byxz.efasein.com Open in urlscan Pro
104.21.92.168  Public Scan

67 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response byxz.efasein.com/	205 KB 55 KB	468ms 229ms	Document text/html	104.21.92.168 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://byxz.efasein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.92.168 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 357a6083bdf2565e79767ea6b7ea255a17b895a02c995ada895384a723fca1c5 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers age 94909 alt-svc h3=":443"; ma=86400 cache-control no-cache, public cf-apo-via tcache cf-cache-status HIT cf-ray 88f93705ace6364a-FRA content-encoding br content-type text/html date Thu, 06 Jun 2024 14:50:28 GMT expires Sun, 12 May 2024 16:43:55 GMT last-modified Sat, 11 May 2024 16:43:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma public report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2FQ%2BABv6CmKDqoPmX%2ByM8jSWfqEeza6G8zc6XLGuyceyISQMDs%2FWiEqSwgcWKKRaUCBW4Iz4bruOwHPWSPiQ1PjRge64mmpQcPYeQZLGY8H9eZJkMzuS%2FoEceHmlNKZ0VCTl"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	ai-aos.css www.organicfacts.net/wp-content/plugins/ad-inserter-pro/includes/aos/	32 KB 3 KB	147ms 52ms	Stylesheet text/css	104.26.0.163 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.organicfacts.net/wp-content/plugins/ad-inserter-pro/includes/aos/ai-aos.css?ver=2.7.1 Requested by Host: byxz.efasein.com URL: https://byxz.efasein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.0.163 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 694655bd2e73d9d062c56e22c52b1e5dfb065c5df2bbf950c791f9042489a118 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:28 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 471335 cf-polished origSize=34247 pragma public cf-bgj minify last-modified Mon, 12 Jul 2021 09:54:43 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SfowM%2FRcLJl%2BFazrUyOEuP4bXViEJzQi2yWGu2gMnf2KfB2avV9OXKxmLwNrICaCz%2FwNA78fB%2FPXWMQEV%2BAyhe%2BI02esg5Etwf8s3jQuWM4cD4QMezNP05cUJJIwEDwRYArgs%2FSW"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=604800, public cf-ray 88f93707ce1a9f12-FRA expires Sat, 08 Jun 2024 03:54:53 GMT
GET H2	200	SPUniversalFront.css www.organicfacts.net/wp-content/plugins/revision-manager-tmc/vendor/tmc/shellpress/assets/css/UniversalFront/	2 KB 1 KB	140ms 46ms	Stylesheet text/css	104.26.0.163 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.organicfacts.net/wp-content/plugins/revision-manager-tmc/vendor/tmc/shellpress/assets/css/UniversalFront/SPUniversalFront.css?ver=1.3.89 Requested by Host: byxz.efasein.com URL: https://byxz.efasein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.0.163 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ec292b09399708897d6a423dbf32b8333b2b964e3b8894e9d933c42d3fd31b3 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:28 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 95413 cf-polished origSize=1882 pragma public cf-bgj minify last-modified Sat, 06 Mar 2021 04:31:23 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=auRD%2Ba8c6RCJkMapeo7oYUb9P0xYz7NgHbwb6DG%2FmRksm6ZiucSzEoYfE13BN66DtbC7JLrkhiof%2Bx6EUjuidtgPEobpBHn7iU5tTvcQS8OFd6yWknez2MzIWbNU34dg2h%2B9Uqzo"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=604800, public cf-ray 88f93707ce1f9f12-FRA expires Wed, 12 Jun 2024 12:20:15 GMT
GET H2	410	2738.js script.crazyegg.com/pages/scripts/0122/	0 0	122ms 47ms	Script application/javascript	2606:4700::6813:9308 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/scripts/0122/2738.js Requested by Host: byxz.efasein.com URL: https://byxz.efasein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:28 GMT cf-cache-status HIT last-modified Wed, 05 Jun 2024 17:17:21 GMT server cloudflare age 77586 vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400, s-maxage=86400 cf-ray 88f93708bde56964-FRA content-length 0
GET H2	200	of-logo-tagline.svg assets.organicfacts.net/img/	99 KB 25 KB	107ms 46ms	Image image/svg+xml	172.67.70.98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.organicfacts.net/img/of-logo-tagline.svg Requested by Host: byxz.efasein.com URL: https://byxz.efasein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.70.98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf81393ca9b0f32abe4ca8a082f47a31af78683c8a162572445972d3e11798f9 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:28 GMT content-encoding br cf-cache-status HIT last-modified Wed, 26 Jun 2019 13:30:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1739111 etag W/"5d137366-18c9a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fu2zWHzbVVKUzscWhdoCwPKFgjF%2BuQ1vlqCKXQlusFn3dZujGnq18jF67yYaZadD6vYMGBaUQMyQu5chN72oHE5f9A8npAvGPuatOC0zFRtycq99TLxfOFUCn5DD8QukXQsD2B0rml6d"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=2678400 cf-ray 88f93707e8f718ff-FRA expires Sun, 16 Jun 2024 11:45:17 GMT
GET H3	200	mirage2.min.js Show response ajax.cloudflare.com/cdn-cgi/scripts/04b3eb47/cloudflare-static/	38 KB 12 KB	80ms 38ms	Script application/javascript	2606:4700::6811:480e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ajax.cloudflare.com/cdn-cgi/scripts/04b3eb47/cloudflare-static/mirage2.min.js Requested by Host: byxz.efasein.com URL: https://byxz.efasein.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:480e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b2e044c462b8b00dfb05d77740f8b8f2a90ce00e2e5ccf621eac288608c0649 Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:28 GMT strict-transport-security max-age=15780000; includeSubDomains x-content-type-options nosniff last-modified Mon, 03 Jun 2024 14:51:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare content-encoding gzip etag W/"665dd872-9688" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D%2FuMDDEJBkcY00irQmkfjqK5yFAlty54GpK%2BR9yTWtB%2B7ngGEzf4ZLXCSYu3Jziy37A9aDTmChOuMBvnpXpql6iKBd0M1nsLGy9mMdaR4vei%2FpqR9%2BjLjj2eNDORt5fGz11sIJRufC%2Fh8e48Vz1sTAw%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 88f93707cf9435f6-FRA expires Sat, 08 Jun 2024 14:50:28 GMT
GET H2	200	DMCABadgeHelper.min.js Show response images.dmca.com/Badges/	465 B 833 B	499ms 23ms	Script application/javascript	2400:52e0:1e00::1082:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://images.dmca.com/Badges/DMCABadgeHelper.min.js Requested by Host: byxz.efasein.com URL: https://byxz.efasein.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1082 / ASP.NET Resource Hash e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:28 GMT content-encoding br cdn-edgestorageid 1080 x-powered-by ASP.NET cdn-cachedat 12/05/2023 19:29:27 cdn-pullzone 1574055 last-modified Fri, 21 Jun 2019 20:14:34 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"26b181f16d28d51:0" vary Accept-Encoding, Accept-Encoding content-type application/javascript cdn-cache HIT cdn-uid c136c664-112d-4533-8247-f90f6849ab39 cache-control public, max-age=31536000 cdn-requestid a9b059a54a3906d58a36c61dca6d5494 cdn-requestcountrycode DE link <https://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical" cdn-status 200 cdn-requestpullsuccess True
