urlscan.io logo urlscan.io
SecurityTrails logo

www.choiyen.com Open in urlscan Pro
103.6.198.192  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.choiyen.com/
Effective URL: https://www.choiyen.com/
Submission: On April 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 31 IPs in 4 countries across 24 domains to perform 66 HTTP transactions. The main IP is 103.6.198.192, located in Petaling Jaya, Malaysia and belongs to EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY. The main domain is www.choiyen.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 18th 2024. Valid for: 3 months.
This is the only time www.choiyen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 103.6.198.192 46015 (EXABYTES-...)
5 35.186.212.79 15169 (GOOGLE)
4 216.58.206.66 15169 (GOOGLE)
1 162.159.134.42 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:310... 20940 (AKAMAI-ASN1)
1 2a03:2880:f08... 32934 (FACEBOOK)
2 104.20.95.138 13335 (CLOUDFLAR...)
1 157.240.252.13 32934 (FACEBOOK)
1 23.35.236.201 16625 (AKAMAI-AS)
1 104.18.38.76 13335 (CLOUDFLAR...)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 35.71.131.137 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 51.77.64.70 16276 (OVH)
1 2a03:2880:f17... 32934 (FACEBOOK)
2 2a01:4f8:fff3... 24940 (HETZNER-AS)
1 2607:f350:3:2... 27630 (AS-XFERNET)
1 151.101.193.108 54113 (FASTLY)
1 2 37.252.171.52 29990 (ASN-APPNEX)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
1 104.16.87.20 13335 (CLOUDFLAR...)
3 108.138.32.75 16509 (AMAZON-02)
1 108.138.36.78 16509 (AMAZON-02)
1 18.173.191.98 16509 (AMAZON-02)
1 184.30.211.26 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 185.89.208.11 ()
1 37.252.171.85 ()
66 31
19    103.6.198.192 (Petaling Jaya, Malaysia)

ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY)
PTR: stormcaster.mschosting.com
www.choiyen.com
5    35.186.212.79 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 79.212.186.35.bc.googleusercontent.com
bcdn.grmtas.com
4    216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f2.1e100.net
pagead2.googlesyndication.com
1    162.159.134.42 (None, )

ASN13335 (CLOUDFLARENET, US)
www.bloggingpro.com
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
1    2a02:26f0:3100::1735:2878 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
pub-images.gourmetads.com
1    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    104.20.95.138 (None, )

ASN13335 (CLOUDFLARENET, US)
secure.statcounter.com
c.statcounter.com
1    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
1    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    2606:4700:20::681a:566 (United States)

ASN13335 (CLOUDFLARENET, US)
cache.consentframework.com
choices.consentframework.com
1    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
1    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a01:4f8:fff3:10:: (Germany)

ASN24940 (HETZNER-AS, DE)
api.consentframework.com
1    2607:f350:3:2569:0:10:0:200c (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2600:9000:225b:d000:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
wrappers.geoedge.be
1    104.16.87.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    108.138.32.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-32-75.muc50.r.cloudfront.net
c.amazon-adsystem.com
1    108.138.36.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-78.muc50.r.cloudfront.net
config.aps.amazon-adsystem.com
1    18.173.191.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-191-98.muc50.r.cloudfront.net
aax.amazon-adsystem.com
1    184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    185.89.208.11 (None, )

ASN- ()
prebid.adnxs.com
1    37.252.171.85 (None, )

ASN- ()
ib.adnxs-simple.com
Apex Domain
Subdomains		 Transfer
19 choiyen.com
www.choiyen.com
744 KB
6 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 142
tpc.googlesyndication.com — Cisco Umbrella Rank: 200
207 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 359
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 905
aax.amazon-adsystem.com — Cisco Umbrella Rank: 462
79 KB
5 grmtas.com
bcdn.grmtas.com — Cisco Umbrella Rank: 271922
737 KB
4 adnxs.com
acdn.adnxs.com — Cisco Umbrella Rank: 949
ib.adnxs.com — Cisco Umbrella Rank: 365
prebid.adnxs.com
50 KB
4 consentframework.com
cache.consentframework.com — Cisco Umbrella Rank: 47895
choices.consentframework.com — Cisco Umbrella Rank: 44427
api.consentframework.com — Cisco Umbrella Rank: 45052
126 KB
2 statcounter.com
secure.statcounter.com — Cisco Umbrella Rank: 34131
c.statcounter.com — Cisco Umbrella Rank: 14850
14 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 248
90 KB
2 gstatic.com
encrypted-tbn3.gstatic.com
9 KB
1 adnxs-simple.com
ib.adnxs-simple.com
818 B
1 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1389
27 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1598
17 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 454
2 KB
1 geoedge.be
wrappers.geoedge.be — Cisco Umbrella Rank: 25718
4 KB
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1575
390 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5967
456 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 624
422 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1459
351 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1164
11 KB
1 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 826
64 KB
1 gourmetads.com
pub-images.gourmetads.com
4 KB
1 bloggingpro.com
www.bloggingpro.com
6 KB
0 amazonaws.com Failed
tint-blog.s3.amazonaws.com Failed
66 24
Domain Requested by
19 www.choiyen.com www.choiyen.com
5 bcdn.grmtas.com www.choiyen.com
bcdn.grmtas.com
4 pagead2.googlesyndication.com www.choiyen.com
pagead2.googlesyndication.com
3 c.amazon-adsystem.com bcdn.grmtas.com
c.amazon-adsystem.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 ib.adnxs.com 1 redirects
2 api.consentframework.com choices.consentframework.com
2 connect.facebook.net www.choiyen.com
connect.facebook.net
2 encrypted-tbn3.gstatic.com www.choiyen.com
1 ib.adnxs-simple.com bcdn.grmtas.com
1 prebid.adnxs.com bcdn.grmtas.com
1 cdn.id5-sync.com www.choiyen.com
1 secure.cdn.fastclick.net www.choiyen.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 cdn.jsdelivr.net bcdn.grmtas.com
1 wrappers.geoedge.be bcdn.grmtas.com
1 acdn.adnxs.com bcdn.grmtas.com
1 sync.go.sonobi.com bcdn.grmtas.com
1 www.facebook.com connect.facebook.net
1 pro.ip-api.com bcdn.grmtas.com
1 choices.consentframework.com bcdn.grmtas.com
1 cache.consentframework.com bcdn.grmtas.com
1 match.adsrvr.org js-sec.indexww.com
1 api.rlcdn.com js-sec.indexww.com
1 js-sec.indexww.com bcdn.grmtas.com
1 ads.pubmatic.com bcdn.grmtas.com
1 c.statcounter.com secure.statcounter.com
1 secure.statcounter.com www.choiyen.com
1 pub-images.gourmetads.com www.choiyen.com
1 www.bloggingpro.com www.choiyen.com
0 tint-blog.s3.amazonaws.com Failed www.choiyen.com
66 32
Subject Issuer Validity Valid
choiyen.com
cPanel, Inc. Certification Authority		 2024-02-18 -
2024-05-18		 3 months crt.sh
bcdn.grmtas.com
Go Daddy Secure Certificate Authority - G2		 2023-04-21 -
2024-05-22		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
bloggingpro.com
GTS CA 1P5		 2024-03-25 -
2024-06-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-18 -
2024-04-17		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-05 -
2025-01-03		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-06 -
2025-03-05		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
consentframework.com
E1		 2024-03-22 -
2024-06-20		 3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-21 -
2025-01-20		 a year crt.sh
*.consentframework.com
RapidSSL TLS RSA CA G1		 2024-02-19 -
2025-03-20		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2023-12-07 -
2025-01-07		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2024-04-08 -
2025-05-09		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-08-12 -
2024-09-09		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-03-29 -
2025-04-28		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
id5-sync.com
E1		 2024-04-06 -
2024-07-05		 3 months crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2023-05-31 -
2024-06-30		 a year crt.sh
*.adnxs-simple.com
GeoTrust ECC CA 2018		 2024-02-29 -
2025-03-31		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.choiyen.com/
Frame ID: 67BE4D1F09B01BD2FD34F5C62EA2B310
Requests: 65 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7201596650999381&output=html&adk=1812271804&adf=3025194257&lmt=1712743302&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x1080_l%7C128x1080_r&format=0x0&url=https%3A%2F%2Fwww.choiyen.com%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&dt=1712743301944&bpp=2&bdt=993&idt=165&shv=r20240408&mjsv=m202404080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2165976362388&frm=20&pv=2&ga_vid=232138658.1712743302&ga_sid=1712743302&ga_hid=1583089026&ga_fc=0&u_tz=120&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95328448%2C31082547%2C95326315%2C95329440%2C31082589%2C95321963&oid=2&pvsid=2535689867852374&tmod=1518221980&uas=0&nvt=1&fsapi=1&fc=1920&brdim=540%2C540%2C540%2C540%2C800%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=175
Frame ID: 918CA3CD129EED56ABEC64F558547BF4
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb393117ac40f7d4b%26domain%3Dwww.choiyen.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.choiyen.com%252Ff915c9654866d7226%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=false&height=300&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FMimis-Dining-Room%2F132180366802905&locale=en_US&sdk=joey&show_faces=true&stream=false&width=287
Frame ID: 9B0EEDA45E0D5F7CD0B35D9169511A4A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3B7BAD46CA310D254CA1EE59E3DF6C32
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mimi's Dining Room -

