urlscan.io logo urlscan.io
SecurityTrails logo

blog.paleohacks.com Open in urlscan Pro
2606:4700:10::6816:12c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://links.paleohacks-mailing.com/a/168/click/10048221/746255798/_6e7cb2f91511c762543ac8400578580deefa9ce7/34be99363789cc9e51901a7...
Effective URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Submission: On July 21 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 55 IPs in 10 countries across 58 domains to perform 366 HTTP transactions. The main IP is 2606:4700:10::6816:12c, located in United States and belongs to CLOUDFLARENET, US. The main domain is blog.paleohacks.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 14th 2023. Valid for: a year.
This is the only time blog.paleohacks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.238.129.105 396982 (GOOGLE-CL...)
94 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:225... 16509 (AMAZON-02)
18 2a03:2880:f08... 32934 (FACEBOOK)
10 2a00:1450:400... 15169 (GOOGLE)
5 95.101.148.20 16625 (AKAMAI-AS)
6 2a00:1450:400... 15169 (GOOGLE)
4 35.202.21.90 396982 (GOOGLE-CL...)
1 2600:9000:225... 16509 (AMAZON-02)
4 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 34.198.79.246 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 8 2a03:2880:f17... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
5 2001:4860:480... 15169 (GOOGLE)
6 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2600:1901:0:4... 15169 (GOOGLE)
3 23.206.208.183 16625 (AKAMAI-AS)
1 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
3 184.30.24.22 16625 (AKAMAI-AS)
52 2606:4700:20:... 13335 (CLOUDFLAR...)
18 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
2 4 2001:678:cb4:... 56396 (AMOBEE)
4 28 142.250.184.226 15169 (GOOGLE)
3 3 52.28.142.138 16509 (AMAZON-02)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
1 1 51.89.9.252 16276 (OVH)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
10 2606:4700:20:... 13335 (CLOUDFLAR...)
5 2600:1901:0:7... 15169 (GOOGLE)
2 18.134.113.28 16509 (AMAZON-02)
1 18.66.147.41 16509 (AMAZON-02)
1 18.66.26.110 16509 (AMAZON-02)
2 104.18.37.231 13335 (CLOUDFLAR...)
1 104.18.43.48 13335 (CLOUDFLAR...)
1 151.101.128.84 54113 (FASTLY)
1 64.185.227.156 18450 (WEBNX)
2 3.11.66.180 16509 (AMAZON-02)
1 2620:116:800d... 16509 (AMAZON-02)
3 3.33.220.150 16509 (AMAZON-02)
2 2 35.186.193.173 15169 (GOOGLE)
1 2 34.96.105.8 396982 (GOOGLE-CL...)
4 4 3.120.241.163 16509 (AMAZON-02)
3 3 2a05:d018:d29... 16509 (AMAZON-02)
3 178.250.7.11 44788 (ASN-CRITE...)
1 1 185.29.132.241 30419 (MEDIAMATH...)
2 4 23.32.185.35 16625 (AKAMAI-AS)
2 2 35.204.74.118 396982 (GOOGLE-CL...)
1 1 35.190.0.66 15169 (GOOGLE)
1 1 151.101.194.49 54113 (FASTLY)
2 2 37.157.6.241 198622 (ADFORM)
8 8 142.250.185.198 15169 (GOOGLE)
8 8 84.200.5.215 44066 (DE-FIRSTC...)
4 167.233.13.224 24940 (HETZNER-AS)
1 3 104.77.35.11 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 145.239.193.130 16276 (OVH)
1 35.186.241.51 15169 (GOOGLE)
366 55
1    35.238.129.105 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.129.238.35.bc.googleusercontent.com
links.paleohacks-mailing.com
94    2606:4700:10::6816:12c (United States)

ASN13335 (CLOUDFLARENET, US)
blog.paleohacks.com
3    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2600:9000:225f:b000:1c:9484:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.attn.tv
18    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
10    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
5    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
6    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    35.202.21.90 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com
paleohacks.lpages.co
1    2600:9000:225a:7600:6:66ad:d100:21 (United States)

ASN16509 (AMAZON-02, US)
d39ziaow49lrgk.cloudfront.net
4    2a02:26f0:480:5a1::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.pinterest.com
s.pinimg.com
1    34.198.79.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-79-246.compute-1.amazonaws.com
178194.tracking.hyros.com
2    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
5    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
track.mypaleorecipe.com
1    2600:1901:0:498c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
cdn.mxpnl.com
3    23.206.208.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-183.deploy.static.akamaitechnologies.com
ct.pinterest.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
9    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    184.30.24.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com
lg3.media.net
52    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
18    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
11    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
28    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
3    52.28.142.138 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-142-138.eu-central-1.compute.amazonaws.com
pm.w55c.net
3    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    85.114.159.93 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    2a05:d01c:1d8:8100:141f:37a7:c589:e0b2 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
1    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
5    2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
10    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
5    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
2    18.134.113.28 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-113-28.eu-west-2.compute.amazonaws.com
track.webgains.com
1    18.66.147.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-41.fra60.r.cloudfront.net
analytics.webgains.io
1    18.66.26.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-26-110.vie50.r.cloudfront.net
cdn.track.production.webgains.team
2    104.18.37.231 (None, )

ASN13335 (CLOUDFLARENET, US)
paleohacks.attn.tv
1    104.18.43.48 (None, )

ASN13335 (CLOUDFLARENET, US)
events.attentivemobile.com
1    151.101.128.84 (United States)

ASN54113 (FASTLY, US)
log.pinterest.com
1    64.185.227.156 (Los Angeles, United States)

ASN18450 (WEBNX, US)
PTR: 64-185-227-156.static.webnx.com
api.ipify.org
2    3.11.66.180 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-66-180.eu-west-2.compute.amazonaws.com
api.webgains.io
1    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
2    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
4    3.120.241.163 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-241-163.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    2a05:d018:d29:3605:cb40:4a86:732c:5dc5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com
sync.teads.tv
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
8    142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net
ad.doubleclick.net
8    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
4    167.233.13.224 (Ismaning, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de
partner.o2online.de
partner.blau.de
3    104.77.35.11 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-35-11.deploy.static.akamaitechnologies.com
www.awin1.com
1    2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
2    145.239.193.130 (Valence, France)

ASN16276 (OVH, FR)
pv.medialead.de
1    35.186.241.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.241.186.35.bc.googleusercontent.com
api-js.mixpanel.com
Apex Domain
Subdomains		 Transfer
94 paleohacks.com
blog.paleohacks.com
3 MB
62 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 31220
ad4m.at — Cisco Umbrella Rank: 10297
assets.ad4m.at — Cisco Umbrella Rank: 41323
2 MB
50 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 208
googleads.g.doubleclick.net — Cisco Umbrella Rank: 56
stats.g.doubleclick.net — Cisco Umbrella Rank: 120
cm.g.doubleclick.net — Cisco Umbrella Rank: 242
ad.doubleclick.net — Cisco Umbrella Rank: 184
239 KB
35 googlesyndication.com
c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 153
pagead2.googlesyndication.com — Cisco Umbrella Rank: 134
136 KB
13 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 679
732 KB
12 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2709
adservice.google.com — Cisco Umbrella Rank: 117
www.google.com — Cisco Umbrella Rank: 3
2 KB
10 ad4mat.net
static-de.ad4mat.net — Cisco Umbrella Rank: 158577
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 129790
20 KB
8 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
75 KB
8 media.net
contextual.media.net — Cisco Umbrella Rank: 634
lg3.media.net — Cisco Umbrella Rank: 5862
103 KB
6 mypaleorecipe.com
track.mypaleorecipe.com
36 KB
6 pinterest.com
assets.pinterest.com — Cisco Umbrella Rank: 3765
ct.pinterest.com — Cisco Umbrella Rank: 795
log.pinterest.com — Cisco Umbrella Rank: 4780
21 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 207
308 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 59
22 KB
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 166
246 KB
5 attn.tv
cdn.attn.tv — Cisco Umbrella Rank: 3929
paleohacks.attn.tv
43 KB
4 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 69723
2 KB
4 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 68574
1 KB
4 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1361
904 B
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 355
2 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 902
r.turn.com — Cisco Umbrella Rank: 4050
2 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 5791
776 B
4 lpages.co
paleohacks.lpages.co
15 KB
3 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16651
2 KB
3 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 76720
4 KB
3 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 607
1 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470
2 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 384
793 B
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 26599
api.webgains.io — Cisco Umbrella Rank: 54706
31 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 808
s.tribalfusion.com — Cisco Umbrella Rank: 1937
2 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 910
3 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 82
3 KB
2 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 49999
994 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 610
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 882
1 KB
2 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2149
573 B
2 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 43292
1014 B
2 webgains.com
track.webgains.com — Cisco Umbrella Rank: 43281
2 KB
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1585
1 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 860
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
162 KB
1 mixpanel.com
api-js.mixpanel.com — Cisco Umbrella Rank: 2518
364 B
1 conrad.de
www.conrad.de — Cisco Umbrella Rank: 88951
474 B
1 blau.de
partner.blau.de — Cisco Umbrella Rank: 131204
1 KB
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 737
547 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 8884
556 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1019
732 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 811
464 B
1 attentivemobile.com
events.attentivemobile.com — Cisco Umbrella Rank: 3713
160 B
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 61596
15 KB
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 801
336 B
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1724
297 B
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2696 Failed
221 B
1 mxpnl.com
cdn.mxpnl.com — Cisco Umbrella Rank: 4923
18 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 hyros.com
178194.tracking.hyros.com
1 cloudfront.net
d39ziaow49lrgk.cloudfront.net
18 KB
1 paleohacks-mailing.com
links.paleohacks-mailing.com — Cisco Umbrella Rank: 617845
725 B
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
366 58
Domain Requested by
94 blog.paleohacks.com blog.paleohacks.com
track.mypaleorecipe.com
28 cm.g.doubleclick.net 4 redirects c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
22 assets.ad4m.at as.ad4m.at
20 ad4m.at as.ad4m.at
ad4m.at
20 as.ad4m.at blog.paleohacks.com
as.ad4m.at
ad4m.at
c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
18 tpc.googlesyndication.com blog.paleohacks.com
c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
13 static.xx.fbcdn.net www.facebook.com
11 pagead2.googlesyndication.com blog.paleohacks.com
c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
10 securepubads.g.doubleclick.net blog.paleohacks.com
www.googletagservices.com
securepubads.g.doubleclick.net
c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
9 www.google.com blog.paleohacks.com
c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
tpc.googlesyndication.com
8 ad.doubleclick.net 8 redirects
8 www.facebook.com 2 redirects blog.paleohacks.com
connect.facebook.net
6 c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 track.mypaleorecipe.com www.googletagmanager.com
track.mypaleorecipe.com
6 www.googletagservices.com blog.paleohacks.com
c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
5 prod-rtb.ad4mat.net c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
5 static-de.ad4mat.net as.ad4m.at
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
blog.paleohacks.com
5 contextual.media.net blog.paleohacks.com
contextual.media.net
5 connect.facebook.net blog.paleohacks.com
connect.facebook.net
www.googletagmanager.com
4 www.lead-alliance.net 4 redirects
4 www.telefonica-partner.de 4 redirects
4 sync.teads.tv 2 redirects c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
4 x.bidswitch.net 4 redirects
4 www.google.de blog.paleohacks.com
4 paleohacks.lpages.co blog.paleohacks.com
paleohacks.lpages.co
3 www.awin1.com 1 redirects as.ad4m.at
3 partner.o2online.de as.ad4m.at
3 dis.criteo.com c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
3 pr-bh.ybp.yahoo.com 3 redirects
3 match.adsrvr.org c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
3 pm.w55c.net 3 redirects
3 lg3.media.net blog.paleohacks.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 ct.pinterest.com s.pinimg.com
blog.paleohacks.com
3 cdn.attn.tv blog.paleohacks.com
cdn.attn.tv
3 fonts.googleapis.com blog.paleohacks.com
paleohacks.lpages.co
2 pv.medialead.de as.ad4m.at
2 c1.adform.net 2 redirects
2 um.simpli.fi 2 redirects
2 tr.blismedia.com 1 redirects c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
2 gcm.ctnsnet.com 2 redirects
2 api.webgains.io analytics.webgains.io
2 paleohacks.attn.tv cdn.attn.tv
2 track.webgains.com as.ad4m.at
2 dsp.adfarm1.adition.com 2 redirects
2 a.tribalfusion.com 1 redirects c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
2 r.turn.com c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
2 ad.turn.com 2 redirects
2 adservice.google.com securepubads.g.doubleclick.net
2 s.pinimg.com blog.paleohacks.com
s.pinimg.com
2 www.googletagmanager.com blog.paleohacks.com
www.googletagmanager.com
2 assets.pinterest.com blog.paleohacks.com
assets.pinterest.com
1 api-js.mixpanel.com cdn.mxpnl.com
1 www.conrad.de as.ad4m.at
1 partner.blau.de as.ad4m.at
1 sync-tm.everesttech.net 1 redirects
1 ads.travelaudience.com 1 redirects
1 sync.mathtag.com 1 redirects
1 cms.quantserve.com c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
1 log.pinterest.com blog.paleohacks.com
1 events.attentivemobile.com cdn.attn.tv
1 cdn.track.production.webgains.team as.ad4m.at
1 analytics.webgains.io track.webgains.com
1 onetag-sys.com 1 redirects
1 ag.innovid.com c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
1 s.tribalfusion.com blog.paleohacks.com
1 api.ipify.org blog.paleohacks.com
track.mypaleorecipe.com
1 region1.analytics.google.com www.googletagmanager.com
1 cdn.mxpnl.com blog.paleohacks.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 178194.tracking.hyros.com blog.paleohacks.com
1 d39ziaow49lrgk.cloudfront.net blog.paleohacks.com
1 links.paleohacks-mailing.com 1 redirects
0 googlecm.hit.gemius.pl Failed c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
366 76
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-14 -
2024-05-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
*.attn.tv
Amazon RSA 2048 M01		 2023-05-02 -
2024-05-29		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-04-30 -
2023-07-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.lpages.co
R3		 2023-05-12 -
2023-08-10		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-01 -
2023-08-08		 a year crt.sh
tracking.hyros.com
Amazon RSA 2048 M02		 2023-04-02 -
2024-04-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
*.mxpnl.com
GeoTrust TLS RSA CA G1		 2023-07-12 -
2024-08-11		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
*.innovid.com
RapidSSL TLS RSA CA G1		 2023-03-15 -
2024-04-14		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-06-04 -
2023-09-02		 3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
*.webgains.io
Amazon RSA 2048 M02		 2023-03-02 -
2023-09-21		 7 months crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M01		 2023-02-28 -
2023-10-28		 8 months crt.sh
attn.tv
Cloudflare Inc ECC CA-3		 2023-03-02 -
2024-02-29		 a year crt.sh
attentivemobile.com
Cloudflare Inc ECC CA-3		 2023-03-02 -
2024-02-29		 a year crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2023-02-07 -
2024-02-18		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-06-09 -
2023-09-07		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
pv.medialead.de
R3		 2023-06-14 -
2023-09-12		 3 months crt.sh
*.mixpanel.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-02-13 -
2024-03-15		 a year crt.sh