GET H2	200	get-country.js Show response www.organicfacts.net/	22 B 396 B	441ms 423ms	Script application/x-javascript	104.26.0.163 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.organicfacts.net/get-country.js Requested by Host: byxz.efasein.com URL: https://byxz.efasein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.0.163 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d1b99da1d43f3ca2e2dd52c602302301aa0dd089152398d69aed27e2e176e23e Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:28 GMT referrer-policy no-referrer-when-downgrade cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QdBpy%2Bi9YygT3WWkqaeI4oNigOhnP1mctBx6tdPKd2VSk%2Fe4IzHpfemHfvLjQesEB3aBPZb2zQSfZ3onM2pc0j3srjRTVgHOm%2BXZgQ1O%2Fzfoi8YwRaJlMQu%2B7sFfIyGMi%2FiDLqvS"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control private,must-revalidate,max-age=691200,s-maxage=0 accept-ranges bytes cf-ray 88f937085ede9f12-FRA content-length 22
GET H2	200	polyfill.js Show response cdn.polyfill.io/v3/	222 B 443 B	230ms 66ms	Script text/javascript	2606:4700:3110::6812:352c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.polyfill.io/v3/polyfill.js?features=IntersectionObserver Requested by Host: byxz.efasein.com URL: https://byxz.efasein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3110::6812:352c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ad6494a63c4d419d500d35a85fc9aeaa3bee7cf2c0c93feee8da336437562ae5 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:28 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 06 May 2024 09:29:12 GMT server cloudflare age 2697676 vary Accept-Encoding, User-Agent access-control-allow-methods GET,HEAD,OPTIONS content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600 cf-ray 88f937093ac063fc-LHR expires Thu, 06 Jun 2024 15:50:28 GMT
GET H2	200	jquery.js Show response www.organicfacts.net/wp-includes/js/jquery/	95 KB 34 KB	71ms 54ms	Script application/javascript	104.26.0.163 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.organicfacts.net/wp-includes/js/jquery/jquery.js Requested by Host: byxz.efasein.com URL: https://byxz.efasein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.0.163 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:28 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 95413 cf-polished origSize=96873 pragma public cf-bgj minify last-modified Thu, 08 Feb 2024 14:40:43 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2vD48Zxi9ssmhfSJhxrZS2iafuCvduHf0heq5kzetBDJzbxpghMzrkAf%2FAX7x9fjWtcURMaACFWJQAkMCJJZF2181hfk1NF9FidKgKC3W4eRTQm0pIJ5Rt32H9WKdKIsy4DWjXsy"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=604800, public cf-ray 88f937085ee29f12-FRA expires Wed, 12 Jun 2024 12:20:15 GMT
GET H2	200	public-modern.js Show response www.organicfacts.net/wp-content/plugins/wp-recipe-maker/dist/	96 KB 32 KB	66ms 50ms	Script application/javascript	104.26.0.163 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.organicfacts.net/wp-content/plugins/wp-recipe-maker/dist/public-modern.js?ver=4.3.3 Requested by Host: byxz.efasein.com URL: https://byxz.efasein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.0.163 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3fe82991af53d1ac9bba4c6c501f9b35d7880ae483150f857e147f329698f239 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:28 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 95413 cf-polished origSize=97852 pragma public cf-bgj minify last-modified Tue, 26 Mar 2019 05:42:52 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yBruCp7BD%2FefSlqpyzy49dI23y93dZdOwQL1bJd1CqFYLQqNm8K8FoNId9MVanznmOeGEMQ1%2BvyFRiFeix1VwWRNlNMvALT2jpPkMRF4ZvN%2BATNLxXJVkkbAmU329Ykzd5IeAn2P"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=604800, public cf-ray 88f937085ee39f12-FRA expires Wed, 12 Jun 2024 12:20:15 GMT
GET H2	200	aos.js Show response www.organicfacts.net/wp-content/plugins/ad-inserter-pro/includes/aos/	14 KB 5 KB	60ms 43ms	Script application/javascript	104.26.0.163 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.organicfacts.net/wp-content/plugins/ad-inserter-pro/includes/aos/aos.js?ver=2.7.1 Requested by Host: byxz.efasein.com URL: https://byxz.efasein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.0.163 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b7a8d472c29568e5bb5ba4062af8cdafc0f2774aa63dad230bc94973cddeb538 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:28 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 95413 cf-polished origSize=14213 pragma public cf-bgj minify last-modified Mon, 12 Jul 2021 09:54:43 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8NeMd280tf5orJhucxmbqzvQaPOKNVPTpKWAfnKReBEMPIW2uJYfdqNx0pbNvTbLLQz%2ByV%2F61jg4Po%2BfyQb%2F5wgXbelBSWp7se7mbccDccFefsxvkEP3HiTTXK7546ULJs%2BPFtRp"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=604800, public cf-ray 88f937085ee59f12-FRA expires Wed, 12 Jun 2024 12:20:15 GMT
GET H2	200	bmi-calculator-shortcode.js Show response www.organicfacts.net/wp-content/plugins/bmi-calculator-shortcode/	1 KB 832 B	56ms 40ms	Script application/javascript	104.26.0.163 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.organicfacts.net/wp-content/plugins/bmi-calculator-shortcode/bmi-calculator-shortcode.js?ver=5.4.15 Requested by Host: byxz.efasein.com URL: https://byxz.efasein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.0.163 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74583a05e8101b11f14ecf7567e2d2f1221173ad97d3817c7d75896cbb4230fb Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:28 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 95413 cf-polished origSize=1488 pragma public cf-bgj minify last-modified Thu, 12 Dec 2019 06:59:56 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eS%2FCVq6NDGAx%2Bwo%2FAk02xzD3umWYG5h0zvWC29JMCkHdOnc3n9w9j8Y4mPdUZaSQfN%2BCfyLBLESCXL8H%2BHpo8TexCcp1m8NPBgWP8ltIhYcxNZWukZXRl4KGUgNLFbe78QBIiwAx"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=604800, public cf-ray 88f937085ee69f12-FRA expires Wed, 12 Jun 2024 12:20:15 GMT
GET H2	200	front.min.js Show response www.organicfacts.net/wp-content/plugins/table-of-contents-plus/	6 KB 3 KB	51ms 42ms	Script application/javascript	104.26.0.163 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.organicfacts.net/wp-content/plugins/table-of-contents-plus/front.min.js?ver=1509 Requested by Host: byxz.efasein.com URL: https://byxz.efasein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.0.163 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma public date Thu, 06 Jun 2024 14:50:28 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 10 Aug 2017 07:25:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 95413 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wp02MmgFRiYGERlZdl%2FzlbrF23Cx91z3CApwm9VnWn8w6EvO4r2YWGX2snPM1iLVswgcmGbAq5YOrb%2F9sH1GQWa1dCxQWR74GxvkmrzC7rHXXwnZxp5b6PoiHVoaxUIqVJ7uU101"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=604800, public cf-ray 88f937085ee79f12-FRA expires Wed, 12 Jun 2024 12:20:15 GMT