Page URL History Show full URLs

  1. http://www.choiyen.com/ HTTP 307
    https://www.choiyen.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

66
Requests

91 %
HTTPS

33 %
IPv6

24
Domains

32
Subdomains

31
IPs

4
Countries

2205 kB
Transfer

5516 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.choiyen.com/ HTTP 307
    https://www.choiyen.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48
  • https://ib.adnxs.com/ttj?id=3622488&tv=1712743302767 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fttj%3Fid%3D3622488%26tv%3D1712743302767

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.choiyen.com/
Redirect Chain
  • http://www.choiyen.com/
  • https://www.choiyen.com/
64 KB
65 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.choiyen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.6.198.192 Petaling Jaya, Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY),
Reverse DNS
stormcaster.mschosting.com
Software
Apache /
Resource Hash
640736be5e515bb62544ca7272c5fbdaa1ec13289e5068d9a083fbad709a3b81

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Wed, 10 Apr 2024 10:01:40 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://www.choiyen.com/wp-json/>; rel="https://api.w.org/"
pragma
no-cache
server
Apache

Redirect headers

Location
https://www.choiyen.com/
Non-Authoritative-Reason
HttpsUpgrades
ga_pub_7387.js
bcdn.grmtas.com/pub/ 		49 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bcdn.grmtas.com/pub/ga_pub_7387.js
Requested by
Host: www.choiyen.com
URL: https://www.choiyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.212.79 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
79.212.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6bce7a2fe1ae0cf47b38941b4d4650c1f1b95d62bcdac73c2b0efc731b0a2526

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:41 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1712714788
x-guploader-uploadid
ABPtcPqIvJtc-1zmbkCQqBmnyPpCwNXXayONMVDbXVBgHr1ZORbYMFF_ri65ouOq42RBaFZX3p-8oPKl8g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12479
last-modified
Wed, 10 Apr 2024 02:16:52 GMT
server
UploadServer
etag
"e62d93686768672b4cfe45e7842a4b4e"
vary
Accept-Encoding
x-goog-generation
1712715412287439
content-type
text/plain
access-control-allow-origin
*
x-goog-hash
crc32c=iNyS4A==, md5=5i2TaGdoZytM/kXnhCpLTg==
access-control-expose-headers
Content-Type
cache-control
private, max-age=0
x-goog-stored-content-length
12479
accept-ranges
bytes
expires
Wed, 10 Apr 2024 10:01:41 GMT
bwp-recent-comments.css
www.choiyen.com/wp-content/plugins/bwp-recent-comments/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.choiyen.com/wp-content/plugins/bwp-recent-comments/css/bwp-recent-comments.css?ver=1.2.2
Requested by
Host: www.choiyen.com
URL: https://www.choiyen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.6.198.192 Petaling Jaya, Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY),
Reverse DNS
stormcaster.mschosting.com
Software
Apache /
Resource Hash
10384f0a694f678b510391ea13d9c7dd758775e51ce971137f4b38be130fdd47

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:41 GMT
last-modified
Wed, 06 Nov 2013 08:29:34 GMT
server
Apache
accept-ranges
bytes
content-length
1095
content-type
text/css
custom-fonts.css
www.choiyen.com/wp-content/themes/dynamic-news-lite/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.choiyen.com/wp-content/themes/dynamic-news-lite/css/custom-fonts.css?ver=20180413
Requested by
Host: www.choiyen.com
URL: https://www.choiyen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.6.198.192 Petaling Jaya, Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY),
Reverse DNS
stormcaster.mschosting.com
Software
Apache /
Resource Hash
5e9549dcf4e69eac1bdcde3f6cd80ac2a9e0f46788aaab79c4cf64d4c357e163

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:41 GMT
last-modified
Tue, 23 Aug 2022 08:24:34 GMT
server
Apache
accept-ranges
bytes
content-length
2525
content-type
text/css
style.min.css
www.choiyen.com/wp-includes/css/dist/block-library/ 		111 KB
111 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.choiyen.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2
Requested by
Host: www.choiyen.com
URL: https://www.choiyen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.6.198.192 Petaling Jaya, Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY),
Reverse DNS
stormcaster.mschosting.com
Software
Apache /
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:41 GMT
last-modified
Wed, 03 Apr 2024 09:32:03 GMT
server
Apache
accept-ranges
bytes
content-length
113381
content-type
text/css
style.css
www.choiyen.com/wp-content/themes/dynamic-news-lite/ 		54 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.choiyen.com/wp-content/themes/dynamic-news-lite/style.css?ver=1.6.8
Requested by
Host: www.choiyen.com
URL: https://www.choiyen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.6.198.192 Petaling Jaya, Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY),
Reverse DNS
stormcaster.mschosting.com
Software
Apache /
Resource Hash
ae440f2d11b0118e6eb9f1ad09acdf2010cbdd8eff9d8a736fbc4866881d6ce9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:41 GMT
last-modified
Tue, 23 Aug 2022 08:24:34 GMT
server
Apache
accept-ranges
bytes
content-length
55158
content-type
text/css
genericons.css
www.choiyen.com/wp-content/themes/dynamic-news-lite/css/genericons/ 		28 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.choiyen.com/wp-content/themes/dynamic-news-lite/css/genericons/genericons.css?ver=3.4.1
Requested by
Host: www.choiyen.com
URL: https://www.choiyen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.6.198.192 Petaling Jaya, Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY),
Reverse DNS
stormcaster.mschosting.com
Software
Apache /
Resource Hash
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:41 GMT
last-modified
Tue, 23 Aug 2022 08:24:34 GMT
server
Apache
accept-ranges
bytes
content-length
28266
content-type
text/css
jquery.min.js
www.choiyen.com/wp-includes/js/jquery/ 		86 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.choiyen.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: www.choiyen.com
URL: https://www.choiyen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.6.198.192 Petaling Jaya, Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY),
Reverse DNS
stormcaster.mschosting.com
Software
Apache /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:41 GMT
last-modified
Wed, 15 Nov 2023 07:38:40 GMT
server
Apache
accept-ranges
bytes
content-length
87553
content-type
application/javascript
jquery-migrate.min.js
www.choiyen.com/wp-includes/js/jquery/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.choiyen.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: www.choiyen.com
URL: https://www.choiyen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.6.198.192 Petaling Jaya, Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY),
Reverse DNS
stormcaster.mschosting.com
Software
Apache /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:41 GMT
last-modified
Wed, 09 Aug 2023 04:32:27 GMT
server
Apache
accept-ranges
bytes
content-length
13577
content-type
application/javascript
navigation.js
www.choiyen.com/wp-content/themes/dynamic-news-lite/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.choiyen.com/wp-content/themes/dynamic-news-lite/js/navigation.js?ver=20210324
Requested by
Host: www.choiyen.com
URL: https://www.choiyen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.6.198.192 Petaling Jaya, Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY),
Reverse DNS
stormcaster.mschosting.com
Software
Apache /
Resource Hash
3fdcdfd20f719bd492a121fcd444f0dd6524bb3da0421f42ea8581fc63fcd759

