK-xkdSmNDL8xlM3N3Qm2YzL3TxtdQGx11vMPECUiShlBOVsgAMDkShH1Tw5AhpqTC3A5NURnPSVaemly19xz9KtmLaWIRKlKDhqhKvavts_4xtWW9irEC1eyc__Umst4uTZdpC224YEVZYhF5sz7Zlcksge4WdCpEv4Oq_KeheGji012vVIUzL0jmeQKy1rhRS63NvO_N2TzxjAndqGU6PETHrMUr6hnj6odL2V488pRbXZcFZl0s_w4iu-z7s2FapXT_i6qc7E0L_dgWact8wlXMBVkJsnmcDsCG_kHMlRf7OklibBd0qcAtapDrsQAPDz4N-1fo3JS04gkAyT4vSlUzSiN-k56orVX8HXqL98k6cQDv5jcE8zh-6MfO764jZ3Fp_hvrju7wDWbv4B2D4STGVLWzOYFyAQolF07RVH_hdz8orYSlfVccL0GX-HjkAs11O612KAYpGPH55kQZZaYuXS5FCwMS0aJo8EsHUE-_cS1RBjDb8sQeU8kpvBx3YKPJ-b2ej43cHW7bGaGyUNCEqC4JW_-Sp00yzS1vcd-TOQ6GUW6dto72Iar4QWahdQC5gHxrhchV3UauK-S14GyHWsYRx6C_27VU_hsGbhBiWyeLHgib5-_nA_RHQh4qtJNrLGby9x35euTQqklbXRt7uEXJZSQCxCUmxWeFgD-uFF1VTDhJBLU9cVWq_eZyYvrFDn8DTVPAxEgHTFBy3P3FAG2rR2_DL6-iliKYSaBrmYs3PSY3GhTctwKd1jgEJkJFEbTXWrA9uybAVYHVCcDqyaATiH_AslibfhIFSPFSBNslOR5lfcVZdNNEwqfk3OrqWb46CS9MIekGiQKaxXgrnji8eCNnS4u0QzmAWiNn2pOfwR7aWntYuTq64olYfSp8mHS5_J_T9wcvRAD_Z1qenbDeMW_W8HPQT3U0reqvTIYIYUL8r2y-myBOCnkTOiaPGSDEPMEMSA&sai=AMfl-YTEoaFT2KPvCEUyaN5nlV13T1NCyg8-VLxsFQklCKNFWoN8dxQLsvmbGbgbzXZCTZi7XKOo0mb6Tui-qhOk_XpzcT27Kl7W6ywaHaus_j-GDOf8VStTiIwGylEHZjLj8OB43RXgrtLHDGMkHaUHsUBdtgcpIk_slmM&sig=Cg0ArKJSzPJHR4688IuYEAE&cid=CAQSTADICaaNDJeUwDN7BxP2W3rx1b5DLNr96wGOOK8p-16sscDIHqF918hxchlCMD__owFZjYQS8CtL01slpBYl1n2YcHWz7vI1M5p5EJwYAQ&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231025&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=113027812&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698566606548&rpt=732&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 08:03:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
57ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231025&jk=1825073074502368&bg=!EBOlE1zNAAbo5yKYyOc7ADQBe5WfOCOKCsmlOCgyK_TB0e3iPKxMwtmGDGcrlwMAvCdnee5YiElC6TNyeKgmUmUD6ZbbAgAAAFBSAAAAAmgBBwoASuDWtmqUe0ENP4Y8IV3UEnYYIOxzHe7Dpp5nMVvn01catO4pTppSzpEsk-Uij4c-mfeoyxkF-cE5ffqTQgfoJtF3shsKzUs4Qc8ZmQK3Dai_Mt0ho9YY_iUezaocp7q6bqZw2GIPFqFOsEqjeF6_03odMRg6hd_znxIbWtNYZRlX-eY6UrxCCd47FbQUXNEe-RpuzBHznIpKtbjVU-hSpkzl5EiOXCb2kNOyv_MZHyHcXmSi7-rmI20U4S5engY45ZLGDJqwt0wAo2C97CkX6eNSixiplMdeanxV2yevQnbqIIHU8Q5fETd3mMe2qqnVV_FfhpOSDtscoN4Bp-XLK9U8ubcz4IAAQucUXeVLucViptmSbu0vqfCx6D0rCm-FrtjEe-KJj8NxAFaJiC-G7oKjAjI0rBWf664WCp9_lek0V4SPAnAt8AIyLzFybX7Ax6aVCN2cT5eHmZJqYyJnuKx7TqCpYHykRD0k16rw3YLtjsqC3na44bQuwOsC90rm5XqFi-akQc-JtLF12gucuymx4iewkcUXwc11uCZ9-eM2jNhkp6ZEpTPDtaR4sNJzlZgqKymCIvCQfRtVkZP30ztNvln8Q5lXK1Y5miqMA_rDty-tvlYCX_-LfgS3tlB7-0cc9ZXPWMRdnMN_fzDTyseTsubKG6P8CYfhkWHjTytnTx0w9Z2cP3puihq5t_yqphxGWTt5N21hUlyzjxrY6QGT36Pd3Vl9HJmuMIe_nTBZCD5wwiTLiz4ZkqF38KlF2CtSrVJswo3BnMZPEYwFbd3SXOx_op5qjx_ZPlsP_uJlW9hTo6mPEHU21hiCHsgLeZVTZq1HrcatCJ8MQyig2CTfRv7tAQ0t3XvEO29kXp36hGLU5-s1eXbYflvXhvzALAFORsB6RVmi5ny8e8_dwOUJE1mL1chypmltQo8EmiKd-1C4E_xeHigShNWYohblsP18nlUt5cDTGILq36lAKrbJPNAAkIrlDXMYW6QUNDUSZwrOcfhZyU7vM7lUVDxwNbWerBE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayamix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1483 42 B