GET H2	200	public-elite.js Show response www.organicfacts.net/wp-content/plugins/wp-recipe-maker-premium/dist/	145 KB 45 KB	76ms 66ms	Script application/javascript	104.26.0.163 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.organicfacts.net/wp-content/plugins/wp-recipe-maker-premium/dist/public-elite.js?ver=4.2.1 Requested by Host: byxz.efasein.com URL: https://byxz.efasein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.0.163 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5613d38b338641b2510b573fcea99ec60837b50505e6a7286f3a2b66eac45304 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma public date Thu, 06 Jun 2024 14:50:28 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 26 Mar 2019 18:18:11 GMT server cloudflare age 238803 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JBBlj4d%2FSuqR2aRb7JmcrfyHhRkxJzSV6jg03bXHi9sgrntCvhHmFu%2FBpZiM81UQcX9qD7Nyu2%2Bx8JFk07mB9DvbbENceInUXWlrpNDD7iCcvisUR9SP1VElzzQ15%2FutP5dakaCM"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=604800, public cf-ray 88f937085ee99f12-FRA expires Mon, 10 Jun 2024 20:30:25 GMT
GET		common.min.js assets.organicfacts.net/js/	0 0
GET		custom.min.js assets.organicfacts.net/js/	0 0
GET		essb-mailform.js www.organicfacts.net/wp-content/plugins/easy-social-share-buttons3/assets/js/	0 0
GET H2	200	sweetalert.min.js Show response www.organicfacts.net/wp-content/plugins/smio-push-notification/js/	17 KB 6 KB	72ms 64ms	Script application/javascript	104.26.0.163 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.organicfacts.net/wp-content/plugins/smio-push-notification/js/sweetalert.min.js?ver=5.4 Requested by Host: byxz.efasein.com URL: https://byxz.efasein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.0.163 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7a056fc64aba501090c8acd106b0c7bbc9a267914e695ae34aa42a6ae2a094a7 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma public date Thu, 06 Jun 2024 14:50:28 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 19 Jul 2016 11:56:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 95413 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gN4%2F%2BInD6%2BRTsNGG1%2Bn4%2FoOeb36i9CIKFvR4yeotMgadhIEjhDlPAORee2m8ctWjffHoBsuuNR9w4KZDHFiVbXZ0BI3LzsA1UsR7wwD%2FdYUJdbS3q8BqOnd0P4LsZGBY0bgKy%2B9I"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=604800, public cf-ray 88f937085eec9f12-FRA expires Wed, 12 Jun 2024 12:20:15 GMT
GET H2	200	comment-reply.min.js Show response byxz.efasein.com/wp-includes/js/	205 KB 54 KB	266ms 258ms	Script text/html	104.21.92.168 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://byxz.efasein.com/wp-includes/js/comment-reply.min.js Requested by Host: byxz.efasein.com URL: https://byxz.efasein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.92.168 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 357a6083bdf2565e79767ea6b7ea255a17b895a02c995ada895384a723fca1c5 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:28 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 94909 alt-svc h3=":443"; ma=86400 pragma public last-modified Sat, 11 May 2024 16:43:55 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y4jUs70YXQWZwRvGyqtkOB4BuROSQ7gjFZ7s5gbD%2FfStqqnpfYaXl3%2FpV9pGMGbzG%2F%2BWNsx80XvVo9Uoa04L6D%2B2gNcHQdfYqKaKtmekPlX7wQeRIU90UX9pf2yjCphrbw6B"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control no-cache, public cf-apo-via tcache cf-ray 88f93708585d364a-FRA expires Sun, 12 May 2024 16:43:55 GMT
GET H2	200	decom.js Show response assets.organicfacts.net/decomments/assets/js/	49 KB 12 KB	42ms 36ms	Script application/javascript	172.67.70.98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.organicfacts.net/decomments/assets/js/decom.js Requested by Host: byxz.efasein.com URL: https://byxz.efasein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.70.98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6c7821ddb6bd8df8820bcc01209d279b4a32e88d740dd88718669552a830c8b3 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:28 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1745127 cf-polished origSize=61777 cf-bgj minify last-modified Sat, 03 Feb 2018 11:21:27 GMT server cloudflare etag W/"5a759b37-f151" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin https://www.organicfacts.net report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yyeotWVr87b7pV66Gc715hyo9Clr%2F7urQ9Tc2Kd5ylHzRCkoctEngVQmfv7zXkyjMNJb5adTaJB3lsuRlSFAqNbKvIFtjM0KYT8%2BU3faQTSc%2B2kOkKqDdbQSjGnZ1a9cgZ9F00BfcGHq"}],"group":"cf-nel","max_age":604800} access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cache-control public, max-age=2678400 cf-ray 88f93708596818ff-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range expires Sun, 16 Jun 2024 10:05:01 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	85ms 22ms	Script text/javascript	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: byxz.efasein.com URL: https://byxz.efasein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 06 Jun 2024 14:29:08 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 1280 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Thu, 06 Jun 2024 16:29:08 GMT
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c537868e9dca5f3b2c82d0db8fbddf5ba7952cac96236778bd6058d050512039 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c938145fca8056b5a3124f09c91edabeec3176c1fce14e0035180783a362ddb6 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	sprite-sheet-v2.png assets.organicfacts.net/img/	6 KB 6 KB	43ms 39ms	Image image/webp	172.67.70.98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.organicfacts.net/img/sprite-sheet-v2.png?v2 Requested by Host: byxz.efasein.com URL: https://byxz.efasein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.70.98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 08c0cefcf3e44e391533f428b239ec2afed4fd0e569996262050262585f0892a Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:28 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1739111 cf-polished origFmt=png, origSize=13822 content-disposition inline; filename="sprite-sheet-v2.webp" content-length 6144 cf-bgj imgq:85,h2pri last-modified Thu, 25 Oct 2018 15:04:13 GMT server cloudflare etag "5bd1db6d-35fe" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1MR8DOGM%2B%2FBh4pb3u8lQo79m7%2BXGstts%2FZzAPIt6TtRuZ%2B0eW2vsnv4N5kD%2B3RhlFgUVhIY%2BJ2wttJ1fW0aWC5Gbthyl0clc43JM%2BqUBXGBFndssK2NlMlxOqKcq%2BfeMQzOcz2JOGpzT"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=2678400 accept-ranges bytes cf-ray 88f93708596a18ff-FRA expires Sun, 16 Jun 2024 11:45:17 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	16 B 223 B	30ms 29ms	XHR text/plain	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=912542302&t=pageview&_s=1&dl=https%3A%2F%2Fbyxz.efasein.com%2F&ul=de-de&de=UTF-8&dt=How%20To%20Eat%20Pineapple%20%7C%20Organic%20Facts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1736474092&gjid=603995372&cid=809571927.1717685429&tid=UA-484398-2&_gid=691131272.1717685429&_r=1&_slc=1&z=400821771 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash fdb1351c07ea4776950150ff5f7e3be907e5e99c41d785c51f9b04c8ddde8998 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 06 Jun 2024 14:50:28 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://byxz.efasein.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 350 B	88ms 28ms	XHR text/plain	2a00:1450:400c:c00::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-484398-2&cid=809571927.1717685429&jid=1736474092&gjid=603995372&_gid=691131272.1717685429&_u=IEBAAEAAAAAAACAAI~&z=1270861328 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5654fc07addd73e8ad92adf86e9b2d81e0c5d8e539375a654ad2e2dca191c35f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 06 Jun 2024 14:50:28 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://byxz.efasein.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	269 KB 95 KB	111ms 60ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-LK3BRWWXGX&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 65fb0f7134b8491f8e85ed7d924c3a38088f893babcc2a917b036a4579c463bb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:28 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 96684 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 06 Jun 2024 14:50:28 GMT