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:41 GMT
last-modified
Tue, 23 Aug 2022 08:24:34 GMT
server
Apache
accept-ranges
bytes
content-length
3699
content-type
application/javascript
sidebar.js
www.choiyen.com/wp-content/themes/dynamic-news-lite/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.choiyen.com/wp-content/themes/dynamic-news-lite/js/sidebar.js?ver=20210324
Requested by
Host: www.choiyen.com
URL: https://www.choiyen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.6.198.192 Petaling Jaya, Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY),
Reverse DNS
stormcaster.mschosting.com
Software
Apache /
Resource Hash
d0ee3870dcefaa10fb84c35cc3eecf01760c7743f2906f5ce3fcd47f302ccb22

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:41 GMT
last-modified
Tue, 23 Aug 2022 08:24:34 GMT
server
Apache
accept-ranges
bytes
content-length
2695
content-type
application/javascript
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.choiyen.com
URL: https://www.choiyen.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
b63e714a68b719fa808988a250eb0ff0f8b6cdf4ea7f40be6fb10b3699ade533
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50970
x-xss-protection
0
server
cafe
etag
3707806303567256510
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 10 Apr 2024 10:01:41 GMT
Banner-2.jpg
www.choiyen.com/wp-content/uploads/2014/12/ 		146 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.choiyen.com/wp-content/uploads/2014/12/Banner-2.jpg
Requested by
Host: www.choiyen.com
URL: https://www.choiyen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.6.198.192 Petaling Jaya, Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY),
Reverse DNS
stormcaster.mschosting.com
Software
Apache /
Resource Hash
89dd5996e01a9615d552719d2a2b02e5afc12623400a8062bd081bcee55baf6a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:41 GMT
last-modified
Mon, 08 Dec 2014 13:52:31 GMT
server
Apache
accept-ranges
bytes
content-length
149700
content-type
image/jpeg
hari-raya-574x280.jpg
www.choiyen.com/wp-content/uploads/2024/04/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.choiyen.com/wp-content/uploads/2024/04/hari-raya-574x280.jpg
Requested by
Host: www.choiyen.com
URL: https://www.choiyen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.6.198.192 Petaling Jaya, Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY),
Reverse DNS
stormcaster.mschosting.com
Software
Apache /
Resource Hash
2e52be90b218036b8d52194bc1f53c459c33bc521c843e98b0a33ec01d60d169

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:41 GMT
last-modified
Tue, 09 Apr 2024 03:44:31 GMT
server
Apache
accept-ranges
bytes
content-length
28787
content-type
image/jpeg
20240303_113611-700x280.jpg
www.choiyen.com/wp-content/uploads/2024/04/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.choiyen.com/wp-content/uploads/2024/04/20240303_113611-700x280.jpg
Requested by
Host: www.choiyen.com
URL: https://www.choiyen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.6.198.192 Petaling Jaya, Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY),
Reverse DNS
stormcaster.mschosting.com
Software
Apache /
Resource Hash
73c359bfdbeddc49dbd6828aa03d4c2894cc39a6f55eca9cf08b80024c32e76b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:41 GMT
last-modified
Mon, 08 Apr 2024 02:51:03 GMT
server
Apache
accept-ranges
bytes
content-length
38287
content-type
image/jpeg
20240127_103748-700x280.jpg
www.choiyen.com/wp-content/uploads/2024/04/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.choiyen.com/wp-content/uploads/2024/04/20240127_103748-700x280.jpg
Requested by
Host: www.choiyen.com
URL: https://www.choiyen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.6.198.192 Petaling Jaya, Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY),
Reverse DNS
stormcaster.mschosting.com
Software
Apache /
Resource Hash
42b6bd897c06bcd17145b85cfdf5b57efa8da02833e940c15546e12043b7eb1f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:41 GMT
last-modified
Thu, 04 Apr 2024 01:52:41 GMT
server
Apache
accept-ranges
bytes
content-length
42379
content-type
image/jpeg
36998a39-eb64-4d39-b8e5-0734129ff576
https://www.choiyen.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.choiyen.com/36998a39-eb64-4d39-b8e5-0734129ff576
Requested by
Host: www.choiyen.com
URL: https://www.choiyen.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
blogger_logo.png
www.bloggingpro.com/wp-content/uploads/2010/03/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bloggingpro.com/wp-content/uploads/2010/03/blogger_logo.png
Requested by
Host: www.choiyen.com
URL: https://www.choiyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01d6d6259191a158359c1ea6784a27188c3befae865a2ce423d4f060fa723fbd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:42 GMT
ki-cache-tag
9815d64d-5e6c-43e4-9278-74837b297e9c,6b1aa10a1433f024194ed02c66d3646322f80475356923a2388ccee8deeb6ec1
cf-cache-status
HIT
ki-edge
v=20.2.7;mv=3.0.6
x-content-type-options
nosniff
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag
9815d64d-5e6c-43e4-9278-74837b297e9c,6b1aa10a1433f024194ed02c66d3646322f80475356923a2388ccee8deeb6ec1
ki-origin
g1p
alt-svc
h3=":443"; ma=86400
content-length
5547
last-modified
Wed, 23 Feb 2022 20:00:38 GMT
server
cloudflare
etag
"62169266-15ab"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9C7v6YvJTj9kex41bS%2Fr5%2B37lkEH6O7J1JJJPYulTkK%2FMHBx8z9B5MagHi9SMChcU1TWtcAJMXNuCEbBXbpK8rarxz4Ugl35Hc1bMHPwew7M5EQA%2FbORI54gPos5UR4QQAiw5zI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
8721e5a46dfd2671-TXL
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
images
encrypted-tbn3.gstatic.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/images?q=tbn:ANd9GcSVncikErXRBqBL8pxBqdJaLzS8YMDUg05A9sxsovUYk-nFENRu
Requested by
Host: www.choiyen.com
URL: https://www.choiyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
650a7fb113f52a01b532472273358cd5206567028381cfe876b3b8a34cd29ba1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 18:12:10 GMT
x-content-type-options
nosniff
age
56971
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1806
x-xss-protection
0
last-modified
Tue, 17 Mar 2020 23:36:01 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 09 Apr 2025 18:12:10 GMT
images
encrypted-tbn3.gstatic.com/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/images?q=tbn:ANd9GcTQIFiY4ZQFhIlLDWjHoneSUl7N5mmgwuBrtayoSQf7dPGhHBCn
Requested by
Host: www.choiyen.com
URL: https://www.choiyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
301079b0e302b6d863d1bb1151926f1dcc3514990581f02234bece2c5a18b087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 23:36:14 GMT
x-content-type-options
nosniff
age
37527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6970
x-xss-protection
0
last-modified
Thu, 19 Nov 2015 13:37:03 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 09 Apr 2025 23:36:14 GMT
url.jpeg
tint-blog.s3.amazonaws.com/blog/wp-content/uploads/2013/02/ 		0
0
gourmetads-logo.jpg
pub-images.gourmetads.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-images.gourmetads.com/gourmetads-logo.jpg
Requested by
Host: www.choiyen.com
URL: https://www.choiyen.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2878 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f58caa0925a17e2607542586345f36a75398b94178fad69de836d59a48fa3638