64 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvwxqRURsDHua7nGSeWui9RrDJTWA0D7V3TI6d3W6qu8LKCNBqVj6ExpYdCmpnbvA2LkTxLJtaFZt1IzAEaEOAJg0oQ80yVEkkzGkWJtYbW9ynkSNhbmCDcL3zdxaCFKYi-Bc9sBK0huqwl&sai=AMfl-YSFv3AxGEo_txUHmar2KCGQpmbZuFvFgb6nHqvo0c5SbnSyrJ_4Zw123OtKYKfuE4C8dMtyPPMMOxmJW3ekXutlM6IcYiJl3F9194if3bYCkdGuoGTYkUTX8RKUUC7Brge7hijVtB99xkNm&sig=Cg0ArKJSzGCFSvHGcFkXEAE&cid=CAQSSwDICaaN-PIMpUYhmdgRf3yjdHGtzVFg7-fqTyvPgR1WTtSigwviE3oYI9UjprknnkyAYOTOVn50ayhilpVSZBxrJjqIfcVd3ff2-xgB&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=84,767,1001,1114,1248&tos=84,683,234,113,134&v=20231025&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698566607684&rpt=147&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 08:03:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hayamix.com/	1970-01-21 00:35:02	Name: HstCfa3239351 Value: 1698566606051
hayamix.com/	1970-01-21 00:35:02	Name: HstCla3239351 Value: 1698566606051
hayamix.com/	1970-01-21 00:35:02	Name: HstCmu3239351 Value: 1698566606051
hayamix.com/	1970-01-21 00:35:02	Name: HstPn3239351 Value: 1
hayamix.com/	1970-01-21 00:35:02	Name: HstPt3239351 Value: 1
hayamix.com/	1970-01-21 00:35:02	Name: HstCnv3239351 Value: 1
hayamix.com/	1970-01-21 00:35:02	Name: HstCns3239351 Value: 1
.hayamix.com/	1970-01-21 01:11:02	Name: __gads Value: ID=0768c70d4e36637f:T=1698566606:RT=1698566606:S=ALNI_MZnBPdo2xR_4gKg2Ed6iMYkLsclYQ
.hayamix.com/	1970-01-21 01:11:02	Name: __gpi Value: UID=00000cc521e91eb2:T=1698566606:RT=1698566606:S=ALNI_MZlm1HVgg1cba1CeedBo4w0Vik73A
.doubleclick.net/	1970-01-21 01:11:02	Name: IDE Value: AHWqTUktVIc1jPoiYaZVMFjj9SCsuYF9g47LNaaCIIIolQGoiX9cLKyqiUeXSL_lPg8
.doubleclick.net/	1970-01-20 15:49:27	Name: test_cookie Value: CheckForPermission
.googleadservices.com/	1970-01-20 17:59:02	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 15:49:30	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9313502399336827&output=html&h=280&slotname=7268117941&adk=113027812&adf=2113917864&pi=t.ma~as.7268117941&w=1200&fwrn=4&fwrnh=100&lmt=1698525237&rafmt=1&format=1200x280&url=https%3A%2F%2Fhayamix.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698566606144&bpp=1&bdt=280&idt=410&shv=r20231025&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=110782429223&frm=20&pv=1&ga_vid=831320395.1698566607&ga_sid=1698566607&ga_hid=1910659718&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079080%2C31079087%2C44805934%2C44806738%2C31078301%2C31079247%2C44806255&oid=2&pvsid=1825073074502368&tmod=968270166&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=VAyqg2Yu8N&p=https%3A//hayamix.com&dtd=413 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
csm.eu.criteo.net
data.almaydan.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hayamix.com
imageproxy.eu.criteo.net
pagead2.googlesyndication.com
partner.googleadservices.com
rtb.nl3.eu.criteo.com
s10.histats.com
s4.histats.com
static.criteo.net
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.hayamix.com
142.250.185.66
158.69.254.144
178.250.1.6
2606:4700:10::6814:81f
2606:4700:3037::ac43:ca2d
2606:4700::6811:180e
2a00:1450:4001:801::2004
2a00:1450:4001:803::200a
2a00:1450:4001:809::2001