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	97ms 49ms	Image image/gif	2a00:1450:4001:800::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-484398-2&cid=809571927.1717685429&jid=1736474092&_u=IEBAAEAAAAAAACAAI~&z=1961860150 Requested by Host: byxz.efasein.com URL: https://byxz.efasein.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 06 Jun 2024 14:50:28 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.ro/ads/	42 B 408 B	118ms 52ms	Image image/gif	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ro/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-484398-2&cid=809571927.1717685429&jid=1736474092&_u=IEBAAEAAAAAAACAAI~&z=1961860150 Requested by Host: byxz.efasein.com URL: https://byxz.efasein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 06 Jun 2024 14:50:28 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 246 B	105ms 28ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-LK3BRWWXGX&_ng=1&gtm=45je4630v9135234643za200&_p=1717685428672&_gaz=1&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&tag_exp=0&ul=de-de&sr=1600x1200&cid=809571927.1717685429&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fbyxz.efasein.com%2F&dt=How%20To%20Eat%20Pineapple%20%7C%20Organic%20Facts&sid=1717685428&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1027 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-LK3BRWWXGX&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 06 Jun 2024 14:50:28 GMT server Golfe2 content-type text/plain access-control-allow-origin https://byxz.efasein.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 56 B	29ms 28ms	Ping text/plain	2a00:1450:400c:c00::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-LK3BRWWXGX&cid=809571927.1717685429&gtm=45je4630v9135234643za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l2&npa=0&frm=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-LK3BRWWXGX&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 06 Jun 2024 14:50:28 GMT server Golfe2 content-type text/plain access-control-allow-origin https://byxz.efasein.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	91ms 48ms	Image image/gif	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-LK3BRWWXGX&cid=809571927.1717685429&gtm=45je4630v9135234643za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l2&npa=0&frm=0&z=831560278 Requested by Host: byxz.efasein.com URL: https://byxz.efasein.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 06 Jun 2024 14:50:28 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	widget.js Show response cdn.userway.org/	2 KB 2 KB	111ms 21ms	Script application/javascript	2a02:6ea0:c700::22 CDN77 _
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/widget.js Requested by Host: byxz.efasein.com URL: https://byxz.efasein.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 424ac40c4ddf91cd7f05282b1210b81a1623d3908c0087a6933dbf220d5da962 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-77-pop frankfurtDE date Thu, 06 Jun 2024 14:50:29 GMT via 1.1 18a0c3f5e09e58d51d2e5d6f596d202e.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop FRA56-P10 age 792 x-amz-server-side-encryption AES256 x-accel-date-max 1717144880 x-77-cache HIT x-cache HIT x-age 446 x-accel-date 1717684983 alt-svc h3=":443"; ma=86400 x-77-nzt EgwB1GY4tAH3vgEAAAwB1GY4EQH3LwAAAA x-accel-expires @1717688583 x-77-age 446 last-modified Fri, 31 May 2024 08:26:04 GMT server CDN77-Turbo etag W/"f34a1b5ccb973fce20580f4e344349f4" x-77-nzt-ray 6d204d11ae872687b5cc616658733606 access-control-max-age 3000 access-control-allow-methods GET, HEAD, PUT, POST, DELETE content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=3600, public vary Accept-Encoding x-amz-cf-id 9gXiBjd1dSw-V5PLQvi_-aQi_YRisack1nf0jcS9olSbPN8joBtjEg==
GET H3	200	ga.js Show response assetcss.com/d/osx/	0 547 B	191ms 109ms	Script text/javascript	2606:4700:3032::ac43:9698 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assetcss.com/d/osx/ga.js Requested by Host: www.organicfacts.net URL: https://www.organicfacts.net/wp-content/plugins/wp-recipe-maker-premium/dist/public-elite.js?ver=4.2.1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:9698 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 06 Jun 2024 14:50:29 GMT cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TKpgog2zoIqsjFovpuu%2BPR8cFwXiPr6p6mSzuDHg0grkBeaimRfERchyzydrIgUkEhTp%2BJEn9SbQUdZCdILpXA5LTmq%2BVgY2abY%2FMdFj3shXmfR02Kl4gQJlxZZDgcqOEMiDaDeJkXt1Buk%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate accept-ranges bytes cf-ray 88f9370c398d925b-FRA alt-svc h3=":443"; ma=86400 content-length 0 expires -1
GET H2	200	dmca-badge-w100-5x1-11.png images.dmca.com/Badges/	2 KB 3 KB	24ms 23ms	Image image/png	2400:52e0:1e00::1082:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://images.dmca.com/Badges/dmca-badge-w100-5x1-11.png?ID=905478a5-2fe7-496f-8cc7-c94afa32b142 Requested by Host: byxz.efasein.com URL: https://byxz.efasein.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1082 / ASP.NET Resource Hash 2292a183dd2a364653441cf13efd89138c43eab4dacbb35e9bc061b07c749be1 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:29 GMT cdn-edgestorageid 1082 x-powered-by ASP.NET cdn-cachedat 10/31/2023 18:59:54 cdn-pullzone 1574055 content-length 2390 last-modified Mon, 25 Jul 2016 19:39:16 GMT server BunnyCDN-DE1-1082 cdn-proxyver 1.04 cdn-requestpullcode 200 etag "70d0a63aace6d11:0" content-type image/png cdn-cache HIT cdn-uid c136c664-112d-4533-8247-f90f6849ab39 cache-control public, max-age=31536000 cdn-requestid ca1dc47dbeabd9e66fe21998a02819cc accept-ranges bytes cdn-requestcountrycode DE link <https://dmca-images.azurewebsites.net/Badges/dmca-badge-w100-5x1-11.png?ID=c566a01f-b37b-45bf-953f-533e46600052>; rel="canonical" cdn-status 200 cdn-requestpullsuccess True
GET		dpanda-buy-widget.js cdn.dpanda.in/	0 0