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 10:01:42 GMT
Origin
https://mycloud.rackspace.com
Last-Modified
Mon, 14 Dec 2015 20:25:38 GMT
ETag
d35950feb3d51fccd8a4fb1d4d9783c9
Content-Type
image/jpeg
X-Timestamp
1450124737.08258
Cache-Control
public, max-age=184999
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3592
X-Trans-Id
txb0f582448a5644198f82c-006611aaceord1
Expires
Fri, 12 Apr 2024 13:25:01 GMT
ga-fixed-widget.js
www.choiyen.com/wp-content/plugins/gourmet-ads/js/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.choiyen.com/wp-content/plugins/gourmet-ads/js/ga-fixed-widget.js?ver=5.0.4
Requested by
Host: www.choiyen.com
URL: https://www.choiyen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.6.198.192 Petaling Jaya, Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY),
Reverse DNS
stormcaster.mschosting.com
Software
Apache /
Resource Hash
362f55bfac7e37d6ce157ffa07d3afbb733d4715d4fd8b6640b8e62143d38d1e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:41 GMT
last-modified
Thu, 28 Apr 2022 07:00:36 GMT
server
Apache
accept-ranges
bytes
content-length
10440
content-type
application/javascript
all.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.choiyen.com
URL: https://www.choiyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4595637d3f203eeb72ae252ca52527fee5cf8b1f582562b4bf42992e44804b7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 10 Apr 2024 10:01:41 GMT
content-md5
ymbomIAWFHdc1CD+83F1CQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1684
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=12, mss=1326, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
1twJDl55sNxapQ61KadNKw/+pyzLA+a1XohHaOTWkUB2ykny7WyfLyuGuzbC8lO5h6EBVTL8q00VpvcLlTO/CA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
2eacab19532a94042943d81b2a19c61f
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"09f410bf94d1918def8727c44ef676b2"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Wed, 10 Apr 2024 10:13:23 GMT
counter.js
secure.statcounter.com/counter/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.statcounter.com/counter/counter.js
Requested by
Host: www.choiyen.com
URL: https://www.choiyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
163f56b3b6e604ea7f6aae49c6f6069fc9626233680d09d8a1034440d93d4ac4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 Apr 2024 17:02:52 GMT
server
cloudflare
age
24163
etag
W/"6614233c-8c64"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
8721e5a47ba692be-CPH
expires
Wed, 10 Apr 2024 15:18:57 GMT
ubuntu-v11-latin-ext_latin-regular.woff2
www.choiyen.com/wp-content/themes/dynamic-news-lite/fonts/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.choiyen.com/wp-content/themes/dynamic-news-lite/fonts/ubuntu-v11-latin-ext_latin-regular.woff2
Requested by
Host: www.choiyen.com
URL: https://www.choiyen.com/wp-content/themes/dynamic-news-lite/css/custom-fonts.css?ver=20180413
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.6.198.192 Petaling Jaya, Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY),
Reverse DNS
stormcaster.mschosting.com
Software
Apache /
Resource Hash
9738e74b15ccfde5d94d73c5f7fff840e1c58027b9e4a34c4be6a198ea590daf

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/wp-content/themes/dynamic-news-lite/css/custom-fonts.css?ver=20180413
Origin
https://www.choiyen.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:41 GMT
last-modified
Tue, 23 Aug 2022 08:24:34 GMT
server
Apache
accept-ranges
bytes
content-length
66640
content-type
font/woff2
francois-one-v11-latin-ext_latin-regular.woff2
www.choiyen.com/wp-content/themes/dynamic-news-lite/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.choiyen.com/wp-content/themes/dynamic-news-lite/fonts/francois-one-v11-latin-ext_latin-regular.woff2
Requested by
Host: www.choiyen.com
URL: https://www.choiyen.com/wp-content/themes/dynamic-news-lite/css/custom-fonts.css?ver=20180413
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.6.198.192 Petaling Jaya, Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY),
Reverse DNS
stormcaster.mschosting.com
Software
Apache /
Resource Hash
d850e65552835b3f137b941d741625b693ada871207bc891d501aa16bc12acdb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/wp-content/themes/dynamic-news-lite/css/custom-fonts.css?ver=20180413
Origin
https://www.choiyen.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:41 GMT
last-modified
Tue, 23 Aug 2022 08:24:34 GMT
server
Apache
accept-ranges
bytes
content-length
25240
content-type
font/woff2
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7

Request headers

Referer
Origin
https://www.choiyen.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
all.js
connect.facebook.net/en_US/ 		305 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=a646748518194dd46afa71eafeb0ceea
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
c2bc0394740468c0cbcb34bcca3763d77bb82ee35d8007fbbf1e952bf668d89f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
Origin
https://www.choiyen.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 10 Apr 2024 10:01:41 GMT
content-md5
XtiJR6Y8AO82No0mjJEUBw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88178
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=23, mss=1232, tbw=4300, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
AOYn8xL03WY0RnNsZcR67L+7RYfn+bhxAhqXIj8wgABLk+d4XFNE7hN9NwF6sIMuurstTFo9K/JquwlZOs7x0w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
b128ed0b593f1eff38ab7eb6f24263c6
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"17303f7e329a626a9a29cd7a9da3ba90"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Thu, 10 Apr 2025 08:24:57 GMT
t.php
c.statcounter.com/ 		356 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=7132622&u1=3EF155A19F094F0A8DE86DBFEC56C2D7&java=1&security=e574b5d6&sc_snum=1&sess=21e3ea&sc_rum_e_s=2730&sc_rum_e_e=2735&sc_rum_f_s=0&sc_rum_f_e=2728&p=0&pv=10&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=800&h=600&camefrom=&u=https%3A//www.choiyen.com/&t=Mimi%27s%20Dining%20Room%20-&get_config=true
Requested by
Host: secure.statcounter.com
URL: https://secure.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23299a9686369e6485da85d9855e5acda00d7ef7d9a42d6194e1ae003cd2f4d1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:42 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.choiyen.com
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
8721e5a4cc7492be-CPH
expires
Mon, 26 Jul 1997 05:00:00 GMT
noframework.waypoints.min.js
bcdn.grmtas.com/js/waypoints/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bcdn.grmtas.com/js/waypoints/noframework.waypoints.min.js
Requested by
Host: bcdn.grmtas.com
URL: https://bcdn.grmtas.com/pub/ga_pub_7387.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.212.79 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
79.212.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d99da786d5c3a55307054f2d58d8a4c49eac66013cb058aa34a76015b6da4873

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:41 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1546454648
x-guploader-uploadid
ABPtcPquK054c5gOjIAELXfxtxVSGNIyxmPT_2hoDCa83qJmSQg6s-cXbRBfCIf3mrFzVmbDbF93JM1YuQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3161
last-modified
Wed, 16 Jan 2019 23:22:57 GMT
server
UploadServer
etag
"f7874bcfa56424aaff1f4220e991a6fb"
vary
Accept-Encoding
x-goog-generation
1547680977243642
content-type
text/plain
content-language
en
x-goog-hash
crc32c=GlW6IQ==, md5=94dLz6VkJKr/H0Ig6ZGm+w==
access-control-expose-headers
Content-Type
cache-control
private, max-age=0
x-goog-stored-content-length
3161
access-control-allow-origin
*
accept-ranges
bytes
expires
Wed, 10 Apr 2024 10:01:41 GMT
wp-emoji-release.min.js
www.choiyen.com/wp-includes/js/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.choiyen.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2
Requested by
Host: www.choiyen.com
URL: https://www.choiyen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.6.198.192 Petaling Jaya, Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY),
Reverse DNS
stormcaster.mschosting.com
Software
Apache /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:41 GMT
last-modified
Wed, 03 Apr 2024 09:32:28 GMT
server
Apache
accept-ranges
bytes
content-length
18726
content-type
application/javascript
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404080101/ 		408 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7201596650999381&plah=www.choiyen.com&aplac=true&bust=31082589
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
796bc9aa24c6235ec0c511c0534db26cd0ac814e16f04f8f947926b2b0819f67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141581
x-xss-protection
0
server
cafe
etag
3792690126991113493
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 10 Apr 2024 10:01:41 GMT
truncated
/ 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c44d4c61c3d00d2c66191c5be0fd8b4fbf9a7ee76ebe519e9466c4dc3ee0b77

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
pwt.js
ads.pubmatic.com/AdServer/js/pwt/99931/2388/ 		211 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/99931/2388/pwt.js
Requested by
Host: bcdn.grmtas.com
URL: https://bcdn.grmtas.com/pub/ga_pub_7387.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
419acc05041fbad2d5eafefbd789ce0cbebfe938c625a0ba9b8a3762d09aac00