This page contains 40 frames:

Primary Page: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Frame ID: 1FC4EADB78D1829E33D8C4D0C9936AB3
Requests: 165 HTTP requests in this frame

Frame: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A85CCC8EEFA9ED6D0BFE3E03D91F0B7A
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CUG3G308&https=1&itype=CM
Frame ID: 30EAB75A3AF1A2C94A992D5764A4B8D9
Requests: 1 HTTP requests in this frame

Frame: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 63F8B348BDCD2B7DA7304243B12CCBCE
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1httgmjmr6vqywqsb2v6k0bmdxgphhbveewss28mr1bhsr8tj0kapj9bmegjmqpf7vrd2a0wjrsbakrhkefz7n1a6ctc8p76sb0fxx0nc154m3kyawvh0y3k2x8ck0eqzdpvtfr525pnr99f29yjxjyhbttmznb0brfhbjv5gweam1zapq8w4a9v76nc1fp37gx8capsyz6zg9zrab6as1sa2b4nxs59q8g380ehz0hw19cnq5bb7f72ghhn95s0eqxg8k289fx4fe01acj5at1nt725j0mrwmbm5w9gemxg25vev0813j4vv0tndyhcrvqzpqcdxwjeaq1ck73eczewhy9ftfrb6ccc8bvhtf14n37dvdhj5603f5fqhj0vw3k74vwxr1146mt69bwe4ypxj2w9qx5r7sphndf2efwjzb5p32q0001w9zbkhdnf3hb7s2pa&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCn8SPMdi6ZPWnDYvygAf5p5rAA5DhgYRctqjCivACwI23ARABIABglYKAgLQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnlbeIAqqLI-4AIAqAMByAMCqgSKAk_QqJI-ptbxgyp-4NNH-I4QOJi37aZsbupnaLO-dtLrE_djFhYsZix2uVyXjA9kISs_mItqlr0k5mfkDEE1NJWlITRuIzE_QnXD8pW0GD7e_HL9OV4C19NcZU_HGEk749q8VeJt0j4PmcXsnPMcU4F8fzomeIdaDAni8-7AT2xppiAF9O-CiEYEdai91fhGm5letZXdHScq9F5-aQbgPHNWyzJ3h3qHCPmn0YxM0Jwv0uaXiXMLd84-5RcVPYXFEqShCrBum8nJloO2hfT5L9InAx1dxp_LMAK7a8aH_K_NsV3jBMosL0IKDVw8qXrxtS-ghX6jyYUx8WcfKzL8xY5txMlco02IiuBw4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0K5pXqbtJxp_ExzJAWbt7vL3QJDw%26client%3Dca-pub-5144389657785565%26adurl%3D
Frame ID: 64CAC37B3CF42158887A6FAD8728293F
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js
Frame ID: 80F51C0CDFA5F3C10F4BC6456785338E
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8F093D26DFFC2F2D918D355C4923BC81
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: D941B46CBC0E9A6AA6E4A047DEE891B5
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/__media__/pics/800015191/tran.png
Frame ID: CC7B5CB55B0E2D7E6D314ED096E09A5E
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 001FA08F611E11CF64E8F07D52379301
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=50&e=&g=392ec81b69420783db767c07ffdbfebe%2F6022338115397866070&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1689966641726&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxdwfq6h178364rk071zyp7ws379rd1v8nnfq78tk99c0pcvf4bvvm489xk7fbnt3vb1fxcajeya0y1z603h9f840jfwrgapajrh6j8v68gs3rc1fz1z42p394dhm9atsc9rvksqf7rjt8hp4t92ppjpb90aqh0yhrjav2xtv8rdk0fq1791vy93e0sbws61dpc620czktqbbtn04kq03rvmvrfpjg7a91wzv7ptfyge8ynmeh1jdymwdg5edrw78nwc8b9mvegd7jp99jxagm4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn8SPMdi6ZPWnDYvygAf5p5rAA5DhgYRctqjCivACwI23ARABIABglYKAgLQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnlbeIAqqLI-4AIAqAMByAMCqgSKAk_QqJI-ptbxgyp-4NNH-I4QOJi37aZsbupnaLO-dtLrE_djFhYsZix2uVyXjA9kISs_mItqlr0k5mfkDEE1NJWlITRuIzE_QnXD8pW0GD7e_HL9OV4C19NcZU_HGEk749q8VeJt0j4PmcXsnPMcU4F8fzomeIdaDAni8-7AT2xppiAF9O-CiEYEdai91fhGm5letZXdHScq9F5-aQbgPHNWyzJ3h3qHCPmn0YxM0Jwv0uaXiXMLd84-5RcVPYXFEqShCrBum8nJloO2hfT5L9InAx1dxp_LMAK7a8aH_K_NsV3jBMosL0IKDVw8qXrxtS-ghX6jyYUx8WcfKzL8xY5txMlco02IiuBw4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0K5pXqbtJxp_ExzJAWbt7vL3QJDw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Frame ID: 6EC5C37D5FC78EFB621A94F37A35A1B3
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f4cb75f5dca2%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Fff3734a6720518%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width
Frame ID: D4762A8B8C61BFF6BE5D347D33816DD1
Requests: 11 HTTP requests in this frame

Frame: https://www.facebook.com/v4.0/plugins/like.php?action=like&app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb641f43ffe4c8%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Fff3734a6720518%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Ffacebook.com%2Fpaleohacks&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Frame ID: 6B0FF78F2743A81A7362CB80F2F97F1E
Requests: 4 HTTP requests in this frame

Frame: https://paleohacks.lpages.co/leadbox/1434c2873f72a2%3A13300845e746dc/5697423099822080/?lp-in-iframe=1&mpcampaignid=10048221&__fromjs=1
Frame ID: 79F671EA7B6DC09EA0CECEC8E5D53134
Requests: 2 HTTP requests in this frame

Frame: https://paleohacks.lpages.co/leadbox/1434c2873f72a2%3A13300845e746dc/5697423099822080/?lp-in-iframe=1&mpcampaignid=10048221&__fromjs=1
Frame ID: 0D5FF5CA88B68857BBB7935612BCDBE8
Requests: 2 HTTP requests in this frame

Frame: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 02DE0B72F4013DB0BAAB9BDF49BF3520
Requests: 10 HTTP requests in this frame

Frame: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9B0F84C5BBB593AE2328142D27822512
Requests: 1 HTTP requests in this frame

Frame: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F34D6B29C58FDC337D65EAE3780C94B7
Requests: 9 HTTP requests in this frame