GET H2	200	fuse.js Show response cdn.fuseplatform.net/publift/tags/2/2434/	332 KB 71 KB	405ms 237ms	Script application/x-javascript	2a02:26f0:3500:12::1730:1788 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.fuseplatform.net/publift/tags/2/2434/fuse.js?_=1717685429027 Requested by Host: www.organicfacts.net URL: https://www.organicfacts.net/wp-includes/js/jquery/jquery.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:12::1730:1788 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash b466bf110934a71c9d7e3d511404243c48eb25eed26b13f3d2ffa5666d8b17c2 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:29 GMT content-encoding gzip last-modified Thu, 22 Feb 2024 05:16:50 GMT server AkamaiNetStorage etag "9ababd668d8d343f0852492edcdbe0b3:1708579009.743281" vary Accept-Encoding content-type application/x-javascript cache-control max-age=1800 accept-ranges bytes content-length 72646 expires Thu, 06 Jun 2024 15:20:29 GMT
GET H3	200	widget_app_base_1717143841488.js Show response cdn.userway.org/widgetapp/2024-05-31-08-24-01/	153 KB 44 KB	49ms 26ms	Script application/javascript	2a02:6ea0:c700::22 CDN77 _
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/widgetapp/2024-05-31-08-24-01/widget_app_base_1717143841488.js Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widget.js Protocol H3 Security QUIC, , AES_256_GCM Server 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 37899059a1a3a5ab139f69619a3d42c6fa873f64bf99ed64a17304060800328e Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Origin https://byxz.efasein.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-77-pop frankfurtDE date Thu, 06 Jun 2024 14:50:29 GMT via 1.1 9c8021538470ab47dffa34921d0b4aca.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop FRA56-P10 age 789 x-amz-server-side-encryption AES256 x-accel-date-max 1717144881 x-77-cache HIT x-cache HIT x-age 540548 x-accel-date 1717144881 alt-svc h3=":443"; ma=86400 x-77-nzt EgwB1GY4tAH3hD8IAAwBJRPCNAH3MAAAAA x-accel-expires @1743064833 x-77-age 540548 last-modified Fri, 31 May 2024 08:25:59 GMT server CDN77-Turbo etag W/"5c5f427ab83dd18ed7f2940cc40bfab5" x-77-nzt-ray 6d204d112388d98bb5cc6166b335580a access-control-max-age 3000 access-control-allow-methods GET, HEAD, PUT, POST, DELETE content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public vary Accept-Encoding x-amz-cf-id c8F8XejicrFwvemfWRykcS7VnV0BC7MZxnEcKDXbmVtwSz6yagfV8A==
POST H2	200	YzPciXAG3Q Show response api.userway.org/api/tunings/	278 B 665 B	551ms 186ms	XHR application/json	2600:1f14:5db:eb11:1df0:7a6b:a6bd:4749 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.userway.org/api/tunings/YzPciXAG3Q Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widgetapp/2024-05-31-08-24-01/widget_app_base_1717143841488.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1f14:5db:eb11:1df0:7a6b:a6bd:4749 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 6920344a81d4f232f1fb1a63998f6c9309d123ef55aceea7849431028d852a03 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 06 Jun 2024 14:50:29 GMT etag W/"116-QMMjrzR4YqwOtz8ofwZ9QAxiXBw" access-control-max-age 3000 access-control-allow-methods GET, HEAD, PUT, PATCH, POST, DELETE content-type application/json; charset=utf-8 access-control-allow-origin * x-service-request-id usrcf4c9efd20a74a8 access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control no-cache, no-store, must-revalidate access-control-allow-headers * content-length 278 x-service-version uw-pr
GET H2	204	choice.js Show response cmp.inmobi.com/choice/PRrmquD1Ggcb1/byxz.efasein.com/	0 438 B	150ms 65ms	XHR text/plain	2600:9000:26db:f400:1b:cadc:ef40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/byxz.efasein.com/choice.js?tag_version=V2 Requested by Host: cdn.fuseplatform.net URL: https://cdn.fuseplatform.net/publift/tags/2/2434/fuse.js?_=1717685429027 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26db:f400:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:29 GMT via 1.1 bc8243121fd94c5b2714caac07caccde.cloudfront.net (CloudFront) server AmazonS3 x-amz-cf-pop MUC50-P3 access-control-max-age 3000 access-control-allow-methods GET x-cache Miss from cloudfront access-control-allow-origin https://byxz.efasein.com cache-control max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding x-amz-cf-id EXZZ1tvhtPr3Vq1ivVvOpPNoCdw-0NdbMVFler9--R0ME5TAGZyH7g==
GET H2	200	prebid-be0443b0836bae1bb2a2bfec9e5587a8.js Show response cdn.fuseplatform.net/prebid/	363 KB 112 KB	42ms 40ms	Script application/x-javascript	2a02:26f0:3500:12::1730:1788 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.fuseplatform.net/prebid/prebid-be0443b0836bae1bb2a2bfec9e5587a8.js Requested by Host: cdn.fuseplatform.net URL: https://cdn.fuseplatform.net/publift/tags/2/2434/fuse.js?_=1717685429027 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:12::1730:1788 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash afbe04baebd6ec8f8b81fbece950d9b240d857d753b314975ca89d9219f5b114 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:29 GMT content-encoding gzip last-modified Wed, 07 Feb 2024 09:08:47 GMT server AkamaiNetStorage etag "0456fe4651df64d6603ebe166a5f013e:1707296927.113729" vary Accept-Encoding content-type application/x-javascript cache-control max-age=86400000 accept-ranges bytes content-length 114804 expires Wed, 03 Mar 2027 14:50:29 GMT
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	305 KB 76 KB	94ms 29ms	Script application/javascript	52.84.198.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: cdn.fuseplatform.net URL: https://cdn.fuseplatform.net/publift/tags/2/2434/fuse.js?_=1717685429027 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.198.126 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-198-126.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 38ddbe47a6c50552223935c9c5553c3cb17292cfc08b33d4d2c40c45baf2174c Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:15:38 GMT content-encoding gzip via 1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront), 1.1 89855bc668c2d62d2715c482773d5732.cloudfront.net (CloudFront) last-modified Tue, 28 May 2024 21:30:46 GMT server AmazonS3 x-amz-cf-pop FRA60-P1, MUC50-P5 age 2092 x-amz-server-side-encryption AES256 etag W/"7e37c61c24c4f874b286570f1eebc0ea" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 x-amz-cf-id yTk3AMm8PQRAgpT502YgPnbVvj_nGOrwjcmlKOo-_ZzDEHQilTbEMw==
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	96 KB 30 KB	114ms 71ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: cdn.fuseplatform.net URL: https://cdn.fuseplatform.net/publift/tags/2/2434/fuse.js?_=1717685429027 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8b2547c02df585e17f904271bc812a8ee6114c2164944c0a0b437cd6764415c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:29 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30730 x-xss-protection 0 server cafe etag 629 / 19880 / 31084318 / config-hash: 7974509087986590786 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 06 Jun 2024 14:50:29 GMT