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:42 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:26:22 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=87960
accept-ranges
bytes
content-length
65250
expires
Thu, 11 Apr 2024 10:27:42 GMT
ads
pagead2.googlesyndication.com/pagead/ Frame 918C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7201596650999381&output=html&adk=1812271804&adf=3025194257&lmt=1712743302&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x1080_l%7C128x1080_r&format=0x0&url=https%3A%2F%2Fwww.choiyen.com%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&dt=1712743301944&bpp=2&bdt=993&idt=165&shv=r20240408&mjsv=m202404080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2165976362388&frm=20&pv=2&ga_vid=232138658.1712743302&ga_sid=1712743302&ga_hid=1583089026&ga_fc=0&u_tz=120&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95328448%2C31082547%2C95326315%2C95329440%2C31082589%2C95321963&oid=2&pvsid=2535689867852374&tmod=1518221980&uas=0&nvt=1&fsapi=1&fc=1920&brdim=540%2C540%2C540%2C540%2C800%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=175
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7201596650999381&plah=www.choiyen.com&aplac=true&bust=31082589
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.choiyen.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Apr 2024 10:01:42 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
184268-232459109157499.js
js-sec.indexww.com/ht/p/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/184268-232459109157499.js
Requested by
Host: bcdn.grmtas.com
URL: https://bcdn.grmtas.com/pub/ga_pub_7387.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d64e0d0b86294b43791f26f9062a3b39319c6034dffc2273a2a5ed0451313db2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:42 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 10 Apr 2024 09:55:04 GMT
server
cloudflare
age
217
etag
W/"da15fe-7e27-615bb0864b9da"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
8721e5a75a5a58ea-TXL
expires
Wed, 10 Apr 2024 14:01:42 GMT
identity
api.rlcdn.com/api/ 		44 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184268-232459109157499.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 10 Apr 2024 10:01:42 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.choiyen.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rid
match.adsrvr.org/track/ 		63 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184268
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184268-232459109157499.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
6992448796d5dd031ae394eacaba87e59122065c3bc38b5598059e34d8baa805

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 10 Apr 2024 10:01:42 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.choiyen.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Fri, 10 May 2024 10:01:42 GMT
inview.min.js
bcdn.grmtas.com/js/waypoints/ 		2 KB
734 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bcdn.grmtas.com/js/waypoints/inview.min.js
Requested by
Host: bcdn.grmtas.com
URL: https://bcdn.grmtas.com/pub/ga_pub_7387.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.212.79 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
79.212.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5cc35f906e426a1ebd5acc6a1c5dd979ae9dd38918050f635597692457dfd294

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:42 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1546454687
x-guploader-uploadid
ABPtcPrbnflAcgb9wz456-ereAseuGN_muyJOUBYrXwfteEFEuJBA6nL00X0kUIIQRTe0H4JyEUnyCGZNw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
702
last-modified
Wed, 16 Jan 2019 23:22:57 GMT
server
UploadServer
etag
"3309520b9ee2db3732f95975de472981"
vary
Accept-Encoding
x-goog-generation
1547680977239734
content-type
text/plain
content-language
en
x-goog-hash
crc32c=hK2mnw==, md5=MwlSC57i2zcy+Vl13kcpgQ==
access-control-expose-headers
Content-Type
cache-control
private, max-age=0
x-goog-stored-content-length
702
access-control-allow-origin
*
accept-ranges
bytes
expires
Wed, 10 Apr 2024 10:01:42 GMT
stub
cache.consentframework.com/js/pa/22599/c/I7CcP/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cache.consentframework.com/js/pa/22599/c/I7CcP/stub
Requested by
Host: bcdn.grmtas.com
URL: https://bcdn.grmtas.com/pub/ga_pub_7387.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:566 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79f700bab989c44c6f5534cbd496b8eb871026638f0710a499759323281d671f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:42 GMT
strict-transport-security
max-age=15724800; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Apr 2024 08:50:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1579
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bbO%2BSU7A6okO%2FBRSOCd3%2Bhzxr8%2FJy%2BAe6lU5zEFEBHRrau6mRiMeyj6jzCBgZ5QYXnRbVax4sniPDxqYlkqb5qVpSrcgrrzBNe0wlYSawPg%2Bs8c5U0lKhTTiO40YFrr0KgN3ZQtX1VVwRGsa1VxaVlgfX6VG1irb"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
cf-ray
8721e5a92a003656-FRA
cmp
choices.consentframework.com/js/pa/22599/c/I7CcP/ 		643 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.consentframework.com/js/pa/22599/c/I7CcP/cmp
Requested by
Host: bcdn.grmtas.com
URL: https://bcdn.grmtas.com/pub/ga_pub_7387.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:566 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43e318a72f153c851de316285702b4ea9fbd2872be5e963b68720aefa0445fed
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:42 GMT
strict-transport-security
max-age=15724800; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Apr 2024 08:50:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1027
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OTyBsrzxq2GLlb3GVvDaJDycuYgLgHMbtBgcFxbyR6k7DrVLKt9X8tHaA%2BSlGQLPqHLVJ%2FORyx5%2BVVh1Y5ISibn1bGdx53Twux%2Bcb4pvUHBc5x4YEDKY1fA582Fy3OtdTOs8aO5ZbUZYnu0376%2FH2DtGbF97%2FeAR%2Be8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
cf-ray
8721e5a92e278f41-FRA
/
pro.ip-api.com/json/ 		300 B
456 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?key=VtYyGsHwqmIqRlx
Requested by
Host: bcdn.grmtas.com
URL: https://bcdn.grmtas.com/pub/ga_pub_7387.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
7c77f9e99404e31af22841057ff91dd62d75bd8c77eb13454529f8c9d4f84322

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 10 Apr 2024 10:01:42 GMT
Content-Length
300
Content-Type
application/json; charset=utf-8
like_box.php
www.facebook.com/plugins/ Frame 9B0E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb393117ac40f7d4b%26domain%3Dwww.choiyen.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.choiyen.com%252Ff915c9654866d7226%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=false&height=300&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FMimis-Dining-Room%2F132180366802905&locale=en_US&sdk=joey&show_faces=true&stream=false&width=287
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=a646748518194dd46afa71eafeb0ceea
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.choiyen.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Apr 2024 10:01:42 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=0, c=10, mss=1326, tbw=2775, tp=-1, tpl=-1, uplat=164, ullat=0
x-fb-debug
+8L05yZd2qabZHi9LmszFPWQ6Ou0R8mmN/WiIIza6qIlOCnSAQqM527Nvo5HpWBCsOf2fmYLQCBEn/HdPXRJdQ==
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240408&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7201596650999381&plah=www.choiyen.com&aplac=true&bust=31082589
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
6daf20d913943295ac3655b1c21782980f54005248549496607db851b7afa623
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12304
x-xss-protection
0
consent-string
api.consentframework.com/api/v1/public/ 		400 B
735 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.consentframework.com/api/v1/public/consent-string
Requested by
Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/22599/c/I7CcP/cmp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:fff3:10:: , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
/
Resource Hash
6196e48b5185ec8d0ce98588e778a8242786ad5c1ba7cfe258a9b15257790114
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 10 Apr 2024 10:01:42 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.choiyen.com
Cache-Control
no-store
Connection
keep-alive
Access-Control-Allow-Headers
content-type
Content-Length
400
user-action
api.consentframework.com/api/v1/public/ 		0
286 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.consentframework.com/api/v1/public/user-action
Requested by
Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/22599/c/I7CcP/cmp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:fff3:10:: , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.choiyen.com
Date
Wed, 10 Apr 2024 10:01:42 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Access-Control-Allow-Headers
content-type
Content-Length
0
uc.js
sync.go.sonobi.com/ 		0
390 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.js?pubid=a8f851cb57
Requested by
Host: bcdn.grmtas.com
URL: https://bcdn.grmtas.com/pub/ga_pub_7387.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 10:01:43 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-30
content-type
text/javascript
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
ast.js
acdn.adnxs.com/ast/ 		122 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ast/ast.js
Requested by
Host: bcdn.grmtas.com
URL: https://bcdn.grmtas.com/pub/ga_pub_7387.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
97711cf6d03d55d6dfa7ba68473b2d0d3c64c963463100f87f6792a4d0d080c1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Expires
Wed, 14 Feb 2024 18:28:30 GMT
Date
Wed, 10 Apr 2024 10:01:42 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
55883
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
41982
X-Served-By
cache-lga21942-LGA, cache-fra-eddf8230049-FRA
Last-Modified
Tue, 13 Feb 2024 18:28:18 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1712743303.845877,VS0,VE0
ETag
W/"65cbb4c2-1e942"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
71173, 16377
bounce
ib.adnxs.com/
Redirect Chain
  • https://ib.adnxs.com/ttj?id=3622488&tv=1712743302767
  • https://ib.adnxs.com/bounce?%2Fttj%3Fid%3D3622488%26tv%3D1712743302767
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fttj%3Fid%3D3622488%26tv%3D1712743302767
Protocol
H2
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.choiyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 10:01:42 GMT
content-encoding
gzip
an-x-request-uuid
17dd7c6c-51da-4d9d-bb2d-399ee56b0431
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.225; 193.32.248.225; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Apr 2024 10:01:42 GMT
an-x-request-uuid
3e825005-4ab1-4f3d-81bd-434477f080ee
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ib.adnxs.com/bounce?%2Fttj%3Fid%3D3622488%26tv%3D1712743302767
x-proxy-origin
193.32.248.225; 193.32.248.225; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid_v7_gourmetads_ga.js
bcdn.grmtas.com/js/ 		2 MB
718 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bcdn.grmtas.com/js/prebid_v7_gourmetads_ga.js
Requested by
Host: bcdn.grmtas.com
URL: https://bcdn.grmtas.com/pub/ga_pub_7387.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.212.79 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
79.212.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
18ecb18038f269af18f116add28d5f76a8110a57160d1e21fd109157a707cd2e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:42 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1681493060
x-guploader-uploadid
ABPtcPpe6qQ4P5-Qwp0_GBHZOZBaPF5xTYX-uJD4y39JLMKPp2KPSaBNuVTgnE4YHoEU7tlx3XI8qkhgbw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
735545
last-modified
Fri, 14 Apr 2023 17:24:39 GMT
server
UploadServer
etag
"a839b5ae21244418145f9de26f0124f0"
vary
Accept-Encoding
x-goog-generation
1681493079706324
content-type
text/plain
content-language
en
x-goog-hash
crc32c=j4MMYg==, md5=qDm1riEkRBgUX53ibwEk8A==
access-control-expose-headers
Content-Type
cache-control
private, max-age=0
x-goog-stored-content-length
735545
access-control-allow-origin
*
accept-ranges
bytes
expires
Wed, 10 Apr 2024 10:01:42 GMT
flex_close.png
bcdn.grmtas.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcdn.grmtas.com/images/flex_close.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.212.79 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
79.212.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
180e08ed458e9dfc45ce74fa412ffd40d449555aa1ecec30c588c11cef8689b1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:42 GMT
x-goog-meta-goog-reserved-file-mtime
1513711970
x-guploader-uploadid
ABPtcPryPokN-AYJKCKq7NHNy0JS2VozDv0nS-00bYY4z1VhPyHS9KFNDMr9xr7-UtbHMeE-pVkngmPf8Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1689
last-modified
Tue, 19 Dec 2017 19:33:11 GMT
server
UploadServer
etag
"f651f3fa3976f740375dda307c2e7362"
x-goog-generation
1513711991987052
content-type
image/png
content-language
en
x-goog-hash
crc32c=PCEBUg==, md5=9lHz+jl290A3XdowfC5zYg==
access-control-expose-headers
Content-Type
cache-control
private, max-age=0, no-transform
x-goog-stored-content-length
1689
access-control-allow-origin
*
accept-ranges
bytes
expires
Wed, 10 Apr 2024 10:01:42 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7201596650999381&plah=www.choiyen.com&aplac=true&bust=31082589
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Apr 2024 10:01:43 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3B7B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.choiyen.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
4055
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Apr 2024 08:54:08 GMT
expires
Thu, 10 Apr 2025 08:54:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
wrapper.html
wrappers.geoedge.be/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wrappers.geoedge.be/wrapper.html
Requested by
Host: bcdn.grmtas.com
URL: https://bcdn.grmtas.com/js/prebid_v7_gourmetads_ga.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:d000:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