Frame: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CC024A3DC4BB254DAB74DC3E2BA05B6D
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jfzq3n978rqhz86vaq04bv946wt4kakznvhrfj58mxfwnqdzw8pcbxecn68ajbh1khfaszv6zwbebj4jew7699gp0spr63z3fmty5zxsy8qejv45aar81wd8e1mt65vfxg7zwephjh8qjc54c8z2dk1eat7yshnxp1n8f0xdjnzjynh952cwpbe0ehq8m0qj7gh0mfrs682ev1vjt1zz4sxmdzzcr5d3fdr6wfzxea36fxzaj9djtqzvkkdf4kt59wj1bj5k39p5gm9gsk29whw3pxy779wg8nkr6597c9wj2qw7nvh4ke3x7zqxgbpeqwq23y0er17qccv7t3aq94g477qbgwfw4xhg5z453xk02tck7m0ka5qp2rkym990ewna1mf74yf623pf5my8dh1e4q5tserbjyn5z52tgm1saq3fd80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8P5aM9i6ZIe_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgAJP0GHWMcR81Ylc3pgp46uQKqTkWb6HhmzxVcxwi6gxI6xlNRcGlUGTr2dkozjEvaItsvNdYCak_ZEJgwR0u20ySDRCX7k813XVI10T2GB8gDjKaNhyiZglCB8c1ihqDpLS6bSQrcaBdV4DGiaz008ZL9_4lH7YIxeZqgqieoP0MuwFv_x9dX_KyfZ9zna5BYB-jAG7UjgCp97MUGuKU1Ppga3immHuI7TzLCGU-QAgMrINhLvFzKNUYYVlS_46XA7m-mqdFjTZYomYCvoiWwRwqMlJ4eh-ZxLaNf5Qn_2alBWcDaHh9It0XNAdFSwMMeGWi6JlI5fkSQSg7XTavVfe4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2YXOyBCuxPX0M8hb04dTiy3pGF_Q%26client%3Dca-pub-5144389657785565%26adurl%3D
Frame ID: A1CB886B53DEC01F4F65A9EFCF57F946
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 59D03184167BFB46478FF13CFAD001B2
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1ke5scfjqadcvm9g58s9zas2wddcprec5tzrcawqmvp9wt53jf6axed26mw81d11791vbe09nyapc93qgcdwsctk5dac8gc37h4qjaj0yjpfdrv7qam84s41akw7dmqk2d1pbkybn79w6apzx224cc7m6ba6ykwbxes8v9d9fdzs9gjpqcqyw41xed6ht0bhvgcdvecpw6hh7jxgnre7b6j1jjwygyjmav857tn26ey7wzejddy0yeydrx993ea7wec75w9e2y6ta9a1txp6z386mwf3kmpgcs1qy8avs8evh18nhn1w9ta8yb8r037vszqahza4r5m8cstjmx55k9a4gdbjt1rp28qrkfgc4ssq534qvm0qfd07hrqnkpwf90swg4w2grg2v86mdgbd9kmzqys6mw54068x8yrmxj3m4y65&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvevWM9i6ZIi_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgQJP0F1pO3yX67ZzeK1a9e8mcP7zqajDgx-vVyjCHkUr2fBiDi1fWwR1Q9Z9FymkY3BlVDAAikbKp1gkb6bse2j9kLbI5vcHSYG0NVpTHy8pqn34nb7fcQgCrGFa8RtQtE6yhLp0ccXYR4F40XaC6eLeMVD9UcmRSrZz773Wp7ob0ybSCdywsKlRQ2GLel2IN5Nhv-ypp9zjAzJ0kyL5jY9wG-NSi_KUikurnIMMttHBSpxFWUJAxK8K8T_HcrpCO-I4ENnOJLoBJXb-AfOAYc0MlD2ArxifhvDeDqS7p1UAAu2rTtlzjEWMhDi3DbT2kjMPtNJvcm7vmM2z2ViYVWUDV-AEAYAGhpG7mv_1zaN4oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Vle0Y0JIAlvdm_9HUfcsqcQBCgA%26client%3Dca-pub-5144389657785565%26adurl%3D
Frame ID: E019ECE65219B3B448D5101A57B1E903
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js
Frame ID: 3342A470A368297ACDC9E9624C886BEE
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2428ED9F6669180EBD9A63632036B800
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hnb3jc6p52zbbncd6w6rjf9k1870qedcjh22p1j70jzxfc17xw82x9ad2adyss98f125h2b4pjp4yvmx60y0dpqwgpsbxabbzcb1xs0nbvr3w8k7ebtag5nsr9mecqxpvx8c2am39f5fza9d41d98fd8299kprm3nn4ysa0c98awpen24w5cw6excry7gbyv0vjx3w3q4bjpgmza02zd1tkwpygks6pprn1669s1yzdegm4p2kdc21722t8c7p4d6732gsfpwgrcf0s61nzsz3k44v01f1w5sv0c76nesxgqyjn4q84qae9pcn91g0x9v3tv1mpep2ek7v79jawx4dqn0pgyyvs6kma9s9zc48d8xd0g502x833dc4w9gq2t2z862cd0wmnybcnzc8gj8ydwzrw7rdf693exrxf474cs85eryjhx15726aymajh4gzkd605k4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiT-SM9i6ZIm_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEigJP0MyASFGl1c5ginUxYDANj1F2ylqaEEg7IT9maQIdqW4bARAt_XtQHBvEJu3MiHw3g7c8tMQhPzFQwIsvzbqIRHp4qAgUt4euCG_x4JfCMwx7_hvy2s4M-q_uxwyM7ICimDCfNPTrVZdDk0WsExIq0n0OWTGwXdst00EDxQwO3aQ_vQOW-2CElQLmc7LbmbKHsZLeZgF5xcMDM1Crw6028WjFE-f2U8h5QMXoIWmNGYeL-dNWwwri4jAC-naGZpIdPVsusT7sL_FOu5Do617PSwAPxqSYIPnoSUGh4sT3NPrqV7MHd2BMkjr_jOGP4h-U860PWrR9TolKNsFUchZqmrzZmkGG_PjRWeAEAYAGkvWh6ZqGvtcWoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0yKEy7pq4STHDcHe-LdYt2quKDFg%26client%3Dca-pub-5144389657785565%26adurl%3D
Frame ID: 1504333609516DADD1580E074CFEB906
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 466A7449697171AF2CA6D0FCE311A1A5
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kn6tt5qnee1w41yyj2y27wx8yqfecjvn0h5cs1a83b425temq8tpq399qr0vsr979xy7zzf5ajpxmw2s01x2z502f90j2ffahhexkhf3t0at797ben0b9xhyx3n3skfbj8t2keaw7q5ffqx57btkfznssjxt4mgk6amfcnymf2knwsy5hz4jc9epbv5r0nehhs4m6s8ckphgbptk9ed3hdvgytap10mqxa79av3vxysys03hjpvhtbacjs83h3qwjybhanca0etswy4zs8knbjavp0rrwzwtdsnvg20hfcb4kspt9hb100awyap91tcc1p4rb41ry604n5gns90qwv3sbks1srnnrdz9rvgg2xwng7k0pqddn237eg6s0m8sgf2dr3m4v5bdpstafnfn7a14zacjf4dj21waannen6va12k&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-5VpM9i6ZIq_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoElAJP0BErL4Qz4KYSSOSfO-TxjYSJw6a68vKcJkBTx4F3YkdKi0S94QdX7n1qrcA-myZ0-Fkqb0G4Jzmt_tYMpUs14JBeVbzr7wlmoLzshjQv4n5M5ezMOub12oGMlWD5NcgOi26D0DnZqaImaRu5hSW9zLR9VzK4HP-soRHzziv7UnVbUKqdCMGRqWSkQr2zaUmsBGV-r26bHOJZCwBc3xckK9aimFg5eTyG641KEfcQv2_5P4MlHe54JOrztY7bNiBhmsbIr-nitdyAxca98dyaosJZREDgcwoLReT775VmZ7v5aFi3X4VjTcpBhpm_Vzs8FvbkUeFpYzS5qWvJxpmeOvDemvxMWod1QP6Ad6CSpelEnWngBAGABpbepJTeoYKahgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3mqg9F4Pgi-eWOuF2wC9YBDx76Gw%26client%3Dca-pub-5144389657785565%26adurl%3D
Frame ID: 5FA0F31EEBFB0D87D0C68F76319E3F74
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js
Frame ID: E0CE11DDE18FD68779718A9E8BA148C9
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3B7C0A74C6B8ED744C1029270FFCE464
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 3DEA37D555D23E7BDC6E97229DCBD8B9
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: D4C6C17EA2DE6C03639378721AF5573B
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 0508E5D244514D6C0A6E9F8778DF5F46
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 63240E3F2C18A74D642E1AA93C22C291
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 10F6B3C294B48649CFA676099BB6D34D
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C117569&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=728&d=90&e=&g=d1d0b3cb090a29805ed3c9b1ca5df8db%2F7193449840633158726&i=20774%2C20773%2C29981&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1689966644160&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jv522n7hz5mt4d4a810qyv41jvw2ddrb2vxyxhjpdhp8vgjs6e1bpm3afp96vn0sgsypmrf7axhvqn86jq7pm4mje7zxa1w5971b0qwtkyrhb7776051a3frmephv6ck6aracg4vhxxegf9n3f1kytcwnm9q9yxhq1rgzrfy4mez4w6nrawmw32srmrtz8zg0jvaf3429xxnpk94d7y49bz8sap7q64nnbypbvked961z1xg312nqrzgf4d44qq4tdn6k0x34716cftc0kg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8P5aM9i6ZIe_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgAJP0GHWMcR81Ylc3pgp46uQKqTkWb6HhmzxVcxwi6gxI6xlNRcGlUGTr2dkozjEvaItsvNdYCak_ZEJgwR0u20ySDRCX7k813XVI10T2GB8gDjKaNhyiZglCB8c1ihqDpLS6bSQrcaBdV4DGiaz008ZL9_4lH7YIxeZqgqieoP0MuwFv_x9dX_KyfZ9zna5BYB-jAG7UjgCp97MUGuKU1Ppga3immHuI7TzLCGU-QAgMrINhLvFzKNUYYVlS_46XA7m-mqdFjTZYomYCvoiWwRwqMlJ4eh-ZxLaNf5Qn_2alBWcDaHh9It0XNAdFSwMMeGWi6JlI5fkSQSg7XTavVfe4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2YXOyBCuxPX0M8hb04dTiy3pGF_Q%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Frame ID: D3CE760F6BA8A579A427E7E1DD72DAFE
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14019&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1&c=300&d=50&e=&g=553bc22f9e04fe0ee8d6f54e31b87b70%2F3308937503420575864&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1689966644256&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxm7zw2mhzcery9e1jb43n1h3jj4yrtfv3j91smnkm02478zh2m05qz5qzvjkcnnx1hfdgke66ygtcqvmfs9rp4ea67ad7q0gtz7pgmpgk9e5d9jmxfgtxzfkjk1hy6wbtx0awh065ef4xphccm55jfe6jmrm4841q1yhd8fvafwjcsjqvv52xq9shhshw5wme9y11gmqh4g9a00t8wvvyydsaxw91nzwm9gwrd2e82fqzhwx1k6kftztnvs0q4xbw1rhhaw1msxb04ys80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-5VpM9i6ZIq_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoElAJP0BErL4Qz4KYSSOSfO-TxjYSJw6a68vKcJkBTx4F3YkdKi0S94QdX7n1qrcA-myZ0-Fkqb0G4Jzmt_tYMpUs14JBeVbzr7wlmoLzshjQv4n5M5ezMOub12oGMlWD5NcgOi26D0DnZqaImaRu5hSW9zLR9VzK4HP-soRHzziv7UnVbUKqdCMGRqWSkQr2zaUmsBGV-r26bHOJZCwBc3xckK9aimFg5eTyG641KEfcQv2_5P4MlHe54JOrztY7bNiBhmsbIr-nitdyAxca98dyaosJZREDgcwoLReT775VmZ7v5aFi3X4VjTcpBhpm_Vzs8FvbkUeFpYzS5qWvJxpmeOvDemvxMWod1QP6Ad6CSpelEnWngBAGABpbepJTeoYKahgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3mqg9F4Pgi-eWOuF2wC9YBDx76Gw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Frame ID: 688A019F0CFAD6E0953E9BB830192301
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C34719&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=800&d=250&e=&g=2f88be73158720a9766a3c46f8b3be2e%2F3673517890145743693&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1689966644257&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gp140t5m7y1f7qnq3j3fz6d8php3qxbsf7ts879zjdkjgpp1mmxezaxvgt3gvwqvcbxpkgejwh165dv4e9a7hjcbqccsr7g9bgp7jxg3n6ng832b3khvtd9c9htn8wd614pwy29etzzfdk451krnp8pys6aqzvagra7wk80nd0es7xrt9rfy54ve5mqe3x10sbn7w5qkdjh9rahw2t80djx1phzjcc1xty6sy8bn04d83t7ne5dcjp319jhp8e8jn403t7egfpx5aak4mjy0fmt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiT-SM9i6ZIm_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEigJP0MyASFGl1c5ginUxYDANj1F2ylqaEEg7IT9maQIdqW4bARAt_XtQHBvEJu3MiHw3g7c8tMQhPzFQwIsvzbqIRHp4qAgUt4euCG_x4JfCMwx7_hvy2s4M-q_uxwyM7ICimDCfNPTrVZdDk0WsExIq0n0OWTGwXdst00EDxQwO3aQ_vQOW-2CElQLmc7LbmbKHsZLeZgF5xcMDM1Crw6028WjFE-f2U8h5QMXoIWmNGYeL-dNWwwri4jAC-naGZpIdPVsusT7sL_FOu5Do617PSwAPxqSYIPnoSUGh4sT3NPrqV7MHd2BMkjr_jOGP4h-U860PWrR9TolKNsFUchZqmrzZmkGG_PjRWeAEAYAGkvWh6ZqGvtcWoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0yKEy7pq4STHDcHe-LdYt2quKDFg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Frame ID: 96745D980589097487F9AF3399397F34
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=13957%2C183975%2C34719&b=YxGfrf3f9RxFVH9HetQtRR8ckS1T4pJcJQ%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=q4VSmfWfbPBuZHgHDtRCXXxaeSgTA2japQ%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=728&d=90&e=&g=4c6712363cc1126424080b1ca6a45b04%2F1009454974025483350&i=20774%2C20597%2C26474&j=14%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1689966644256&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g06wskc7mphr6eketntsjk2mk7b6w5w7rw4mqhzqbsedgceh1qzj01xvxxmm12j2jm12vje1xzvbq25hzs6tfc11x2bejcjktqhkp1tnbfvam6gyp0nfvc2dfq278bgzx3we3dwjzjb7dgtzsxg03czegh32z5s54wb73stdnw6bhr19qba3b591s586ws18ttet3jznv9px852tjnjpyradz9swmfvr426gkh90sas5p2w49rwaqn8y9mndzsndp2tz2v0n272k8e6g93g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvevWM9i6ZIi_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgQJP0F1pO3yX67ZzeK1a9e8mcP7zqajDgx-vVyjCHkUr2fBiDi1fWwR1Q9Z9FymkY3BlVDAAikbKp1gkb6bse2j9kLbI5vcHSYG0NVpTHy8pqn34nb7fcQgCrGFa8RtQtE6yhLp0ccXYR4F40XaC6eLeMVD9UcmRSrZz773Wp7ob0ybSCdywsKlRQ2GLel2IN5Nhv-ypp9zjAzJ0kyL5jY9wG-NSi_KUikurnIMMttHBSpxFWUJAxK8K8T_HcrpCO-I4ENnOJLoBJXb-AfOAYc0MlD2ArxifhvDeDqS7p1UAAu2rTtlzjEWMhDi3DbT2kjMPtNJvcm7vmM2z2ViYVWUDV-AEAYAGhpG7mv_1zaN4oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1Vle0Y0JIAlvdm_9HUfcsqcQBCgA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Frame ID: E970F68D4A98B11968BD6A327BA0908E
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 483E518E0713E3967C3923D434D47AFC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1FFC26D49DB1C56FE769A0A132D72B4A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

20 Paleo Protein Smoothies To Shake Up Your Morning | PaleoHacks BlogFacebookGoogle+PinterestTwitterYouTubeFacebookPinterestTwitterYouTube

Page URL History Show full URLs

  1. https://links.paleohacks-mailing.com/a/168/click/10048221/746255798/_6e7cb2f91511c762543ac8400578580deefa9ce7/34b... HTTP 302
    https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 75%
Detected patterns
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //assets\.pinterest\.com/js/pinit\.js
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