GET H2	200	noconsent Show response cdn.fuseplatform.net/telemetry/	1 B 269 B	122ms 36ms	Fetch text/plain	2a02:26f0:3500:12::1730:1788 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.fuseplatform.net/telemetry/noconsent?v=1&ttm=1717685429613&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=5227fc82-65cd-53b3-9cb0-56b6aae0316b&fid=2434&pubid=6&url=https%3A%2F%2Fbyxz.efasein.com%2F&sid=d76f2b406fdec86c5728&srate=100&adserver=gpt&etm=1758&e=fuse-load&tenant=publift&account=organicfacts Requested by Host: cdn.fuseplatform.net URL: https://cdn.fuseplatform.net/publift/tags/2/2434/fuse.js?_=1717685429027 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:12::1730:1788 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:29 GMT content-encoding gzip last-modified Wed, 10 Aug 2022 11:31:51 GMT server AkamaiNetStorage etag "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793" vary Accept-Encoding, Accept-Encoding, Origin content-type text/plain access-control-allow-origin https://byxz.efasein.com cache-control max-age=1800 accept-ranges bytes content-length 21 expires Thu, 06 Jun 2024 15:20:29 GMT
GET H2	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/	2 KB 1 KB	227ms 21ms	XHR application/json	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240606 Requested by Host: cdn.fuseplatform.net URL: https://cdn.fuseplatform.net/prebid/prebid-be0443b0836bae1bb2a2bfec9e5587a8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 9a599208c4ee64c0c6ea75a055aed4df48d08fefabdea12a404dca651598ea65 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 06 Jun 2024 14:50:29 GMT x-content-type-options nosniff content-encoding br age 38977 x-jsd-version 1.0.2078 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 827 x-served-by cache-fra-etou8220090-FRA x-jsd-version-type version etag W/"639-j/YVY5wrWJOLsm/vBTK7DCeBOkI" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H3	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406050101/	459 KB 143 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406050101/pubads_impl.js?cb=31084318 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 66a26f58e6db53d83ef8b7eeabbd99c41c439347508d4e30a3b4ece1e3fe47c9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 10:01:02 GMT content-encoding br x-content-type-options nosniff age 17367 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 146466 x-xss-protection 0 server cafe etag 288610800658649615 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Fri, 06 Jun 2025 10:01:02 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	70 B 87 B	96ms 54ms	XHR application/json	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=byxz.efasein.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4937e7d7249c25e9f9452583ab33d0e63cf22dac06e5f41fc08175d84481b941 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:29 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 63 x-xss-protection 0 expires Thu, 06 Jun 2024 14:50:29 GMT
GET H3	200	en-US.json Show response cdn.userway.org/widgetapp/2024-05-31-08-24-01/locales/	621 B 1 KB	22ms 21ms	XHR application/json	2a02:6ea0:c700::22 CDN77 _
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/widgetapp/2024-05-31-08-24-01/locales/en-US.json Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widgetapp/2024-05-31-08-24-01/widget_app_base_1717143841488.js Protocol H3 Security QUIC, , AES_256_GCM Server 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-77-pop frankfurtDE date Thu, 06 Jun 2024 14:50:29 GMT via 1.1 e66d620a027773b405a4087e80172660.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop BRU50-P1 age 780 x-amz-server-side-encryption AES256 x-accel-date-max 1717144885 x-77-cache HIT x-cache HIT x-age 540544 x-accel-date 1717144885 alt-svc h3=":443"; ma=86400 x-77-nzt EgwB1GY4tAH3gD8IAAwBnJIhJwH3MgAAAA x-accel-expires @1743064835 x-77-age 540544 last-modified Fri, 31 May 2024 08:25:59 GMT server CDN77-Turbo etag W/"85d8c40aac9c25bb0b993d4aa039a56f" x-77-nzt-ray 6d204d1123880da5b5cc61669114aa2d access-control-max-age 3000 access-control-allow-methods GET, HEAD, PUT, POST, DELETE content-type application/json access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public vary Accept-Encoding x-amz-cf-id AmZw613cIv1JeMdP1xVoipWM4kZsUua54SSdTxn6Z11VasbYs8ytaQ==
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	87ms 35ms	XHR application/javascript	52.84.198.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.198.126 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-198-126.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 09:53:41 GMT x-amz-version-id r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE content-encoding gzip via 1.1 c357e4a7404abfefc6d5fb1647246a74.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P5 age 17809 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 29 Feb 2024 02:13:08 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 vary Accept-Encoding,Origin x-amz-cf-id X41QdWm1-9JOKUlJLOR4OOpFZZemWA8-sT4JJBQ_Es7u18kKQ-I_xA==
GET H2	200	8b48e249-e9e6-4a52-8b48-396ea93403e8 Show response config.aps.amazon-adsystem.com/configs/	563 B 831 B	193ms 25ms	Script application/javascript	108.138.36.78 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://config.aps.amazon-adsystem.com/configs/8b48e249-e9e6-4a52-8b48-396ea93403e8 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.36.78 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-36-78.muc50.r.cloudfront.net Software CloudFront / Resource Hash a79086333dd884effafca5b9935e773da7257e25a5b6041fd4fc69e0799325bd Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:24:49 GMT via 1.1 66a008dd3c1b49635fc036a68872758c.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop MUC50-P2 age 1540 x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 content-length 563 x-amz-cf-id RC_jKqXyjfA2OzxkydefxmWSb7S_TH9fmFteqKO1ObHSmzozWg_aIg==
GET H2	200	config Show response c.amazon-adsystem.com/cdn/prod/	488 B 839 B	127ms 127ms	XHR application/json	52.84.198.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fbyxz.efasein.com&pubid=8b48e249-e9e6-4a52-8b48-396ea93403e8 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.198.126 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-198-126.muc50.r.cloudfront.net Software Server / Resource Hash 90f428eb104131a5f76713300dbbf38dfecf62f53a19ff10c8bb14fe5a2b46b1 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:29 GMT via 1.1 89855bc668c2d62d2715c482773d5732.cloudfront.net (CloudFront) server Server x-amz-cf-pop MUC50-P5 x-cache Miss from cloudfront content-type application/json;charset=UTF-8 access-control-allow-origin https://byxz.efasein.com cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true content-length 488 x-amz-cf-id ZquhjU5tzYTAKOsUY14EXjM0LydAicf9nGBtoE9olLBgsYntfF9q9Q==
GET H2	200	id5-api.js Show response cdn.id5-sync.com/api/1.0/	93 KB 27 KB	93ms 36ms	Script text/javascript	2606:4700:10::6816:3556 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/id5-api.js Requested by Host: byxz.efasein.com URL: https://byxz.efasein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d830a998066b3e15644d716280d1e6bdcef4dcb2c463da234743b7acb8416ed Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:30 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status HIT last-modified Wed, 08 May 2024 12:31:06 GMT server cloudflare x-amz-request-id Y1WNHRZJC8ZPNPNK age 1252 etag W/"975872beea6fa436507d8a74321584b7" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type text/javascript;charset=utf-8 cache-control public, max-age=3600 cf-ray 88f937118edc9bee-FRA x-amz-id-2 xGCyjisIGNuxa24ZBbubhAFnoNtEUl4RYLrxS1L4jjDpUUxl1x2o9idNnewui62TvtYoxzdHhzI=