x-amz-version-id
SIv.6LiuODikErkt8hGkZr.zJWI3NFp8
date
Wed, 10 Apr 2024 01:05:14 GMT
via
1.1 c414bd1a4ce7ace94cbfdfa8efcbe5a6.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
60215
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3527
last-modified
Tue, 19 Dec 2023 13:15:23 GMT
server
AmazonS3
etag
"6a6d57dbabaa297544a761a67d32156f"
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
UGqSu6GfnXqbEmaHGar1pBDCe50dXy9Q0CcuoIOe4GJ72fAWsimasQ==
freewheel-mapping.json
cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/ 		14 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/freewheel-mapping.json
Requested by
Host: bcdn.grmtas.com
URL: https://bcdn.grmtas.com/js/prebid_v7_gourmetads_ga.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Apr 2024 10:01:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
17132
x-jsd-version
1.0.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1162
x-served-by
cache-fra-eddf8230153-FRA, cache-lga21982-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"36b6-ffkBzh2j6c/gCM5tBPQMcNXdZI8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Dauz1tme3CozEzXCtt7UqpGWAW0xbvyJPZDKzzewr5uhHlw%2BYP0X4PXrigKnw80ldGRgvQV2zAdaP4%2FqhI9Jf5G6zAH9JEWav12z6HqJ5I%2F6miVsHXRNmi0ebhCbgRYQZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8721e5adc816bff3-WAW
apstag.js
c.amazon-adsystem.com/aax2/ 		298 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: bcdn.grmtas.com
URL: https://bcdn.grmtas.com/pub/ga_pub_7387.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.32.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-32-75.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 09:55:56 GMT
content-encoding
gzip
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront), 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
last-modified
Wed, 27 Mar 2024 15:16:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, MUC50-P2
age
348
etag
W/"4f9091ca1740c69dd8d2e945b57ade3e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
iGRhxKdqc4_ZVQ6ndUZOLPkm3eD1wnxCkft0-ynzdOkgsRhHCxxvsA==
00bcac36-1a3a-4676-8c13-9c85990e44dc
config.aps.amazon-adsystem.com/configs/ 		563 B
828 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/00bcac36-1a3a-4676-8c13-9c85990e44dc
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-78.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
200cd1f230ed050671b92a4d62b071a947c7398139b5f6e069faa67babc6029e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 09:26:05 GMT
via
1.1 09b934fc5a2991212bdc3b299a0a1cb4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MUC50-P2
age
2138
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
563
x-amz-cf-id
_p9s0F-3gtq1LSFHl4okTdbMHppSGpUBo_F3Zlo2jfk7RUJmB8Sang==
config
c.amazon-adsystem.com/cdn/prod/ 		790 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.choiyen.com&pubid=00bcac36-1a3a-4676-8c13-9c85990e44dc
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.32.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-32-75.muc50.r.cloudfront.net
Software
Server /
Resource Hash
f34b974283f619454b19c7b221dda2df5d3e0e658b61123e95fdbeb91a8c312d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:43 GMT
via
1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P2
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.choiyen.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
790
x-amz-cf-id
2lh1ILhF6hAtZqSPNO-BAl3nFco9_rjHqLs6k9EF0HbdM12EJGO48Q==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.choiyen.com%2F&pid=4Z7bRCVQqVsay&cb=0&ws=1600x1200&v=24.305.1002&t=2000&slots=%5B%7B%22sd%22%3A%22ga_11661513%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22ga_11721962%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%7D%2C%7B%22sd%22%3A%22ga_11721966%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x1050%22%2C%22300x600%22%2C%22160x600%22%2C%22120x600%22%5D%7D%2C%7B%22sd%22%3A%22ga_11721963%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ga_11721965%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ga_29510653%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ga_21737799%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!gourmetads.com%2C7387%2C1%2C%2C%2C&pubid=00bcac36-1a3a-4676-8c13-9c85990e44dc&gdpre=1&gdprc=CP82mEAP82mEABcAJBENAvEgAAAAAEPgAAYgIyQAARkgwAAIgAUABcADgAPAAqABcADgAHgAQAAkABfADEAMoAaABqADwAH4ARAAmQBSAFMAKsAXABdADEAGgAN4AfgBCACGgEQARIAjgBLACaAFGAMAAYYAywBmgDRAGyAOQAc4A-IB9gH7AP8BAICDgIQARGAiwCMAEagI4AjoBIgCSgE_AKgAVcAsQBcwC6gF5AL6AYoAz4BogDXgG0ANwAccA6QB2wD7AH_AQgAiYBF4CPQEiAJWATFAmQCZQE7AKHgUgBSICkwFSAKsAVkAruBYgFigLRgWwBbIC3QFyALoAXaAu-BeQF5gL6AYIAwYBkgAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.191.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-191-98.muc50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:43 GMT
via
1.1 e962a4214db0639b31056a5ae4bf22f4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P4
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.choiyen.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
ENCO0kw6lyBq-f3swqltQn9gYpgclygf3tADxQNOWYZZifepbDpbRA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.32.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-32-75.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 c807be9a1ebef174d61ebd59fb655d20.cloudfront.net (CloudFront)
date
Wed, 10 Apr 2024 10:01:44 GMT
x-amz-cf-pop
MUC50-P2
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
l3sCWuaHXLe-ldCvOmiQu_eL28b1uNY7nmObHfADPrTZ_rXwU-Mx1g==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.choiyen.com
URL: https://www.choiyen.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:43 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Wed, 10 Apr 2024 10:16:43 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		92 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.choiyen.com
URL: https://www.choiyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80e66296a0e785e3cc19809ed93b74703d7e768c03d2eada3badca52dd27ef64
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:43 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Mar 2024 11:38:58 GMT
server
cloudflare
x-amz-request-id
8ZMYGB37FC0ZZWX2
age
1705
etag
W/"f162f0b97c89da6502a32c3c1206d74e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8721e5b03e65abe4-CPH
x-amz-id-2
lUqczRIp5Sz1AudHwTxQ97SZxSBmBfPVfydcJ+B2H+IdpWqef7RrsCK3b5DVl2BbyH90K9saBuQ=
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
imageedit_2_3521943642-75x75.png
www.choiyen.com/wp-content/uploads/2021/10/ 		6 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.choiyen.com/wp-content/uploads/2021/10/imageedit_2_3521943642-75x75.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.6.198.192 Petaling Jaya, Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY),
Reverse DNS
stormcaster.mschosting.com
Software
Apache /
Resource Hash
a6d697e3e29d80e01b92c0b7e6ece701760b8ba39973b630fe28d8502d781f8a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 10:01:44 GMT
last-modified
Thu, 28 Oct 2021 08:05:47 GMT
server
Apache
accept-ranges
bytes
content-length
6068
content-type
image/png
cookie_sync
prebid.adnxs.com/pbs/v1/ 		35 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by
Host: bcdn.grmtas.com
URL: https://bcdn.grmtas.com/js/prebid_v7_gourmetads_ga.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.89.208.11 -, , ASN (),
Reverse DNS
Software
nginx/1.25.1 /
Resource Hash
75b92654d45f683273e02e748af77df0a1e8dd57b3a11ec884b9e0d0211bde77