366
Requests

91 %
HTTPS

49 %
IPv6

58
Domains

76
Subdomains

55
IPs

10
Countries

8120 kB
Transfer

15393 kB
Size

58
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.paleohacks-mailing.com/a/168/click/10048221/746255798/_6e7cb2f91511c762543ac8400578580deefa9ce7/34be99363789cc9e51901a7f23fca7113c89961f?ana=Im1wY2FtcGFpZ25pZD0xMDA0ODIyMSI= HTTP 302
    https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 148
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESED9ydCR3xVkuesM4-2VNe7s&google_cver=1&google_push=AaAOQGGDEaXlBVt1W49svLXeVbZRJmmOFMeczfQGgbBG27k7elWn4kmyurYcFwa0LThb2BJIyIJCFDHZM7cObQ1dy8CeePNehpAjjw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODUyMjQ2Nzk3MDkxNDc5MDg3OQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED9ydCR3xVkuesM4-2VNe7s&google_cver=1
Request Chain 149
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP97oh-_hphHypI-RKTH6vI&google_cver=1&google_push=AaAOQGEdcjunluTmc7YYlDbH3ZMAGxVZwRCx8g-Hm9reMqFbbOPbotmdwtxeYVpx7WkUZB-y59MTlIvB7DYPOq_tnkCm7ZgF5vjn HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP97oh-_hphHypI-RKTH6vI&google_cver=1&google_push=AaAOQGEdcjunluTmc7YYlDbH3ZMAGxVZwRCx8g-Hm9reMqFbbOPbotmdwtxeYVpx7WkUZB-y59MTlIvB7DYPOq_tnkCm7ZgF5vjn HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VkpBZUtmaDcxUW1Wd3Q1&google_gid=CAESEP97oh-_hphHypI-RKTH6vI&google_cver=1&google_push=AaAOQGEdcjunluTmc7YYlDbH3ZMAGxVZwRCx8g-Hm9reMqFbbOPbotmdwtxeYVpx7WkUZB-y59MTlIvB7DYPOq_tnkCm7ZgF5vjn
Request Chain 150
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDPvHCbhoQkEXnuupLWVtTE&google_cver=1&google_push=AaAOQGE-j-DO3bxNLcCF_KKQIf1UuoBLodo3AcWq0wy0hYu8SAp0YePFFN9cczdVlBBoP1aGVxNdZYVkDWb-_AMMBmfd0aGPFHqwMQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGE-j-DO3bxNLcCF_KKQIf1UuoBLodo3AcWq0wy0hYu8SAp0YePFFN9cczdVlBBoP1aGVxNdZYVkDWb-_AMMBmfd0aGPFHqwMQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDPvHCbhoQkEXnuupLWVtTE&google_cver=1&google_push=AaAOQGE-j-DO3bxNLcCF_KKQIf1UuoBLodo3AcWq0wy0hYu8SAp0YePFFN9cczdVlBBoP1aGVxNdZYVkDWb-_AMMBmfd0aGPFHqwMQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGE-j-DO3bxNLcCF_KKQIf1UuoBLodo3AcWq0wy0hYu8SAp0YePFFN9cczdVlBBoP1aGVxNdZYVkDWb-_AMMBmfd0aGPFHqwMQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 151
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECZrCINdIHXjSPdbvnvErLw&google_cver=1&google_push=AaAOQGGwCxRPmjV4vFTnkDlXKhsqEqIZDSJN2zS8G_SyV-hoFMna1q11RdlHLrKiqrjvdO_Amq06t9BeXofprd_vdEZ3MtcqSYsIpw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1ODM1MTQ1NDQ0MjIyMzc1OQ%3D%3D&google_push=AaAOQGGwCxRPmjV4vFTnkDlXKhsqEqIZDSJN2zS8G_SyV-hoFMna1q11RdlHLrKiqrjvdO_Amq06t9BeXofprd_vdEZ3MtcqSYsIpw
Request Chain 153
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEL5MW_5ocvYCVbC9Tssj6QE&google_cver=1&google_push=AaAOQGFbC-sTOLx32w2Q0fzYhub-cVCqTGjGuEVV4CajLFUD5G20Pq-yQmOi-eH5FOI0gzok_z0nISGpmm1jmdwQMIOp4jgcmofY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGFbC-sTOLx32w2Q0fzYhub-cVCqTGjGuEVV4CajLFUD5G20Pq-yQmOi-eH5FOI0gzok_z0nISGpmm1jmdwQMIOp4jgcmofY
Request Chain 184
  • https://www.facebook.com/v4.0/plugins/comments.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f4cb75f5dca2%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Fff3734a6720518%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width= HTTP 302
  • https://www.facebook.com/plugins/comments.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f4cb75f5dca2%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Fff3734a6720518%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width HTTP 302
  • https://www.facebook.com/plugins/feedback.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f4cb75f5dca2%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Fff3734a6720518%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width
Request Chain 259
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELwki-cOh_Saef214yyFVs0&google_cver=1&google_push=AaAOQGG2gXs-PDJaO2X55v-nAFzaLFZg6QNhWHtYiUDowCGNCCbATsRzuKYGRLtWs3tjvB-16UKMcfjV4XiWYjd3BRAVDvGc6gP9UA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGG2gXs-PDJaO2X55v-nAFzaLFZg6QNhWHtYiUDowCGNCCbATsRzuKYGRLtWs3tjvB-16UKMcfjV4XiWYjd3BRAVDvGc6gP9UA&google_hm=D4FT3DIWRwqEdP5RlEjIV_Y
Request Chain 261
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJVwuBimno7-lTiBzNXOOOw&google_cver=1&google_push=AaAOQGEAtJo2Gm9GKvUi618zBpg0OfIbMA7_Ee6rrLtqIV4EOQoyU6AzK8A3bZT6xmGdCMsR12wF9XzHIdYJhlQ6Zwz_amy0Dr1bKGM HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJVwuBimno7-lTiBzNXOOOw&google_cver=1&google_push=AaAOQGEAtJo2Gm9GKvUi618zBpg0OfIbMA7_Ee6rrLtqIV4EOQoyU6AzK8A3bZT6xmGdCMsR12wF9XzHIdYJhlQ6Zwz_amy0Dr1bKGM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGEAtJo2Gm9GKvUi618zBpg0OfIbMA7_Ee6rrLtqIV4EOQoyU6AzK8A3bZT6xmGdCMsR12wF9XzHIdYJhlQ6Zwz_amy0Dr1bKGM&google_hm=SOkvKWE6Q_2WkPAVALPJvg==
Request Chain 262
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPMn_ATS2WQEtSghU-b34ug&google_cver=1&google_push=AaAOQGEoz4Q-vUTFBMp6x827gOYkCLBwh4FtIAeJYHHiKSqai7nrz4ACIhV7w2_9UIY51jJ2Xk7HmN1ctBNROW39hWI5Zq7ET3-08ik HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEoz4Q-vUTFBMp6x827gOYkCLBwh4FtIAeJYHHiKSqai7nrz4ACIhV7w2_9UIY51jJ2Xk7HmN1ctBNROW39hWI5Zq7ET3-08ik&google_hm=eS1tX1hzQjhaRTJwR01PZUNrOExqNmE5V25XQTQwckdLMn5B
Request Chain 267
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESED9ydCR3xVkuesM4-2VNe7s&google_cver=1&google_push=AaAOQGEhqo8xW2oFUNiRdSkwhEe-gls96kPnqzwKD1aGxoFQJ11P-d_ZzXq0hSx_EgtYutdA8Nb-oZqTjuIR8BOaLot60uEqvSQ32jM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODUyMjQ2Nzk3MDkxNDc5MDg3OQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED9ydCR3xVkuesM4-2VNe7s&google_cver=1
Request Chain 268
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMRL9vmWmlgbx6Ypwe-Hhsw&google_cver=1&google_push=AaAOQGFajMiFcAmshQxVdooCjNDgsLWHSsilvjJvXp56DtkQoKwfM-XGoYVmkIegdkRRehK5kaZ4gFaAf1CczEpm-nhfZ5t_o3imLkw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGFajMiFcAmshQxVdooCjNDgsLWHSsilvjJvXp56DtkQoKwfM-XGoYVmkIegdkRRehK5kaZ4gFaAf1CczEpm-nhfZ5t_o3imLkw
Request Chain 271
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPMn_ATS2WQEtSghU-b34ug&google_cver=1&google_push=AaAOQGHozCUPjh-f27Pr-X6oLuV99yjymctsmlMcpXEvUVhLJ8Uzm8gthFDa6qdFqC5j2xsjVAWpSWyj1kaKfJHhGzg65Wde71t8oxI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHozCUPjh-f27Pr-X6oLuV99yjymctsmlMcpXEvUVhLJ8Uzm8gthFDa6qdFqC5j2xsjVAWpSWyj1kaKfJHhGzg65Wde71t8oxI&google_hm=eS1fODQ5SWRCRTJwRnU3d1lkejZpTGpOOXlQSkhUSWh6MH5B
Request Chain 273
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEJVbs2cUk1suN8VGts6P8Vc&google_cver=1&google_push=AaAOQGGDTi8OCD3FXAO9JCAi4b2p5jlenYn9zEhc4h9hm-XB4-xshmwflYLGVGRPvX74qRdqPSIyxLr5LtYdeAFeSVvveHdCemiSMjs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGGDTi8OCD3FXAO9JCAi4b2p5jlenYn9zEhc4h9hm-XB4-xshmwflYLGVGRPvX74qRdqPSIyxLr5LtYdeAFeSVvveHdCemiSMjs HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 275
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP97oh-_hphHypI-RKTH6vI&google_cver=1&google_push=AaAOQGHxDX1UspXyiEpxqJnKOCUVYd2LjlFkzRkLJHq0Ur_SMuql1GJ6nYrkxdlg6GGyyLVNkyOsnNqudfqElkUgcyhADA9rjZ_8xPI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VkpBZUtmaDcxUW1Wd3Q1&google_gid=CAESEP97oh-_hphHypI-RKTH6vI&google_cver=1&google_push=AaAOQGHxDX1UspXyiEpxqJnKOCUVYd2LjlFkzRkLJHq0Ur_SMuql1GJ6nYrkxdlg6GGyyLVNkyOsnNqudfqElkUgcyhADA9rjZ_8xPI
Request Chain 276
  • https://um.simpli.fi/gp_match?google_gid=CAESEGfrgrumsDs1KQyx808lbZw&google_cver=1&google_push=AaAOQGEcY4CzbkRYMPYn2wuovgu-qR3OQ_uMxHvulCVZPrqTWUYbMcibOZOn7Fv1vWbLjGNPYfcZnvJr5rCfP_ZxdVfQW8HCKzoKpGiO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F71BD05E10CB4F6CA1DE932D4CA8FDBA&google_push=AaAOQGEcY4CzbkRYMPYn2wuovgu-qR3OQ_uMxHvulCVZPrqTWUYbMcibOZOn7Fv1vWbLjGNPYfcZnvJr5rCfP_ZxdVfQW8HCKzoKpGiO
Request Chain 277
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELwki-cOh_Saef214yyFVs0&google_cver=1&google_push=AaAOQGErIVh4kubIwZtduStoTLLUSdcS9Hb8KYr61VdVafSV73A3OQsLAxTElwcIfUOLnZDFID_DaJuOPINPpKxm7qmQoOo8fvXTAsk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGErIVh4kubIwZtduStoTLLUSdcS9Hb8KYr61VdVafSV73A3OQsLAxTElwcIfUOLnZDFID_DaJuOPINPpKxm7qmQoOo8fvXTAsk&google_hm=iOC6-tTyRgK39Zfi5JG_i_Y
Request Chain 278
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECZrCINdIHXjSPdbvnvErLw&google_cver=1&google_push=AaAOQGHnh501nLl8pO2RyB1xTKgbjj55HH5hrHHQvA6q20_DTD1XBefSX8ECkMUbUWyVjrX7tpZgywnJklHpaDAGciAXivbBnBb-r018 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1ODM1MTQ1NDQ0MjIyMzc1OQ%3D%3D&google_push=AaAOQGHnh501nLl8pO2RyB1xTKgbjj55HH5hrHHQvA6q20_DTD1XBefSX8ECkMUbUWyVjrX7tpZgywnJklHpaDAGciAXivbBnBb-r018
Request Chain 279
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESECY1JcbEE93KPfgIV4v5mqg&google_cver=1&google_push=AaAOQGF_gXoWCUiBobWjj1RhMjBZ6a4jbg2aFWeOxoOvRzRQ5gGI32_ccF6RVAh_bhstqaRrMnJV6FuNVHkL2ka-LzSZDIWXbAzmkhKP HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=UXb092lWSCaLrOJ6wpujKg2&google_push=AaAOQGF_gXoWCUiBobWjj1RhMjBZ6a4jbg2aFWeOxoOvRzRQ5gGI32_ccF6RVAh_bhstqaRrMnJV6FuNVHkL2ka-LzSZDIWXbAzmkhKP
Request Chain 280
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPMn_ATS2WQEtSghU-b34ug&google_cver=1&google_push=AaAOQGFxcCPLaxRa8cfNgPOWu9OA2d9LG-CYFB6TPvNWXwuTej47HDB_ASdJ-oCFTyGSWqcpLVjz8b4YcstFy8gPpzlHMpQlnGJke4UH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFxcCPLaxRa8cfNgPOWu9OA2d9LG-CYFB6TPvNWXwuTej47HDB_ASdJ-oCFTyGSWqcpLVjz8b4YcstFy8gPpzlHMpQlnGJke4UH&google_hm=eS1zNUh3LmJSRTJwSENuZS4wOC5semo5cVJVWHFEVmN0N35B
Request Chain 288
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEIP7NqRrgekpsTsKJERQOtI&google_cver=1&google_push=AaAOQGGaebP7VKvBeU4oWX-MpOG1PbwsBEV0LHtRrOtch8k3qB2iyHlBjuseEKVCEayd7eTXKe_5LbWF5gSoOqAwLXXOWULMcgrNxr5j HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIP7NqRrgekpsTsKJERQOtI&google_push=AaAOQGGaebP7VKvBeU4oWX-MpOG1PbwsBEV0LHtRrOtch8k3qB2iyHlBjuseEKVCEayd7eTXKe_5LbWF5gSoOqAwLXXOWULMcgrNxr5j
Request Chain 289
  • https://um.simpli.fi/gp_match?google_gid=CAESEGfrgrumsDs1KQyx808lbZw&google_cver=1&google_push=AaAOQGGlra7DVqpACSYO2kvWDlA-VaURXKlyZIe4UAH6MW1hFkLp7x32O0C9A1YOqjW2LurDNIEYWmWCL1-r9tuXI4fpoieqoMcBYvEZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F71BD05E10CB4F6CA1DE932D4CA8FDBA&google_push=AaAOQGGlra7DVqpACSYO2kvWDlA-VaURXKlyZIe4UAH6MW1hFkLp7x32O0C9A1YOqjW2LurDNIEYWmWCL1-r9tuXI4fpoieqoMcBYvEZ
Request Chain 291
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEAEIg-eCEurZ33Gv2A_hZbY&google_cver=1&google_push=AaAOQGHwR-FweNGzQ08jgDXnX8x-64ohb23PQRWO-pfBZVLILArbP0dcY8MOJaKi3UBuloVd244ea2PBz7soWps-8oMmfC1u2kImtdY HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AaAOQGHwR-FweNGzQ08jgDXnX8x-64ohb23PQRWO-pfBZVLILArbP0dcY8MOJaKi3UBuloVd244ea2PBz7soWps-8oMmfC1u2kImtdY&google_hm=hmS62DSycbq_vye53g&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D64BAD834B271BABFBF27B9DEBLIS
Request Chain 292
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJVwuBimno7-lTiBzNXOOOw&google_cver=1&google_push=AaAOQGHZ-YOImzs5P_y9SOv55MrDJbTEDw8lxbRpNHnqt_0zERXG60KE0DoRWcYb8zAbCRhxroi06WMZWNoK3LAx5ayTZpa4EkPXNkQE HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJVwuBimno7-lTiBzNXOOOw&google_cver=1&google_push=AaAOQGHZ-YOImzs5P_y9SOv55MrDJbTEDw8lxbRpNHnqt_0zERXG60KE0DoRWcYb8zAbCRhxroi06WMZWNoK3LAx5ayTZpa4EkPXNkQE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGHZ-YOImzs5P_y9SOv55MrDJbTEDw8lxbRpNHnqt_0zERXG60KE0DoRWcYb8zAbCRhxroi06WMZWNoK3LAx5ayTZpa4EkPXNkQE&google_hm=EkD-i5ItR32BxTLUpItyeg==
Request Chain 293
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPO8o0XrHVBwrPdMGtugnIg&google_cver=1&google_push=AaAOQGH5CMTKxhHcqNGq7iJXJ_dUkaV92vPJ7yFfi2M_xJb-EEMDFLMc4OZQaznMa-OPj8UzThBZWI3DR3LUMLCw57ryYcp7074NkN8z HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPO8o0XrHVBwrPdMGtugnIg&google_cver=1&google_push=AaAOQGH5CMTKxhHcqNGq7iJXJ_dUkaV92vPJ7yFfi2M_xJb-EEMDFLMc4OZQaznMa-OPj8UzThBZWI3DR3LUMLCw57ryYcp7074NkN8z HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE4NTYxNzU4MjI0NzIzNTkxOQ&google_push=AaAOQGH5CMTKxhHcqNGq7iJXJ_dUkaV92vPJ7yFfi2M_xJb-EEMDFLMc4OZQaznMa-OPj8UzThBZWI3DR3LUMLCw57ryYcp7074NkN8z
Request Chain 294
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEJVbs2cUk1suN8VGts6P8Vc&google_cver=1&google_push=AaAOQGHyCIxywDlroR952l_OdfLUB-giHU1N0HpM8G1XtJQiiOa4iSyCv2USOGMI7oYrQ1cko4LOv8UOgxUNBOnt7uY9j6WN-ZJzZZ-dog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGHyCIxywDlroR952l_OdfLUB-giHU1N0HpM8G1XtJQiiOa4iSyCv2USOGMI7oYrQ1cko4LOv8UOgxUNBOnt7uY9j6WN-ZJzZZ-dog HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 331
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=COONo6zAoIADFXif_Qcd4xkEPg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023072121104487051631069X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2023072121104487051631069X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218
Request Chain 334
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3DviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CLuQo6zAoIADFYDiuwgdgYMDdA;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3DviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023072121104487051631061X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
Request Chain 341
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidJBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1689966644_4ae9fd20-27fa-11ee-87f6-2265f034cf4c&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 348
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNrPo6zAoIADFRqQ_Qcd4qABLg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023072121104487051631067X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023072121104487051631067X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&partnerid=12218
Request Chain 355
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117683V1226132702M%26subid%3DviewoneidYxGfrf3f9RxFVH9HetQtRR8ckS1T4pJcJQoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CI-Uo6zAoIADFePzEQgdYFsEhQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117683V1226132702M%26subid%3DviewoneidYxGfrf3f9RxFVH9HetQtRR8ckS1T4pJcJQoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117683V1226132702M&subid=viewoneidYxGfrf3f9RxFVH9HetQtRR8ckS1T4pJcJQoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117683V1226132702M&subid=viewoneidYxGfrf3f9RxFVH9HetQtRR8ckS1T4pJcJQoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023072121104487051631065X117683V1226132702MSviewoneidYxGfrf3f9RxFVH9HetQtRR8ckS1T4pJcJQoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&cons=0&spid=2023072121104487051631065X117683V1226132702MSviewoneidYxGfrf3f9RxFVH9HetQtRR8ckS1T4pJcJQoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&wfid=117683&partnerid=12218