GET H2	200	tag Show response btloader.com/	136 KB 36 KB	82ms 33ms	Script application/javascript	2606:4700:10::ac43:293c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://btloader.com/tag?o=5708166709903360&upapi=true Requested by Host: cdn.fuseplatform.net URL: https://cdn.fuseplatform.net/publift/tags/2/2434/fuse.js?_=1717685429027 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 94ee62640f59c0bb3bb9c73998296fa58a2e063a3feb845700bae69c502c89af Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:30 GMT content-encoding gzip via 1.1 google cf-cache-status HIT last-modified Thu, 06 Jun 2024 14:01:35 GMT server cloudflare age 2920 etag "9143c00a37b623713acb63440dd604a8" vary Origin, Accept-Encoding content-type application/javascript cache-control public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300 accept-ranges bytes cf-ray 88f93711ab253838-FRA content-length 36965
GET H2	204	state Show response api.btloader.com/mw/	0 39 B	199ms 138ms	Fetch	130.211.23.194 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/mw/state?bt_env=prod Requested by Host: btloader.com URL: https://btloader.com/tag?o=5708166709903360&upapi=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Thu, 06 Jun 2024 14:50:30 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 vary Origin
POST H2	204	log api.btloader.com/	0 0	194ms 134ms	Fetch	130.211.23.194 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/log?tid=MMs0StVPE&cv=2.1.45-3-gc22fd9c&sid=5ij2x6GO7C&upapi=true Requested by Host: btloader.com URL: https://btloader.com/tag?o=5708166709903360&upapi=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Thu, 06 Jun 2024 14:50:30 GMT cache-control no-cache, no-store, must-revalidate via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 vary Origin
POST H2	204	log api.btloader.com/	0 0	193ms 133ms	Fetch	130.211.23.194 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/log?tid=MMs0StVPE&cv=2.1.45-3-gc22fd9c&sid=5ij2x6GO7C&upapi=true Requested by Host: btloader.com URL: https://btloader.com/tag?o=5708166709903360&upapi=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Thu, 06 Jun 2024 14:50:30 GMT cache-control no-cache, no-store, must-revalidate via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 vary Origin
GET H2	200	px.gif ad-delivery.net/	43 B 917 B	96ms 31ms	Image image/gif	2606:4700:20::681a:246 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ad-delivery.net/px.gif?ch=2 Requested by Host: byxz.efasein.com URL: https://byxz.efasein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 232928 x-guploader-uploadid ABPtcPoL0XC8KArbJKu6QSTO5pu3I7XO1ez8eat0_1lzuzKPQaVq7bmvAaf7dM4JhcAllFEoxdxPFL7-Zw x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 5 x-goog-stored-content-encoding identity content-length 43 last-modified Wed, 05 May 2021 19:25:32 GMT server cloudflare etag "ad4b0f606e0f8465bc4c4c170b37e1a3" vary Accept-Encoding x-goog-hash crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== x-goog-generation 1620242732037093 content-type image/gif access-control-allow-origin * access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L6iyF8DgoIIcuqSYXIjTpRPXtTczfBdUdth79WHgT%2FeQokTbvB9XJ6yIDfyvlclOqIJwfZxa8Zo9I27YEpLzm9BgYNwLfUC3LYzIp14h5Z2uTzFvi%2Bq4munWMbncre8WEOMufoNwW6LvPm7s4g%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 43 accept-ranges bytes cf-ray 88f937124f478ecd-FRA expires Mon, 03 Jun 2024 22:33:32 GMT
GET H3	200	favicon.ico ad.doubleclick.net/	1 KB 130 B	63ms 20ms	Image image/x-icon	216.58.206.70 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 Requested by Host: byxz.efasein.com URL: https://byxz.efasein.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.206.70 , United States, ASN15169 (GOOGLE, US), Reverse DNS tzfraa-aa-in-f6.1e100.net Software sffe / Resource Hash d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 22:12:36 GMT content-encoding gzip x-content-type-options nosniff age 59874 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 104 x-xss-protection 0 last-modified Tue, 08 May 2012 13:08:06 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/x-icon access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 06 Jun 2024 22:12:36 GMT
GET H2	200	px.gif ad-delivery.net/	43 B 344 B	95ms 34ms	Image image/gif	2606:4700:20::681a:246 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ad-delivery.net/px.gif?ch=1&e=0.7579200901550747 Requested by Host: byxz.efasein.com URL: https://byxz.efasein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 232928 x-guploader-uploadid ABPtcPoL0XC8KArbJKu6QSTO5pu3I7XO1ez8eat0_1lzuzKPQaVq7bmvAaf7dM4JhcAllFEoxdxPFL7-Zw x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 5 x-goog-stored-content-encoding identity content-length 43 last-modified Wed, 05 May 2021 19:25:32 GMT server cloudflare etag "ad4b0f606e0f8465bc4c4c170b37e1a3" vary Accept-Encoding x-goog-hash crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== x-goog-generation 1620242732037093 content-type image/gif access-control-allow-origin * access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9x6xYa%2FNTTBQItmNbWgb0hlAGJh96kIZWx%2FWT%2BC3rDcgAR%2FrqZBFN9eD7ykxOy4%2BNQoc2V5nZ1j2FvPss4ioxaRRoVonWxGzMF16oUJciH%2F1mEznDIq3k8GFsIoVkZHw1lB9yonXUcJ%2FdXhWYA%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 43 accept-ranges bytes cf-ray 88f937124f508ecd-FRA expires Mon, 03 Jun 2024 22:33:32 GMT
POST H2	204	log api.btloader.com/	0 0	134ms 134ms	Fetch	130.211.23.194 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/log?tid=MMs0StVPE&cv=2.1.45-3-gc22fd9c&sid=5ij2x6GO7C&upapi=true Requested by Host: btloader.com URL: https://btloader.com/tag?o=5708166709903360&upapi=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Thu, 06 Jun 2024 14:50:30 GMT cache-control no-cache, no-store, must-revalidate via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 vary Origin
GET H3	200	favicon-32x32.png byxz.efasein.com/	205 KB 53 KB	231ms 231ms	Other text/html	104.21.92.168 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://byxz.efasein.com/favicon-32x32.png?v2 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.92.168 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 357a6083bdf2565e79767ea6b7ea255a17b895a02c995ada895384a723fca1c5 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:30 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1496359 alt-svc h3=":443"; ma=86400 pragma public last-modified Sat, 11 May 2024 16:43:55 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AS1rrAPXo00drzc8GfmyTXhVGXNM7rcj6%2B%2B8sBOQrkXyxhhiTjZppX1aVLTWNgaQ50O8cIiZ36JVhmfglx9GV%2F7ms5aGEzw76X3Vi0gVC2uoXtz%2FLXoRjnbO4z%2FuTxyDZMLU"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control no-cache, public cf-apo-via tcache cf-ray 88f937129dff3a4a-FRA expires Sun, 12 May 2024 16:43:55 GMT
GET H3	200	remediation-tool-free.js Show response cdn.userway.org/remediation/2024-05-31-08-24-01/free/	30 KB 12 KB	21ms 21ms	Script application/javascript	2a02:6ea0:c700::22 CDN77 _