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 10 Apr 2024 10:01:47 GMT
Server
nginx/1.25.1
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.choiyen.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
35
Expires
0
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		0
0
prebid
ib.adnxs-simple.com/ut/v3/ 		248 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: bcdn.grmtas.com
URL: https://bcdn.grmtas.com/js/prebid_v7_gourmetads_ga.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 -, , ASN (),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash
857295c2465ac7680c79095ce0624adb7d5a2b96450a1e5fdbf79574b5d3ccc5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.choiyen.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 10:01:47 GMT
an-x-request-uuid
5676134e-b25f-47e5-bae9-95e3d2a33b2f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.choiyen.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.225; 193.32.248.225; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs-simple.com
content-length
248
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tint-blog.s3.amazonaws.com
URL
https://tint-blog.s3.amazonaws.com/blog/wp-content/uploads/2013/02/url.jpeg
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240408&jk=2535689867852374&bg=!Pj2lPXLNAAbi8lI9wvI7ADQBe5WfOOxkKjsT-I_-e_sTfrOtd2jy6_9JNW9K4AhYU65Yu_3aNgvEsjWMJGDWNNYK3V8CAgAAACBSAAAAAmgBB34ANZE6NSwMsfnGqlVRhwVJs5ad5rX9e_v41kB8MlzMZyghjrS9qcqHRJ9GKcLiMsk6SDdHQOEdCgAIWWKmMtYPsO-ZApfajcWTM765_EUd-SZSL-jNmXCocF67v_IXA1ey9d8ElhnDoLQGos9txKxgXAgnfKM4FOdMwPDTLdKkpkJccbA73QVGu10iWfYlQrurIR7Eubq0xjMUoT5l5L2IgWR-chlAHUQii2b3EWcY9cqxcakBW8xVJhz5VZquDIruZ1eGgKCrRs2LHlIt2-LeD3aroYG2-xR1s7rcMZb4fx_8tO0RuTdsPEFbdkeVN60cN3jdn1OaItTB_-meA8u6qzHTjOQ_uaIxYa7qfWT1Nq6CzdDxTmv-ka6MObg9oh18FJfaxSC8wnFM1PiVYwB1Q-qEKWn9Aph2rKR7fbZERb1OpuUJaa5pG2MDYMi6b3f3R7hR9-L4_LQPZdobGLaVHeM3hNOCkk8EGBT-Hrc824qSeh9fowmJTYGITqZlVCK5THhRKa3dmZROIZirM4mcS5Gv_JmzxBIhoPu8omlGBCnh9F5wfnScU8S4fmH65k2YD2_A0Fm60FDdpGZuxMElP8r3T3vRWitcKwJyPLcy7bB1XTg376N8frFuc2V1QfxJ3cCRZOz9NMTdzHSjacuP_meoSOcoUcH6nnaLz001dXOPh2rhBsn60DAmN2-bZoWOxabSEp_LW8TPUM4wAxNc8wqN2FcfamNNSFsJKcsmJrW1vsZh1tugORL5DGhdqK7Gbc4DHHCvGrtPkNV6dTcNMHx36UFtX3ZBeBJdQLkvrtzm1UtE6ikflcXoTbl0z8_V3DsvRNqxvxN1Iwo2MX3juWOcLYI2mdlpqdx06JVk9DW-HnzJc-uEhhj9bUiYbxS96OKkNtNCF8yPjgkHQABiepNsDz06vRahbWoYy0pB78HeGTjUlNRucA96vSLandHVwrJBLZ0gq8lyjIM
Domain
prebid.adnxs.com
URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| _wpemojiSettings function| advanced_ads_ready object| advanced_ads_ready_queue undefined| $ function| jQuery object| dynamicnews_menu_title object| dynamicnews_sidebar_title function| fbAsyncInit number| sc_project string| sc_security string| scJsHost object| FB function| _statcounter number| ga_sidebar_remove_fixed function| ga_sidebar_init function| ga_exclude_mutations_array function| ga_sidebar string| bts function| getUrlVars function| getUrlParam function| debugTurnedOn function| ga_logd function| skip_iaba boolean| ast_uid_done object| ga_ast_uid_a boolean| do_cmp object| the_amazon_bid object| ga_pa object| ga_placements string| IABA_closed object| ga_gdpr_enforced object| ga_short_geo object| firstScript function| ga_adhesion_hide object| ga_eiv object| ga_actual_targets function| ga_wp function| ga_logMessage function| ga_log function| ga_logInfo function| ga_logWarn function| ga_logError object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| __buffer function| Waypoint object| ga_pbjs object| twemoji object| wp function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| owpbjsChunk object| owpbjs object| _pbjsGlobals object| PWT object| headertag function| __sdcmpapi function| __tcfapi object| SDDAN object| regeneratorRuntime object| Sddan object| dataLayer object| j object| bar object| apntag string| waypointContextKey object| GoogleGcLKhOms object| ga_pbjsChunk object| aax object| ADAGIO object| invibes object| mnet object| mnjs string| nobidVersion object| nobid object| OneKey object| top1 object| realvu_aa_fifo object| realvu_aa number| boost_poll object| apstag object| _aps boolean| apstagLOADED object| apscustom object| __id5_finalization_registry object| ID5 object| uids_found object| google_image_requests object| PublisherCommonId

10 Cookies

Domain/Path Name / Value
www.choiyen.com/ Name: PHPSESSID
Value: 4fd7ceaca28e668b96fbf1450e14adb4
.choiyen.com/ Name: sc_is_visitor_unique
Value: rx7132622.1712743302.3EF155A19F094F0A8DE86DBFEC56C2D7.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc7132622.1712743301.0
www.choiyen.com/ Name: ga_cookie_state
Value: BE
www.choiyen.com/ Name: ga_cookie_geo
Value:
.adnxs.com/ Name: XANDR_PANID
Value: 5xEy0t_kYSt_oZUVke3lKGHfH9pKx3FRJ1DUkf0ICHa5K11D00d_QNYbr54vW05ESIfN2znwEMGUuMN401hRKZ7fgeSvrnzQY2Eg0KBU8Vg.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 3144238887305193833
.go.sonobi.com/ Name: HAPLB8G
Value: s8530|ZhZji
www.choiyen.com/ Name: _pbjs_userid_consent_data
Value: 6235298011792050