366 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
blog.paleohacks.com/protein-smoothies/
Redirect Chain
  • https://links.paleohacks-mailing.com/a/168/click/10048221/746255798/_6e7cb2f91511c762543ac8400578580deefa9ce7/34be99363789cc9e51901a7f23fca7113c89961f?ana=Im1wY2FtcGFpZ25pZD0xMDA0ODIyMSI=
  • https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
111 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.23
Resource Hash
dc04bf16792fb4dc44fdef70c1604b175a0dc798a163fe1481cb5c9a88d20126

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0
cf-cache-status
DYNAMIC
cf-ray
7ea5bec3ca856903-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 21 Jul 2023 19:10:40 GMT
expires
Fri, 21 Jul 2023 19:10:39 GMT
link
<https://blog.paleohacks.com/wp-json/>; rel="https://api.w.org/", <https://blog.paleohacks.com/wp-json/wp/v2/posts/80585>; rel="alternate"; type="application/json", <https://blog.paleohacks.com/?p=80585>; rel=shortlink
server
cloudflare
vary
Accept-Encoding,User-Agent
x-powered-by
PHP/7.3.23

Redirect headers

cache-control
no-cache
content-type
text/html; charset=utf-8
date
Fri, 21 Jul 2023 19:10:38 GMT
location
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.14.0 + Phusion Passenger 5.3.5
status
302 Found
transfer-encoding
chunked
vary
Origin
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-powered-by
Phusion Passenger 5.3.7
x-request-id
528a5897-9e6b-4d0a-b922-7dd45e8308b7
x-runtime
0.547615
x-xss-protection
1; mode=block
cookie-popup.min.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/ 		0
166 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/cookie-popup.min.css?ver=5.5.12
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:40 GMT
cf-cache-status
HIT
last-modified
Tue, 22 Jun 2021 13:05:01 GMT
server
cloudflare
age
491817
etag
"60d1dffd-0"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bece0f476903-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Tue, 15 Aug 2023 02:33:42 GMT
dashicons.min.css
blog.paleohacks.com/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-includes/css/dashicons.min.css?ver=5.5.12
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7203ef7f18e8e70e9991515982b3bbd43524cf048e9591b7aab1e80db938774

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Apr 2021 11:54:45 GMT
server
cloudflare
age
702328
etag
W/"60782985-e687"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7ea5bece0f4d6903-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 12 Aug 2023 16:05:12 GMT
shared-counts.min.css
blog.paleohacks.com/wp-content/plugins/Shared-Counts-develop/assets/css/ 		26 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/Shared-Counts-develop/assets/css/shared-counts.min.css?ver=1.4.0
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21f25f7bc7b9666cbf2a6dff9d5e82c5f8ca9b60afda6726fa78e8f80ab32f56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 07 Oct 2019 15:03:04 GMT
server
cloudflare
age
1904054
etag
W/"5d9b53a8-6886"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7ea5bece0f4f6903-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 29 Jul 2023 18:16:26 GMT
style.min.css
blog.paleohacks.com/wp-includes/css/dist/block-library/ 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.12
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 06 Oct 2020 19:09:15 GMT
server
cloudflare
age
491818
etag
W/"5f7cc0db-d293"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7ea5bece0f506903-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 15 Aug 2023 02:33:42 GMT
style.min.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/ 		187 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/style.min.css?ver=2.9
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa575e81bbad973d7554e7c58ca906b97472bd692566c3e79f27385f08d63ca1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Jun 2021 13:05:01 GMT
server
cloudflare
age
113443
etag
W/"60d1dffd-2ea5c"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7ea5bece0f526903-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 19 Aug 2023 11:39:57 GMT
font-awesome.min.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/font-awesome/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/font-awesome/css/font-awesome.min.css?ver=5.5.12
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Jun 2021 13:05:01 GMT
server
cloudflare
age
476145
etag
W/"60d1dffd-7918"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7ea5bece0f536903-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 15 Aug 2023 06:54:55 GMT
fonts.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/ 		2 KB
380 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=5.5.12
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0713ea500e4a6a33fbed93ce88ecfcc3333bbdce608f5f07fddf8ac74337f8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
age
295046
cf-polished
origSize=1942
alt-svc
h3=":443"; ma=86400
pragma
public
cf-bgj
minify
last-modified
Tue, 22 Jun 2021 13:05:01 GMT
server
cloudflare
etag
W/"60d1dffd-796"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7ea5bece0f566903-FRA
expires
Thu, 17 Aug 2023 09:13:14 GMT
front.css
blog.paleohacks.com/wp-content/plugins/other-popular-articles/assets/css/ 		950 B
339 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/other-popular-articles/assets/css/front.css?ver=1689966639
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb4030bfa42716d19ae274676604a4d4dec5277ab60c4dcd64e61d0df5f9c573

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 29 Aug 2018 12:45:14 GMT
server
cloudflare
etag
W/"5b86955a-3b6"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7ea5bece0f576903-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 20 Aug 2023 19:10:40 GMT
style.css
blog.paleohacks.com/wp-content/plugins/paleohacks-tools-soften-it/assets/css/ 		3 KB
959 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/paleohacks-tools-soften-it/assets/css/style.css?ver=1689966639
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
903d8d5de01ac0b9aedf5aecbf964498c581cbf6656751999560442e6cc700b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 09 Oct 2019 15:47:58 GMT
server
cloudflare
etag
W/"5d9e012e-ab4"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7ea5bece0f586903-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 20 Aug 2023 19:10:40 GMT
twitter-feed.css
blog.paleohacks.com/wp-content/plugins/wp-to-twitter/css/ 		1 KB
591 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/wp-to-twitter/css/twitter-feed.css?ver=5.5.12
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a53bc33c39273359690f66fe69169c7f21746854db5a1541fb76bd1313e2122

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
age
1564779
cf-polished
origSize=1742
alt-svc
h3=":443"; ma=86400
pragma
public
cf-bgj
minify
last-modified
Tue, 06 Apr 2021 13:07:36 GMT
server
cloudflare
etag
W/"606c5d18-6ce"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7ea5bece0f596903-FRA
expires
Wed, 02 Aug 2023 16:31:01 GMT
css
fonts.googleapis.com/ 		22 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%7CSatisfy&ver=1.2.0
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d371a384b7bb8b79f2cfc828aa4d9dc61481834193c555bd37abd10ddb0bef7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 21 Jul 2023 19:10:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 21 Jul 2023 19:10:40 GMT
mai-theme.min.css
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/ 		74 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/mai-theme.min.css?ver=1.11.9
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3c9181e83a24ce8fd1aedc13a573daded27c8677a50cf879fbee552798158be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 13:06:36 GMT
server
cloudflare
age
1498171
etag
W/"606c5cdc-1264a"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7ea5bece1f616903-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 03 Aug 2023 11:01:09 GMT
flexington.min.css
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/ 		93 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/flexington.min.css?ver=2.5.0
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18dd8449dd7bd05b1b1a8a1640218993802b7e73a218b75c05acf5c9b47d6082