2a00:1450:4001:810::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:827::2002
2a00:1450:4001:830::2003
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
66.235.200.147
000db428843e05013dbee91711992d7965ba154ec84071cce778a801f6700c67
0231a4a35d9eab0149b0d0a42026cec218ec7980057db6562b517baad31be5af
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0aabd5081b6e6c37d719e674b709dfbc3f6227d6fa06201429bfeb66122e66cf
0cc7854dafea07cab7907165035839f3b6c280de497ed681912da724779d2c10
0f6637b41a216b9c0f8c58f66ef8147fec1f6c83940b060c26172cf83ffdb436
132d2e3b8d72fd8ec853a4666ec2e1ed8208aa0d7f9ae3936f8699a5ae2bbeee
1467673dd0eb38b9c27e0f80806fac828438c66e3ad111f09db4d6a04084902f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b560b9ed7667764ca4ca77dc706ef6df9bfbabab7709e898e0812ee7b7afcb8
25bb559beb57a681fbcd6b749ea0c17ecf3939efc5127ac756520f819f0c8f9b
278072f4f65d087983bd378634400dbfd5ebc5d8e3c03a8bc4f9c47e067546f1
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
2e94a354042fc69b62c5ee4a2d581240bc79100d874c6ef42c64de406e83f156
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3d4e92e13e127db5d26835a9ce4eee93761e58e0203aa48c35b65bc86c7307ef
3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0
3f79b15b5ce19ed10706bb70c715c56b2bb050ab477fd0b217208484946023db
402898e83e739ae075e5394535bd812615d120b22193d0729ff6ae9288d0fbe0
40d3a6139558c67a487d2364ea565655ec5fc546c9ae2c6381e4458e6075dacc
40e5ae0926e3571797570aa2e2ba183df266f372155f762a8a4c4dcc87834168
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
48a192b936f3e3b9362759391003c88bcbd9adad3101e8a45b3f91862fe4e040
48bf50c412bc17d7c860de747a658522c9902239f3014b23237b00e2a6e3a082
4adc1c7d07631d732d6e14739cdbf5cdcdfae85aec38dc80a1b2e35d4bc84f19
4c3d89219f70b6a1fdea80ea89ce8a0ad80c2b73106b36747937f17e0a135d88
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4de1c225aaae2a9c6db51c7275223fd7d8b2b5d0875da2a1feba43ebcab4ce92
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
532001c91647680a9170fdf732faffeae9330ed9f8c4eae560775c384141402a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
592b708a380d1753e4e21a1cbca99eb6543aa8f8363f664a46b11e2b2a8c756e
5b023b1d27287f33aa24ac8f77d5d5f2ca9688eba142a9656927bbd778894614
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d791ce5dac426e6f09e019b704a5bb8d7bba3da761c1a54d9c506760682ddc8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6288c50da49ba7de10dda65367b9e8577254da8bbb3c3485afd3bf938d2621bf
62ade288f2abf7a6aa32dd1342efedc3ae89cd69a61d55011e3ef07881bfcad4
6798bb594f931dc5399ef1f4d05717de572783a687b175212dcfa81e96d45c8f
6dd4dc4f92441144c9d238555167d3488e4dc91094385629265a3436e72c80f5
6e0f8a2d6b1f26b0f612be1c020ba44cb6fbadcff5709fd0dd9a44ef56cab099
725dad3eb33d87fb72bac214bb1b69459441528260933eaeaf48b0f2caea0c60
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
74afb570c39a56918e583f754f3578804889cd9d0255f33db957d7fb503fe57b
78cae80e23b0905c19eb2cd455865fdebdf02eef45b500c2e932d93e2e8797be
78cc8103f625e5a42dd03d0dc5973eae18322b7b260440a71fc6d83cb6fd5d02