18 Console Messages

Source Level URL
Text
security warning URL: https://www.choiyen.com/
Message:
Mixed Content: The page at 'https://www.choiyen.com/' was loaded over HTTPS, but requested an insecure element 'http://www.bloggingpro.com/wp-content/uploads/2010/03/blogger_logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.choiyen.com/
Message:
Mixed Content: The page at 'https://www.choiyen.com/' was loaded over HTTPS, but requested an insecure element 'http://tint-blog.s3.amazonaws.com/blog/wp-content/uploads/2013/02/url.jpeg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.choiyen.com/
Message:
Mixed Content: The page at 'https://www.choiyen.com/' was loaded over HTTPS, but requested an insecure element 'http://pub-images.gourmetads.com/gourmetads-logo.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.choiyen.com/(Line 650)
Message:
Mixed Content: The page at 'https://www.choiyen.com/' was loaded over HTTPS, but requested an insecure element 'http://www.bloggingpro.com/wp-content/uploads/2010/03/blogger_logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.choiyen.com/(Line 650)
Message:
Mixed Content: The page at 'https://www.choiyen.com/' was loaded over HTTPS, but requested an insecure element 'http://tint-blog.s3.amazonaws.com/blog/wp-content/uploads/2013/02/url.jpeg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.choiyen.com/(Line 786)
Message:
Mixed Content: The page at 'https://www.choiyen.com/' was loaded over HTTPS, but requested an insecure element 'http://pub-images.gourmetads.com/gourmetads-logo.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript warning URL: https://www.choiyen.com/(Line 849)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://secure.statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.choiyen.com/(Line 849)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://secure.statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://www.choiyen.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
other warning URL: https://www.choiyen.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.choiyen.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.choiyen.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.choiyen.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.choiyen.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://www.choiyen.com/
Message:
Access to XMLHttpRequest at 'https://prebid.adnxs.com/pbs/v1/openrtb2/auction' from origin 'https://www.choiyen.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://www.choiyen.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
acdn.adnxs.com
ads.pubmatic.com
api.consentframework.com
api.rlcdn.com
bcdn.grmtas.com
c.amazon-adsystem.com
c.statcounter.com
cache.consentframework.com
cdn.id5-sync.com
cdn.jsdelivr.net
choices.consentframework.com
config.aps.amazon-adsystem.com
connect.facebook.net
encrypted-tbn3.gstatic.com
ib.adnxs-simple.com
ib.adnxs.com
js-sec.indexww.com
match.adsrvr.org
pagead2.googlesyndication.com
prebid.adnxs.com
pro.ip-api.com
pub-images.gourmetads.com
secure.cdn.fastclick.net
secure.statcounter.com
sync.go.sonobi.com
tint-blog.s3.amazonaws.com
tpc.googlesyndication.com
wrappers.geoedge.be
www.bloggingpro.com
www.choiyen.com
www.facebook.com
pagead2.googlesyndication.com
prebid.adnxs.com
tint-blog.s3.amazonaws.com
103.6.198.192
104.16.87.20
104.18.38.76
104.20.95.138
108.138.32.75
108.138.36.78
151.101.193.108
157.240.252.13
162.159.134.42
18.173.191.98
184.30.211.26
185.89.208.11
216.58.206.66
23.35.236.201
2600:9000:225b:d000:2:d490:4d80:93a1
2606:4700:10::6816:3556
2606:4700:20::681a:566
2607:f350:3:2569:0:10:0:200c
2a00:1450:4001:806::200e
2a00:1450:4001:809::2001
2a01:4f8:fff3:10::
2a02:26f0:3100::1735:2878
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.120.133.55
35.186.212.79
35.71.131.137
37.252.171.52
37.252.171.85
51.77.64.70
01d6d6259191a158359c1ea6784a27188c3befae865a2ce423d4f060fa723fbd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a
10384f0a694f678b510391ea13d9c7dd758775e51ce971137f4b38be130fdd47
163f56b3b6e604ea7f6aae49c6f6069fc9626233680d09d8a1034440d93d4ac4
180e08ed458e9dfc45ce74fa412ffd40d449555aa1ecec30c588c11cef8689b1
18ecb18038f269af18f116add28d5f76a8110a57160d1e21fd109157a707cd2e
200cd1f230ed050671b92a4d62b071a947c7398139b5f6e069faa67babc6029e
23299a9686369e6485da85d9855e5acda00d7ef7d9a42d6194e1ae003cd2f4d1
2e52be90b218036b8d52194bc1f53c459c33bc521c843e98b0a33ec01d60d169
301079b0e302b6d863d1bb1151926f1dcc3514990581f02234bece2c5a18b087
362f55bfac7e37d6ce157ffa07d3afbb733d4715d4fd8b6640b8e62143d38d1e
3fdcdfd20f719bd492a121fcd444f0dd6524bb3da0421f42ea8581fc63fcd759
419acc05041fbad2d5eafefbd789ce0cbebfe938c625a0ba9b8a3762d09aac00
42b6bd897c06bcd17145b85cfdf5b57efa8da02833e940c15546e12043b7eb1f
43e318a72f153c851de316285702b4ea9fbd2872be5e963b68720aefa0445fed
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
4595637d3f203eeb72ae252ca52527fee5cf8b1f582562b4bf42992e44804b7e
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5cc35f906e426a1ebd5acc6a1c5dd979ae9dd38918050f635597692457dfd294
5e9549dcf4e69eac1bdcde3f6cd80ac2a9e0f46788aaab79c4cf64d4c357e163
60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4
6196e48b5185ec8d0ce98588e778a8242786ad5c1ba7cfe258a9b15257790114
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
640736be5e515bb62544ca7272c5fbdaa1ec13289e5068d9a083fbad709a3b81
650a7fb113f52a01b532472273358cd5206567028381cfe876b3b8a34cd29ba1
68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2
6992448796d5dd031ae394eacaba87e59122065c3bc38b5598059e34d8baa805
6bce7a2fe1ae0cf47b38941b4d4650c1f1b95d62bcdac73c2b0efc731b0a2526
6c44d4c61c3d00d2c66191c5be0fd8b4fbf9a7ee76ebe519e9466c4dc3ee0b77
6daf20d913943295ac3655b1c21782980f54005248549496607db851b7afa623
73c359bfdbeddc49dbd6828aa03d4c2894cc39a6f55eca9cf08b80024c32e76b
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75b92654d45f683273e02e748af77df0a1e8dd57b3a11ec884b9e0d0211bde77
796bc9aa24c6235ec0c511c0534db26cd0ac814e16f04f8f947926b2b0819f67
79f700bab989c44c6f5534cbd496b8eb871026638f0710a499759323281d671f
7c77f9e99404e31af22841057ff91dd62d75bd8c77eb13454529f8c9d4f84322
80e66296a0e785e3cc19809ed93b74703d7e768c03d2eada3badca52dd27ef64
857295c2465ac7680c79095ce0624adb7d5a2b96450a1e5fdbf79574b5d3ccc5
89dd5996e01a9615d552719d2a2b02e5afc12623400a8062bd081bcee55baf6a
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7
9738e74b15ccfde5d94d73c5f7fff840e1c58027b9e4a34c4be6a198ea590daf
97711cf6d03d55d6dfa7ba68473b2d0d3c64c963463100f87f6792a4d0d080c1
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
a6d697e3e29d80e01b92c0b7e6ece701760b8ba39973b630fe28d8502d781f8a
ae440f2d11b0118e6eb9f1ad09acdf2010cbdd8eff9d8a736fbc4866881d6ce9
b63e714a68b719fa808988a250eb0ff0f8b6cdf4ea7f40be6fb10b3699ade533
c2bc0394740468c0cbcb34bcca3763d77bb82ee35d8007fbbf1e952bf668d89f
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d0ee3870dcefaa10fb84c35cc3eecf01760c7743f2906f5ce3fcd47f302ccb22
d64e0d0b86294b43791f26f9062a3b39319c6034dffc2273a2a5ed0451313db2
d850e65552835b3f137b941d741625b693ada871207bc891d501aa16bc12acdb
d99da786d5c3a55307054f2d58d8a4c49eac66013cb058aa34a76015b6da4873
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f34b974283f619454b19c7b221dda2df5d3e0e658b61123e95fdbeb91a8c312d
f58caa0925a17e2607542586345f36a75398b94178fad69de836d59a48fa3638