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 13:06:36 GMT
server
cloudflare
age
1510300
etag
W/"606c5cdc-174c5"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7ea5bece1f636903-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 03 Aug 2023 07:39:00 GMT
style.css
blog.paleohacks.com/wp-content/plugins/simple-social-icons/css/ 		1 KB
505 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/simple-social-icons/css/style.css?ver=3.0.2
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
315c4601aeb913aecb4f659c9a9748bd163bb881867c5f6211578667bcc43cb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
age
942526
cf-polished
origSize=1228
alt-svc
h3=":443"; ma=86400
pragma
public
cf-bgj
minify
last-modified
Thu, 14 May 2020 13:04:10 GMT
server
cloudflare
etag
W/"5ebd41ca-4cc"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7ea5bece1f646903-FRA
expires
Wed, 09 Aug 2023 21:21:54 GMT
jquery-ui.min.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/ 		43 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/jquery-ui.min.css?ver=5.5.12
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7104243950b6eff64b0d4d1fa98d354ae07a9605bb31dab31a488c765b32d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Jun 2021 13:05:01 GMT
server
cloudflare
age
491817
etag
W/"60d1dffd-ac08"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7ea5bece1f656903-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 15 Aug 2023 02:33:42 GMT
sspop.css
blog.paleohacks.com/wp-content/plugins/social_share_popup/assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/social_share_popup/assets/css/sspop.css
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb2032a0b90cb58dc7bae39580e26c34a7b44d3aad4fb088f965e32ae8196822

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
age
942526
cf-polished
origSize=4778
alt-svc
h3=":443"; ma=86400
pragma
public
cf-bgj
minify
last-modified
Wed, 29 Aug 2018 12:45:14 GMT
server
cloudflare
etag
W/"5b86955a-12aa"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7ea5bece1f666903-FRA
expires
Wed, 09 Aug 2023 21:21:54 GMT
style.css
blog.paleohacks.com/wp-content/themes/paleohacks/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/themes/paleohacks/style.css?ver=1.2.0.12820200113
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52d3e5c9fb15f3cfd863ca4b8d2144e308acbce5b319dee97f70661130c3878c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
age
628726
cf-polished
origSize=29969
alt-svc
h3=":443"; ma=86400
pragma
public
cf-bgj
minify
last-modified
Tue, 28 Jan 2020 01:13:56 GMT
server
cloudflare
etag
W/"5e2f8ad4-7511"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7ea5bece1f686903-FRA
expires
Sun, 13 Aug 2023 12:31:54 GMT
jquery.js
blog.paleohacks.com/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Aug 2019 16:00:11 GMT
server
cloudflare
age
186312
cf-polished
origSize=96873
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
cf-ray
7ea5bece1f696903-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 26 Jul 2023 15:25:28 GMT
service-facebook-pixel.js
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 		54 B
172 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/service-facebook-pixel.js?ver=5.5.12
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
530699399fd7548a91ac3f2bb58609584569f0520fbaa67c6dbe625cde7a5e0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 22 Jun 2021 13:05:01 GMT
server
cloudflare
age
211076
cf-polished
origSize=68
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
cf-ray
7ea5bece1f6a6903-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 26 Jul 2023 08:32:44 GMT
634.js
blog.paleohacks.com/wp-content/uploads/415/856/public/assets/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/uploads/415/856/public/assets/js/634.js?ver=1.25.0
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c280a532f1bfe942302340b698487d9fc32c8f5f0916fb27b3dc528d43226802

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 22 Jun 2021 13:10:26 GMT
server
cloudflare
age
313437
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
cf-ray
7ea5bece1f6b6903-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 25 Jul 2023 04:06:43 GMT
gtm4wp-form-move-tracker.js
blog.paleohacks.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 		1 KB
386 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.13.1
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a4e4d87eb5124ff8ace838e9e12db5b279607a0773d2b91cd079d85d426089b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 22 Jun 2021 13:09:38 GMT
server
cloudflare
age
211076
cf-polished
origSize=1536
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
cf-ray
7ea5bece1f6c6903-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 26 Jul 2023 08:32:44 GMT
675.js
blog.paleohacks.com/wp-content/uploads/415/904/assets/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/uploads/415/904/assets/675.js?ver=2.12.0
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77f9962a622a241decfe5721c5fd2a68f871f223088b4423b99a996679de7631

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 22 Jun 2021 13:10:26 GMT
server
cloudflare
age
3323
cf-polished
origSize=9328
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
cf-ray
7ea5bece1f6d6903-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 28 Jul 2023 18:15:17 GMT
svgxuse.js
blog.paleohacks.com/wp-content/plugins/simple-social-icons/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/simple-social-icons/svgxuse.js?ver=1.1.21
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af96bd176c6eaa479ffaabedb2b14745bbbe5167067052301d874e690a5adc7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 14 May 2020 13:04:10 GMT
server
cloudflare
age
326835
cf-polished
origSize=9238
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
cf-ray
7ea5bece1f6f6903-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 25 Jul 2023 00:23:25 GMT
cookie-list.js
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 		919 B
571 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/cookie-list.js?ver=2.9
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a6778639759f20ac4c647b91f5620427756b3b59a3d1e05b544a90a75e4bf8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 22 Jun 2021 13:05:01 GMT
server
cloudflare
age
58635
cf-polished
origSize=1385
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
cf-ray
7ea5bece1f706903-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 28 Jul 2023 02:53:25 GMT
653.js
blog.paleohacks.com/wp-content/uploads/415/904/33/881/775/ 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/uploads/415/904/33/881/775/653.js?ver=2.12.0
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94de4f783ba7c57d7ce8932e3ef6b26f064e54d42c66ec30f43e5733a22faa7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 22 Jun 2021 13:10:26 GMT
server
cloudflare
age
31621
cf-polished
origSize=92993
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
cf-ray
7ea5bece1f716903-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 28 Jul 2023 10:23:39 GMT
dtag.js
cdn.attn.tv/paleohacks/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.attn.tv/paleohacks/dtag.js
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225f:b000:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2b47e2b5d041b401f4d6dc04b120f9ada18fdd87dc40f2c764879a7c7c5a2f93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id
Y4H_bTaFBWRi9GimSEzzR9Px4JwIrNub
content-encoding
gzip
via
1.1 5bab9b28b9df8c7c6cb942e5654e9558.cloudfront.net (CloudFront)
date
Fri, 21 Jul 2023 19:10:43 GMT
last-modified
Wed, 08 Feb 2023 20:56:10 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P2
x-amz-server-side-encryption
AES256
etag
W/"d943f1634cc781ba4142fc11b4ba2cd4"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
public, max-age=120
x-amz-replication-status
COMPLETED
x-amz-cf-id
t--Li7n6WcY2IYw-cr1HFcrehpWRAvurDF3hJ81Anpiee5xkDPb2AA==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
520588ce7664bd466b754ad57c4dce8020ffa827cbbcdd7651619a7dc64bb844
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://blog.paleohacks.com/
Origin
https://blog.paleohacks.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 21 Jul 2023 19:10:40 GMT
content-md5
JiZdAZQQ089gl4ULn86T9w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-debug
K9MEnA9dTmAikabgmMlB0pmc8m8emHC3thCPBjvSeZlGOOfRZ0jyWVZ24A0LmpTdCpAN05AtMgM/0FJiet+sOw==
x-fb-content-md5
4d28aab406ca025f620197112054428d
cross-origin-opener-policy
same-origin-allow-popups
etag
"713a177db1be6bda71ad5054259820fe"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 21 Jul 2023 19:23:07 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
adfb527a789ff65fb5304cd34bd2aafbae55c2287ac92423da1734e810dd2670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27580
x-xss-protection
0
server
cafe
etag
861 / 19559 / m202307180101 / config-hash: 3532551707473895787
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 21 Jul 2023 19:10:40 GMT
dmedianet.js
contextual.media.net/ 		101 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/dmedianet.js?cid=8CUG3G308
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fca751b99463cdbb2064f0564f2730ca8ce34c75aaa23846a46bb0651ef9216d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-mnt-h
21-t83w
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 21 Jul 2023 19:10:40 GMT
server
Apache
etag
"7b5c8f3ca3ca4316aef059da6b263e77"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-ks67
timing-allow-origin
*
content-length
38660
expires
Fri, 21 Jul 2023 19:15:40 GMT
logo.png
blog.paleohacks.com/wp-content/uploads/2015/10/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2015/10/logo.png
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83685ec127cc7475c7a3649e73986c90d87d037247409d80423f5caceed4681e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
cf-cache-status
HIT
age
2525671
cf-polished
origFmt=png, origSize=1719
content-disposition
inline; filename="logo.webp"
alt-svc
h3=":443"; ma=86400
content-length
1536
pragma
public
cf-bgj
imgq:85,h2pri
last-modified
Sat, 09 Nov 2019 16:35:00 GMT
server
cloudflare
etag
"5dc6eab4-6b7"
vary
Accept
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14fd01c7f-FRA
expires
Sat, 22 Jul 2023 13:36:09 GMT
cookbook-opt-in1.jpg
blog.paleohacks.com/wp-content/uploads/2015/08/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2015/08/cookbook-opt-in1.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfc98d46b8948bdd10ecef95fe6292a8bfabac6782a441f6759b8bf9f5361af4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
cf-cache-status
HIT
age
2509806
cf-polished
qual=85, origFmt=jpeg, origSize=19662
content-disposition
inline; filename="cookbook-opt-in1.webp"
alt-svc
h3=":443"; ma=86400
content-length
15536
pragma
public
cf-bgj
imgq:85,h2pri
last-modified
Sat, 09 Nov 2019 16:20:14 GMT
server
cloudflare
etag
"5dc6e73e-4cce"
vary
Accept
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14fd41c7f-FRA
expires
Sat, 22 Jul 2023 18:00:34 GMT
beginners-book-143x150.png
blog.paleohacks.com/wp-content/uploads/2018/06/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2018/06/beginners-book-143x150.png
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
735b305aadf14dd683363407e953b1eec091e541f8d6172d459454e40d7074c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
cf-cache-status
HIT
age
2587059
cf-polished
origFmt=png, origSize=9206
content-disposition
inline; filename="beginners-book-143x150.webp"
alt-svc
h3=":443"; ma=86400
content-length
8628
pragma
public
cf-bgj
imgq:85,h2pri
last-modified
Sun, 10 Nov 2019 01:55:00 GMT
server
cloudflare
etag
"5dc76df4-23f6"
vary
Accept
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14fd61c7f-FRA
expires
Fri, 21 Jul 2023 20:33:01 GMT
20-Protein-Smoothies-To-Shake-Up-Your-Morning.jpg
blog.paleohacks.com/wp-content/uploads/2019/08/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2019/08/20-Protein-Smoothies-To-Shake-Up-Your-Morning.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4e54f3040346701c8c4011adf977b31a6e2126debc963149834e0e68fe19187

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
cf-cache-status
HIT
age
228672
cf-polished
qual=85, origFmt=jpeg, origSize=64511
content-disposition
inline; filename="20-Protein-Smoothies-To-Shake-Up-Your-Morning.webp"
alt-svc
h3=":443"; ma=86400
content-length
34008
pragma
public
cf-bgj
imgq:85,h2pri
last-modified
Mon, 11 Nov 2019 18:53:56 GMT
server
cloudflare
etag
"5dc9ae44-fbff"
vary
Accept
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14fd81c7f-FRA
expires
Fri, 18 Aug 2023 03:39:28 GMT
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d39eb8237d1eba013490c4a984b23fa6945db6a75d6aa61af8bf0f3387594ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27595
x-xss-protection
0
server
cafe
etag
434 / 19559 / 31076216 / config-hash: 3532551707473895787
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 21 Jul 2023 19:10:40 GMT
leadbox-1556322866.js
paleohacks.lpages.co/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paleohacks.lpages.co/leadbox-1556322866.js
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.21.202.35.bc.googleusercontent.com
Software
Leadpages /
Resource Hash
1838efd1e3c2c5105de4c7fcac86ce290c80fedb89d4131e1d990ff4a9d4e83f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:41 GMT
strict-transport-security
max-age=15768000
content-encoding
br
server
Leadpages
etag
W/"9la2GA"
vary
Accept-Encoding
x-cache
MISS, HIT
content-type
application/javascript
cache-control
no-cache
20-Protein-Smoothies-To-Shake-Up-Your-Morning744.jpg
blog.paleohacks.com/wp-content/uploads/2019/08/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2019/08/20-Protein-Smoothies-To-Shake-Up-Your-Morning744.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0deefdb7baa1ccf6d66bc78da5add142a5130caff7062e062c5a00d23f3e7380

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Mon, 11 Nov 2019 18:53:57 GMT
server
cloudflare
etag
"5dc9ae45-c03d"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14fd91c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
49213
expires
Sun, 20 Aug 2023 19:10:41 GMT
morning-paleo-smoothie.jpg
blog.paleohacks.com/wp-content/uploads/2017/03/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2017/03/morning-paleo-smoothie.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e84889cb87db55da8abdde45e90e7e3fb352ef848f816e738ccac21b7eebce65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Jul 2018 07:18:54 GMT
server
cloudflare
etag
"5b518cde-975f"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14fda1c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
38751
expires
Sun, 20 Aug 2023 19:10:41 GMT
real-food-protein-shake.jpg
blog.paleohacks.com/wp-content/uploads/2017/03/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2017/03/real-food-protein-shake.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b51c37ff5fe69008307fabe0e42c55b5865be8012c5c35a97f4e045100558914