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/remediation/2024-05-31-08-24-01/free/remediation-tool-free.js?ts=1717143841488 Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widgetapp/2024-05-31-08-24-01/widget_app_base_1717143841488.js Protocol H3 Security QUIC, , AES_256_GCM Server 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 8d08d1dd39c630e4d21eb69142dbecae7ee1dc9e14176104fe904f1c6a4a9f22 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Origin https://byxz.efasein.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-77-pop frankfurtDE date Thu, 06 Jun 2024 14:50:30 GMT via 1.1 b61ff825a3ca0ff851caf7741034ca52.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop FRA56-P10 age 296 x-amz-server-side-encryption AES256 x-accel-date-max 1717144885 x-77-cache HIT x-cache HIT x-age 540545 x-accel-date 1717144885 alt-svc h3=":443"; ma=86400 x-77-nzt EgwB1GY4tAH3gT8IAAwBJRPCLgH3HwIAAA x-accel-expires @1743064342 x-77-age 540545 last-modified Fri, 31 May 2024 08:26:03 GMT server CDN77-Turbo etag W/"1b921e6c8b7e113b7f2fd7fdac537c3e" x-77-nzt-ray 6d204d11238829bcb6cc6166bf251410 access-control-max-age 3000 access-control-allow-methods GET, HEAD, PUT, POST, DELETE content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public vary Accept-Encoding x-amz-cf-id UVhicGcSWQ9Ja06uIm45kc6Zoa1hFYPOqQFd42nhi4QEgGoOYzQ8qA==
GET H2	200	body_wh.svg cdn.userway.org/widgetapp/images/	4 KB 3 KB	21ms 20ms	Image image/svg+xml	2a02:6ea0:c700::22 CDN77 _
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.userway.org/widgetapp/images/body_wh.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-77-pop frankfurtDE date Thu, 06 Jun 2024 14:50:30 GMT via 1.1 9857ab0da41c7a88865f55b9cdc654ac.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop BRU50-P1 age 589 x-amz-server-side-encryption AES256 x-accel-date-max 1717144882 x-77-cache HIT x-cache HIT x-age 540548 x-accel-date 1717144882 alt-svc h3=":443"; ma=86400 x-77-nzt EgwB1GY4tAH3hD8IAAwBnJIhHwH3MgAAAA x-accel-expires @1743064832 x-77-age 540548 last-modified Fri, 22 Mar 2024 12:49:37 GMT server CDN77-Turbo etag W/"1d8b1582fe82bd329041cc1982ad42e4" x-77-nzt-ray 6d204d11ae872687b6cc6166825b9110 access-control-max-age 3000 access-control-allow-methods GET, HEAD, PUT, POST, DELETE content-type image/svg+xml access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public vary Accept-Encoding x-amz-cf-id hA6F9PpTVUuZ8d0kXvex_kCkHEH0h1WFetJ9tZUm0tLa6kf100oY_w==
GET H2	200	spin_wh.svg cdn.userway.org/widgetapp/images/	2 KB 1 KB	22ms 22ms	Image image/svg+xml	2a02:6ea0:c700::22 CDN77 _
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.userway.org/widgetapp/images/spin_wh.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software CDN77-Turbo / Resource Hash c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-77-pop frankfurtDE date Thu, 06 Jun 2024 14:50:30 GMT via 1.1 098a60d50e7e132c276fd27b94c6212c.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop FRA56-P10 age 587 x-amz-server-side-encryption AES256 x-accel-date-max 1717144881 x-77-cache HIT x-cache HIT x-age 540549 x-accel-date 1717144881 alt-svc h3=":443"; ma=86400 x-77-nzt EgwB1GY4tAH3hT8IAAwB1GY4EQH3MQAAAA x-accel-expires @1743064832 x-77-age 540549 last-modified Fri, 22 Mar 2024 12:49:37 GMT server CDN77-Turbo etag W/"8e0a35946bf39d10f46a1f1653366a0a" x-77-nzt-ray 6d204d11ae872687b6cc61668d579810 access-control-max-age 3000 access-control-allow-methods GET, HEAD, PUT, POST, DELETE content-type image/svg+xml access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public vary Accept-Encoding x-amz-cf-id PU1m_M53r4dLVHgqFX7-ISaAB5DwacVuE_BaXXmaOCJFBqrFO2Wixw==
GET H3	200	favicon-16x16.png byxz.efasein.com/	205 KB 52 KB	200ms 199ms	Other text/html	104.21.92.168 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://byxz.efasein.com/favicon-16x16.png?v2 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.92.168 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 357a6083bdf2565e79767ea6b7ea255a17b895a02c995ada895384a723fca1c5 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:30 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1496359 alt-svc h3=":443"; ma=86400 pragma public last-modified Sat, 11 May 2024 16:43:55 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MybOvs1u4zOj1skPE3pmiWlSnBsnaMto4Ui%2FZniZ6CGhZttffFwMVuTVVUkd1fi8cAskDlhkaj9%2BxoDj2n98OZNig50FJg4ivx91MZnOLkEZU%2BKBE9m5xs%2F843XXLn3C7UKx"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control no-cache, public cf-apo-via tcache cf-ray 88f93714581f3a4a-FRA expires Sun, 12 May 2024 16:43:55 GMT
GET H3	200	favicon-96x96.png byxz.efasein.com/	205 KB 53 KB	174ms 173ms	Other text/html	104.21.92.168 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://byxz.efasein.com/favicon-96x96.png?v2 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.92.168 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 357a6083bdf2565e79767ea6b7ea255a17b895a02c995ada895384a723fca1c5 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:30 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1496359 alt-svc h3=":443"; ma=86400 pragma public last-modified Sat, 11 May 2024 16:43:55 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DL4StdO5JmF5PIFPuZAi9QIDE3YLdDnnJWKnoenzV4oJ6KOUxNu8D9yyIi0dIgKDHqdPZ9kEXMruniMp2xg6%2Fsm%2Fz787lX1Mgxqa8XZP94E%2BuhWWEsobft3meiT9MAKprhQl"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control no-cache, public cf-apo-via tcache cf-ray 88f93715c9b53a4a-FRA expires Sun, 12 May 2024 16:43:55 GMT
GET H3	200	android-icon-192x192.png byxz.efasein.com/	205 KB 52 KB	273ms 273ms	Other text/html	104.21.92.168 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://byxz.efasein.com/android-icon-192x192.png?v2 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.92.168 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 357a6083bdf2565e79767ea6b7ea255a17b895a02c995ada895384a723fca1c5 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://byxz.efasein.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 14:50:31 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1496360 alt-svc h3=":443"; ma=86400 pragma public last-modified Sat, 11 May 2024 16:43:55 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F1er4YiAvMFYg92G4O%2FAgk3RnMdw2w%2BtHFpdvNBKhju5Qrlck2QMP0UctGJzkx784qXt6Gn9XCuS1yxf9g%2FLnOGq%2FRHVU9Z6L%2BeoTF%2FBrAGERk%2BXuMsccOveB1YxoWxbruje"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control no-cache, public cf-apo-via tcache cf-ray 88f937170b3a3a4a-FRA expires Sun, 12 May 2024 16:43:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

assets.organicfacts.net

URL

https://assets.organicfacts.net/js/common.min.js?ver=2.5.244

Domain

assets.organicfacts.net

URL

https://assets.organicfacts.net/js/custom.min.js?ver=2.5.244

Domain

www.organicfacts.net

URL

https://www.organicfacts.net/wp-content/plugins/easy-social-share-buttons3/assets/js/essb-mailform.js?ver=3.5

Domain

cdn.dpanda.in

URL

https://cdn.dpanda.in/dpanda-buy-widget.js?_=1717685429026