7954fe9614832a5c8356adb849ba452f10b14a1a7b84daa41aaca52207b04a84
7cf470403439a36cef117ce3461eb3f7a5b873d1ad70d0ee3e75db1fc4da675b
803a2534e98d9a332c7a23ed6bf9c202e9bf6c37f75de79ba9f54c891051dc1b
83559c1aaf529c0bacec96825d893534efba13dbf4b4a5d579095aa93556d93f
85838e919557cbd4bf490dbe8bc20e79654b9507dd6b2c5034c0438fadd8be6b
85f58bcbb3750d6164121e5495736d947826f01ffd6f5ce06d139a141d6a7bb8
8eacc47c5a14459f168cd9c0114c92c8b483633cd009eb9be0dd7dc5fed1505a
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
9965d3f19ed45b672387e13c2077c670494feac6a8ad45170bada5bb732f1282
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abe1559ad78d35ccaa5475daff1dc24fa2586e6ffd9853228e74b9c09e4de367
ac15297fc61b30297c7538ae2f1c2976b45388ab42dca34d0250242316fd96ce
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b688686218e31f16ef1fb79bcda33086b741ed599d3c5221a8457cd4d0ba1ff0
b8adb506628a2366db9423750a866811ed5661c7123539abd88a7c2375af04a2
be7d912e0d2a1674d372b0c062fa6d42d521707b7ea03790a291f5f20f429862
c0f27ee92a26e2bbb2393e7695351be1c91d890492943f52cf18fcfd899666ed
c18f5c0855f4b76c30dd796f7164f9d1bb23c2c85b070cfad938787a214a2639
c4fbe66aaeb9d93b93884701b5cb8835e6e003c0a12f81325aea0f721ff1cf45
c54afa62a5e52b41d094941b5d467ebe04bd7262fec127940f1bb23931b5aa2a
cc797eb21846081edec317ea96736cefaee62411145577bcb1150f7b463bdbeb
cc7fda04e809c97a626a735f9a44b494b2cb2ae0992886a9b005676f61a0482c
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
d6a328b1d12d6f88f75b326bc4d339899dc241ebd0e46b9aa0825d7eb318315e
de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e
df332409e3397b049fcc1ccb16e6789d2371350ef494a38ebd695fdfc0f7841c
dfa0b4811a1891004840b5dc8291ee197f69db5aed89d559c867ad0f9f046e23
e170f66bc5df509ce08eb7341a2839cdadfd157b45f1e2384e6026de7877c571
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b989097fdac78716f7b617f895b9856d9ae2526a6c0e5b7bee77ed850155f2
e810285c7adae72cc14f297960620cae623b8bb8f7df01c8c80f0b539cf3007e
ea112c1ece8849c04476af104f88caa59db145b37b50d2d60668e1c80b5c9eec
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05ff05bcab29f7333d215c8c711ec65aa09aa402f5d798b46b5c8b727b58ac5
f4ce6c88ffe8dc2551a9bfa26ca5d80803d26d6eb873bb7ed53a49a546dbe78d
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6a7a6b19b3d91b2ea031e55dd7803a61400bcbc8abaa4d038d35c29d3c2fe0e
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fa84561c598f21cdd13cbf75c93f79b7078c282f78ef0243badea2f970c8eb44
fae7df6760f284dfa8cf06ecfa5e98b46042c68e52c1a0dafdfd4316c580ae83

hayamix.com Open in urlscan Pro 66.235.200.147 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

130 Requests

98 %HTTPS

79 %IPv6

13 Domains

22 Subdomains

20 IPs

4 Countries

2193 kBTransfer

4621 kBSize

13 Cookies

2 Outgoing links

Page URL History

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hayamix.com Open in urlscan Pro
66.235.200.147 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

98 %
HTTPS

79 %
IPv6

13
Domains

22
Subdomains

20
IPs

4
Countries

2193 kB
Transfer

4621 kB
Size

13
Cookies

130 HTTP transactions
3 data transactions