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Jul 2018 07:18:59 GMT
server
cloudflare
etag
"5b518ce3-6538"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14fdb1c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
25912
expires
Sun, 20 Aug 2023 19:10:41 GMT
peach-coconut-smoothie.jpg
blog.paleohacks.com/wp-content/uploads/2017/03/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2017/03/peach-coconut-smoothie.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83dad54c15cfb7370db9d0fbf73b7175e079225f9234d2eb24ea5a949e7e4833

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Jul 2018 07:18:56 GMT
server
cloudflare
etag
"5b518ce0-dfed"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14fdc1c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
57325
expires
Sun, 20 Aug 2023 19:10:41 GMT
Espresso-Protein-Shake.jpg
blog.paleohacks.com/wp-content/uploads/2017/03/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2017/03/Espresso-Protein-Shake.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7038de60b90eba7fcc47b07a8e1ca2610879661b6066bc06055f6250b4ad1e50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Jul 2018 07:16:52 GMT
server
cloudflare
etag
"5b518c64-a69c"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14fde1c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
42652
expires
Sun, 20 Aug 2023 19:10:41 GMT
shamrock-shake.png
blog.paleohacks.com/wp-content/uploads/2017/03/ 		145 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2017/03/shamrock-shake.png
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2896baee6b8842f374967663fb0bf4b40426f52380b244bfc9f244dde5600cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Jul 2018 07:19:17 GMT
server
cloudflare
etag
"5b518cf5-24327"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14fe11c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
148263
expires
Sun, 20 Aug 2023 19:10:41 GMT
brownie-batter-protein-shake.jpg
blog.paleohacks.com/wp-content/uploads/2017/03/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2017/03/brownie-batter-protein-shake.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b2467afc74bd60eaa7e6783a71e02345337c0d1742d682bda10a5af87a9d470

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Jul 2018 07:18:30 GMT
server
cloudflare
etag
"5b518cc6-148b5"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14fe21c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
84149
expires
Sun, 20 Aug 2023 19:10:41 GMT
almond-joy-protein-shake.jpg
blog.paleohacks.com/wp-content/uploads/2017/03/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2017/03/almond-joy-protein-shake.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce4bede7ea6ea420714374fcc25fa80ed0863ef04d79d698a77b750783dc0123

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Jul 2018 07:18:17 GMT
server
cloudflare
etag
"5b518cb9-cf98"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14fe31c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
53144
expires
Sun, 20 Aug 2023 19:10:41 GMT
Caramel-Smoothie.jpg
blog.paleohacks.com/wp-content/uploads/2016/11/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2016/11/Caramel-Smoothie.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73a1df893e4b1858fb55ca852cb37a21319cdaa7051da0de24e3aef0c9066ea3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Nov 2019 18:35:57 GMT
server
cloudflare
etag
"5dc7070d-d791"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14fe51c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
55185
expires
Sun, 20 Aug 2023 19:10:41 GMT
Paleo-chocolate-coconut-smoothie.jpg
blog.paleohacks.com/wp-content/uploads/2017/03/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2017/03/Paleo-chocolate-coconut-smoothie.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a08b3ce5f1a63f2cf73161dff9f376afd826ca94ed335c383735b7016224d6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Jul 2018 07:17:41 GMT
server
cloudflare
etag
"5b518c95-da89"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14fe61c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
55945
expires
Sun, 20 Aug 2023 19:10:41 GMT
coconut-cream-pie-shake.jpg
blog.paleohacks.com/wp-content/uploads/2017/03/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2017/03/coconut-cream-pie-shake.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
472131e2a0b3a9923aa2571acb454e567534e422625a85b405f2d843c0c52570

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Jul 2018 07:18:36 GMT
server
cloudflare
etag
"5b518ccc-af7e"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14fe81c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
44926
expires
Sun, 20 Aug 2023 19:10:41 GMT
samoa-cookie-shake.jpg
blog.paleohacks.com/wp-content/uploads/2017/03/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2017/03/samoa-cookie-shake.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28a9cd9966f483e6e045ea00027ccdd01729a0f798262de274caf951f41b0003

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Jul 2018 07:19:02 GMT
server
cloudflare
etag
"5b518ce6-bbd5"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14fea1c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
48085
expires
Sun, 20 Aug 2023 19:10:41 GMT
chai-spiced-protein-smoothie.jpg
blog.paleohacks.com/wp-content/uploads/2017/03/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2017/03/chai-spiced-protein-smoothie.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ca1c9f5af182f656194cb2979f3973df5cb0a003d3bd38c2cb08a7ac042e4ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Jul 2018 07:18:33 GMT
server
cloudflare
etag
"5b518cc9-c277"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14feb1c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
49783
expires
Sun, 20 Aug 2023 19:10:41 GMT
almond-matcha-superfood-smoothie.jpg
blog.paleohacks.com/wp-content/uploads/2017/03/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2017/03/almond-matcha-superfood-smoothie.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45c1be73436389f02c770d2d1c5565bf8c3bcdfa2110d87738c702d93e6e09b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Jul 2018 07:18:17 GMT
server
cloudflare
etag
"5b518cb9-acc2"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14fed1c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
44226
expires
Sun, 20 Aug 2023 19:10:41 GMT
AIP-Morning-Smoothie.jpg
blog.paleohacks.com/wp-content/uploads/2017/01/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2017/01/AIP-Morning-Smoothie.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2193d80bc4cefdb76a09ddac0d68f4cde201a2e0dc51155eb48686c199d880d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Nov 2019 19:01:42 GMT
server
cloudflare
etag
"5dc70d16-829f"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14fef1c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
33439
expires
Sun, 20 Aug 2023 19:10:41 GMT
creamy-chocolate-avocado-smoothie.jpg
blog.paleohacks.com/wp-content/uploads/2017/03/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2017/03/creamy-chocolate-avocado-smoothie.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82168bea85f997368bc4644e6b9d08095d2b8c90e2b9eabc4abfdcb17926e88a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Jul 2018 07:18:37 GMT
server
cloudflare
etag
"5b518ccd-73a4"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14ff11c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
29604
expires
Sun, 20 Aug 2023 19:10:41 GMT
Paleo-strawberry-coconut-smoothie.jpg
blog.paleohacks.com/wp-content/uploads/2017/03/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2017/03/Paleo-strawberry-coconut-smoothie.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b60cccafb6ec2bf205be958da942e8bbe124dbca10cb1e8eaa75b6ac78a594

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Jul 2018 07:17:41 GMT
server
cloudflare
etag
"5b518c95-811e"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14ff21c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
33054
expires
Sun, 20 Aug 2023 19:10:41 GMT
Tropical_Coconut_Smoothie_1.jpg
d39ziaow49lrgk.cloudfront.net/wp-content/uploads/2015/03/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d39ziaow49lrgk.cloudfront.net/wp-content/uploads/2015/03/Tropical_Coconut_Smoothie_1.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:7600:6:66ad:d100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0dde316c3d9f75d80bbdbceac417f7c6f424bf661774de611e048189e2d3879d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:42 GMT
via
1.1 f433681e4e05cd33f208653db4a15b1a.cloudfront.net (CloudFront)
last-modified
Thu, 19 Jul 2018 15:18:16 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P1
etag
"fcaf0f3f838f3c11724b83e5b9db386a"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=31104000
accept-ranges
bytes
content-length
17813
x-amz-cf-id
be47xESHNqJV-8fdzy9NwWIS43cfMoZrmD5Q0HibV8RXR_GX6Bu6rQ==
pina-colada.jpg
blog.paleohacks.com/wp-content/uploads/2017/03/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2017/03/pina-colada.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64c9f0e4b833890006bf7258121d6ee3a8c64cd99ace1102c5252c704ea53801

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Jul 2018 07:18:58 GMT
server
cloudflare
etag
"5b518ce2-116b4"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14ff31c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
71348
expires
Sun, 20 Aug 2023 19:10:41 GMT
healthy-orange-julius.jpg
blog.paleohacks.com/wp-content/uploads/2017/03/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2017/03/healthy-orange-julius.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6beaaf60a3c528376907d26643d53136e843b84566d0aa2132e78a1bb15dae3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Jul 2018 07:18:48 GMT
server
cloudflare
etag
"5b518cd8-9476"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14ff41c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
38006
expires
Sun, 20 Aug 2023 19:10:41 GMT
PIN-20-Protein-Smoothies-To-Shake-Up-Your-Morning.jpg
blog.paleohacks.com/wp-content/uploads/2019/08/ 		211 KB
211 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2019/08/PIN-20-Protein-Smoothies-To-Shake-Up-Your-Morning.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2def8d74b52caa3031a35df82df12154ee6e34e29ec27c52d437369af3597fa0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Mon, 11 Nov 2019 18:57:43 GMT
server
cloudflare
etag
"5dc9af27-34cdb"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14ff51c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
216283
expires
Sun, 20 Aug 2023 19:10:41 GMT
lauren-200x200.jpg
blog.paleohacks.com/wp-content/uploads/2019/11/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2019/11/lauren-200x200.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3778c38e4bf0bc228b4a8e8460910aabbc263d974ce38873f91bcda88b74c00f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Nov 2019 02:53:15 GMT
server
cloudflare
etag
"5dca1e9b-1f7c"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14ff61c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
8060
expires
Sun, 20 Aug 2023 19:10:41 GMT
Milk-Thistle744.jpg
blog.paleohacks.com/wp-content/uploads/2017/03/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2017/03/Milk-Thistle744.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc1b42be040850b715a2fcb173c97186ed800d062c9980f661a97a8cd79065df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Jul 2018 07:17:20 GMT
server
cloudflare
etag
"5b518c80-c5d4"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14ff81c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
50644
expires
Sun, 20 Aug 2023 19:10:41 GMT
Tamale-Pizza-with-Coconut-Flour-Crust744.jpg
blog.paleohacks.com/wp-content/uploads/2019/07/ 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2019/07/Tamale-Pizza-with-Coconut-Flour-Crust744.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffaeebb54ad82887bbd7cfe1c662054eb944984969a705dd9a2a95e3b853aca0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Mon, 11 Nov 2019 19:28:04 GMT
server
cloudflare
etag
"5dc9b644-19c67"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14ff91c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
105575
expires
Sun, 20 Aug 2023 19:10:41 GMT
2.png
blog.paleohacks.com/wp-content/uploads/2013/09/ 		457 KB
457 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2013/09/2.png
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b89954b6e655faac47144f839324f91233f0b13f3b69db03e7af9d95c8949baf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Nov 2019 14:40:21 GMT
server
cloudflare
etag
"5dc6cfd5-72273"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14ffa1c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
467571
expires
Sun, 20 Aug 2023 19:10:41 GMT
Caramel-Protein-Smoothie744.jpg
blog.paleohacks.com/wp-content/uploads/2019/08/ 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2019/08/Caramel-Protein-Smoothie744.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dea2d76bbfbe2bbc66c90822c011fa7aa316ed8dca2eda5dc0837e22da6d3171

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Mon, 11 Nov 2019 18:54:51 GMT
server
cloudflare
etag
"5dc9ae7b-1c991"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14ffc1c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
117137
expires
Sun, 20 Aug 2023 19:10:41 GMT
welcome_background-b846349c1589482f22840fb8684601b7-550x413.jpg
blog.paleohacks.com/wp-content/uploads/2019/12/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2019/12/welcome_background-b846349c1589482f22840fb8684601b7-550x413.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87d0cc6bfa46d38da4abcbc18fb2d5c893c43add2ee2b0f04e0e805cf0455c3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
cf-cache-status
HIT
age
63753
cf-polished
qual=85, origFmt=jpeg, origSize=80925
content-disposition
inline; filename="welcome_background-b846349c1589482f22840fb8684601b7-550x413.webp"
alt-svc
h3=":443"; ma=86400
content-length
7588
pragma
public
cf-bgj
imgq:85,h2pri
last-modified
Wed, 04 Dec 2019 21:01:19 GMT
server
cloudflare
etag
"5de81e9f-13c1d"
vary
Accept
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed14ffd1c7f-FRA
expires
Sun, 20 Aug 2023 01:28:07 GMT
20-Amazing-Paleo-Smoothie-Recipes744.jpg
blog.paleohacks.com/wp-content/uploads/2015/04/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2015/04/20-Amazing-Paleo-Smoothie-Recipes744.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28231c5458fd9cb480d00d3a971a9134dddffa2a54aab14ea6ddace5ef739f12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Nov 2019 15:51:52 GMT
server
cloudflare
etag
"5dc6e098-7baa"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed148001c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
31658
expires
Sun, 20 Aug 2023 19:10:41 GMT
Paleo-Rainbow-Smoothie744.jpg
blog.paleohacks.com/wp-content/uploads/2019/08/ 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2019/08/Paleo-Rainbow-Smoothie744.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
730f0360a03efcd7bc76a7538f6ec200c0da77f64624dc79741b534a2ecca903

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Mon, 11 Nov 2019 18:58:05 GMT
server
cloudflare
etag
"5dc9af3d-21ce8"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed148011c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
138472
expires
Sun, 20 Aug 2023 19:10:41 GMT
11-Protein-Packed-Pancakes744.jpg
blog.paleohacks.com/wp-content/uploads/2016/11/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2016/11/11-Protein-Packed-Pancakes744.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f60666eadab2f7ecd6e58e599c160dffc76df7e32c0280c71231b4dbfd095389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Nov 2019 18:33:32 GMT
server
cloudflare
etag
"5dc7067c-11487"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed148021c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
70791
expires
Sun, 20 Aug 2023 19:10:41 GMT
High-Protein-Paleo-Breakfast-Cookie744.jpg
blog.paleohacks.com/wp-content/uploads/2018/01/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2018/01/High-Protein-Paleo-Breakfast-Cookie744.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c5d6118de7369e3f8e06bd343c2c2eb9090573fda398851e33ab22db2026e93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Sun, 10 Nov 2019 01:08:08 GMT
server
cloudflare
etag
"5dc762f8-125b7"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed148031c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
75191
expires
Sun, 20 Aug 2023 19:10:41 GMT
Chocolate-Collagen-Protein-Pancakes-Recipe744.jpg
blog.paleohacks.com/wp-content/uploads/2017/01/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2017/01/Chocolate-Collagen-Protein-Pancakes-Recipe744.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c629bcf88dc23c20cbc029d9516101ae786d9eec88f8ca477fe09222ecdf2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Nov 2019 19:02:34 GMT
server
cloudflare
etag
"5dc70d4a-12b11"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed148041c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
76561
expires
Sun, 20 Aug 2023 19:10:41 GMT
Morning-Glory-Muffins744.jpg
blog.paleohacks.com/wp-content/uploads/2017/02/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2017/02/Morning-Glory-Muffins744.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d50d762acfc4719d72e179a807590dfb8c63e4547b83ecc35a82777d218e30c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Jul 2018 07:14:42 GMT
server
cloudflare
etag
"5b518be2-13fec"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed148061c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
81900
expires
Sun, 20 Aug 2023 19:10:41 GMT
instant-pot-vs-slow-cooker-the-difference-and-which-is-better-3-350x263.jpg
blog.paleohacks.com/wp-content/uploads/2020/12/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2020/12/instant-pot-vs-slow-cooker-the-difference-and-which-is-better-3-350x263.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0128e563cfdd4beabe1edf1488c57094072f85cec6219dd04a3fb2be5d37cf84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
cf-cache-status
HIT
age
257967
cf-polished
qual=85, origFmt=jpeg, origSize=13651
content-disposition
inline; filename="instant-pot-vs-slow-cooker-the-difference-and-which-is-better-3-350x263.webp"
alt-svc
h3=":443"; ma=86400
content-length
10232
pragma
public
cf-bgj
imgq:85,h2pri
last-modified
Fri, 11 Dec 2020 03:23:53 GMT
server
cloudflare
etag
"5fd2e649-3553"
vary
Accept
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed148071c7f-FRA
expires
Thu, 17 Aug 2023 19:31:13 GMT
Breadfruit-Flour-350x263.jpg
blog.paleohacks.com/wp-content/uploads/2020/10/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2020/10/Breadfruit-Flour-350x263.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
869d3767805b1c7b11b2df755e7cb769ee1b450553d87c374e19cb535a6afd2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
cf-cache-status
HIT
age
2081303
cf-polished
degrade=85, origSize=19193, status=webp_bigger
alt-svc
h3=":443"; ma=86400
content-length
13929
pragma
public
cf-bgj
imgq:85,h2pri
last-modified
Tue, 20 Oct 2020 21:03:53 GMT
server
cloudflare
etag
"5f8f50b9-4af9"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed148081c7f-FRA
expires
Thu, 27 Jul 2023 17:02:17 GMT
The-14-Day-Keto-Meal-Plan800-350x263.jpg
blog.paleohacks.com/wp-content/uploads/2020/09/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2020/09/The-14-Day-Keto-Meal-Plan800-350x263.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3e0e5db2674fb727b63871f299ea9f146ce45e3e3ed0c583f4ffdfb6fafb7ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
cf-cache-status
HIT
age
2509806
cf-polished
qual=85, origFmt=jpeg, origSize=36409
content-disposition
inline; filename="The-14-Day-Keto-Meal-Plan800-350x263.webp"
alt-svc
h3=":443"; ma=86400
content-length
30954
pragma
public
cf-bgj
imgq:85,h2pri
last-modified
Thu, 17 Sep 2020 22:14:02 GMT
server
cloudflare
etag
"5f63dfaa-8e39"
vary
Accept
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed1480a1c7f-FRA
expires
Sat, 22 Jul 2023 18:00:34 GMT
The-12-Best-Low-Carb-Vegetables-and-Their-Benefits744.jpg
blog.paleohacks.com/wp-content/uploads/2019/03/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2019/03/The-12-Best-Low-Carb-Vegetables-and-Their-Benefits744.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
755313ac3cb953d818fd8f3344a3ebf9fd2101223dffa2278b5499e927f9a574

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
cf-cache-status
HIT
age
2035454
cf-polished
qual=85, origFmt=jpeg, origSize=109440
content-disposition
inline; filename="The-12-Best-Low-Carb-Vegetables-and-Their-Benefits744.webp"
alt-svc
h3=":443"; ma=86400
content-length
74830
pragma
public
cf-bgj
imgq:85,h2pri
last-modified
Mon, 11 Nov 2019 20:19:53 GMT
server
cloudflare
etag
"5dc9c269-1ab80"
vary
Accept
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed1480b1c7f-FRA
expires
Fri, 28 Jul 2023 05:46:26 GMT
The-7-Best-Natural-Substitutes-for-White-Sugar744.jpg
blog.paleohacks.com/wp-content/uploads/2019/07/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2019/07/The-7-Best-Natural-Substitutes-for-White-Sugar744.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c79fa1e22ae47fd00860dad5c471b16c686c8373b4767145929fc1ff1e2dba07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
cf-cache-status
HIT
age
898866
cf-polished
qual=85, origFmt=jpeg, origSize=83320
content-disposition
inline; filename="The-7-Best-Natural-Substitutes-for-White-Sugar744.webp"
alt-svc
h3=":443"; ma=86400
content-length
57376
pragma
public
cf-bgj
imgq:85,h2pri
last-modified
Mon, 11 Nov 2019 19:28:12 GMT
server
cloudflare
etag
"5dc9b64c-14578"
vary
Accept
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed1480d1c7f-FRA
expires
Thu, 10 Aug 2023 09:29:34 GMT
9-Easy-Yoga-Poses-to-Reverse-Bad-Posture744.jpg
blog.paleohacks.com/wp-content/uploads/2018/05/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2018/05/9-Easy-Yoga-Poses-to-Reverse-Bad-Posture744.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac69914e2139f8eddaee80cb7e3a59b78356cf4a9c638af0cc6f0c147471a455

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
cf-cache-status
HIT
age
86906
cf-polished
qual=85, origFmt=jpeg, origSize=50376
content-disposition
inline; filename="9-Easy-Yoga-Poses-to-Reverse-Bad-Posture744.webp"
alt-svc
h3=":443"; ma=86400
content-length
46494
pragma
public
cf-bgj
imgq:85,h2pri
last-modified
Sun, 10 Nov 2019 01:36:34 GMT
server
cloudflare
etag
"5dc769a2-c4c8"
vary
Accept
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed1480f1c7f-FRA
expires
Sat, 19 Aug 2023 19:02:14 GMT
paleohacks-logo-black-1.png
blog.paleohacks.com/wp-content/uploads/2017/08/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2017/08/paleohacks-logo-black-1.png
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708970c58cd4f871a3f3ffb9309d7e696a537afd00fc7e0d78ccf21137032136

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
cf-cache-status
HIT
age
58261
cf-polished
origFmt=png, origSize=3119
content-disposition
inline; filename="paleohacks-logo-black-1.webp"
alt-svc
h3=":443"; ma=86400
content-length
2012
pragma
public
cf-bgj
imgq:85,h2pri
last-modified
Sat, 09 Nov 2019 20:01:17 GMT
server
cloudflare
etag
"5dc71b0d-c2f"
vary
Accept
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bed148121c7f-FRA
expires
Sun, 20 Aug 2023 02:59:39 GMT
pinit.js
assets.pinterest.com/js/ 		361 B
461 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit.js
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:5a1::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

akamai-x-true-ttl
300
content-encoding
br
x-cdn
akamai
etag
"62d32c28f14783b94192cd8d35bc010d"
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=294
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
203
cookie-popup.js
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/cookie-popup.js?ver=2.9
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11715aec7f7cf76332d464d65a2ce85ed2c12fc4a90cadf0e191418af2df3d7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 22 Jun 2021 13:05:01 GMT
server
cloudflare
age
528628
cf-polished
origSize=21011
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
cf-ray
7ea5bed12f811c7f-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 22 Jul 2023 16:20:12 GMT
jquery.base64.min.js
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 		2 KB
927 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/jquery.base64.min.js?ver=2.9
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49416531519583e597dccc3856da2fa093b5e739baf9fda442b7047309e7f51c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Jun 2021 13:05:01 GMT
server
cloudflare
age
89180
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
cf-ray
7ea5bed14fb51c7f-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 27 Jul 2023 18:24:20 GMT
shared-counts.min.js
blog.paleohacks.com/wp-content/plugins/Shared-Counts-develop/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/Shared-Counts-develop/assets/js/shared-counts.min.js?ver=1.4.0
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79148d3b353f75f4b122ec75e03dd4470a1878599a5f148123f103cfdae350ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 07 Oct 2019 15:03:04 GMT
server
cloudflare
age
518561
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
cf-ray
7ea5bed14fb71c7f-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 22 Jul 2023 19:07:59 GMT
front.js
blog.paleohacks.com/wp-content/plugins/other-popular-articles/assets/js/ 		428 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/other-popular-articles/assets/js/front.js?ver=1689966639
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15d7b13e7c438f4fb9c6b2f9940e9193c9a25c1bb1ed4625d1badbac8882db2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:41 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 29 Aug 2018 12:45:14 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
cf-ray
7ea5bed14fba1c7f-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 28 Jul 2023 19:10:41 GMT
popup.js
blog.paleohacks.com/wp-content/plugins/paleohacks-tools-soften-it/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/paleohacks-tools-soften-it/assets/js/popup.js?ver=1689966639
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
222e024a119ff514e245cc07990f912a400c337efce19b567a6661d23c310938

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:41 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 13 Apr 2019 00:14:12 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
cf-ray
7ea5bed14fbb1c7f-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 28 Jul 2023 19:10:41 GMT
556.js
blog.paleohacks.com/wp-content/uploads/415/578/public/assets/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/uploads/415/578/public/assets/js/556.js?ver=1.8.1
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4c6a39cdb1f2dab900d10c83275e2e72e795325924c731d8fa0c49b9ec5ccb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 22 Jun 2021 13:10:26 GMT
server
cloudflare
age
528628
cf-polished
origSize=5914
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
cf-ray
7ea5bed14fbe1c7f-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 22 Jul 2023 16:20:12 GMT
comment-reply.min.js
blog.paleohacks.com/wp-includes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-includes/js/comment-reply.min.js?ver=5.5.12
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Apr 2021 11:54:45 GMT
server
cloudflare
age
217868
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
cf-ray
7ea5bed14fbf1c7f-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 26 Jul 2023 06:39:32 GMT
hoverIntent.min.js
blog.paleohacks.com/wp-includes/js/ 		1 KB
713 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-includes/js/hoverIntent.min.js?ver=1.8.1
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
495d2f8c8b7f1bbd664c2c10c086a644e63e4934b9734813b27956a34709eea4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Apr 2021 11:54:45 GMT
server
cloudflare
age
312536
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
cf-ray
7ea5bed14fc11c7f-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 25 Jul 2023 04:21:44 GMT
superfish.min.js
blog.paleohacks.com/wp-content/themes/genesis/lib/js/menu/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/themes/genesis/lib/js/menu/superfish.min.js?ver=1.7.10
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 06 Oct 2020 19:10:24 GMT
server
cloudflare
age
303923
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
cf-ray
7ea5bed14fc21c7f-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 25 Jul 2023 06:45:17 GMT
skip-links.min.js
blog.paleohacks.com/wp-content/themes/genesis/lib/js/ 		386 B
441 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/themes/genesis/lib/js/skip-links.min.js?ver=3.3.3
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 06 Oct 2020 19:10:24 GMT
server
cloudflare
age
60114
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
cf-ray
7ea5bed14fc31c7f-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 28 Jul 2023 02:28:46 GMT
mai-theme.min.js
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/mai-theme.min.js?ver=1.11.9
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdef9d92aa1c5e9d8e409303f5ee38caceeecf3c1bdbf6e2f7bec8fe273dd596

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 13:06:36 GMT
server
cloudflare
age
60114
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
cf-ray
7ea5bed14fc51c7f-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 28 Jul 2023 02:28:46 GMT
basic-scroll.min.js
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/basic-scroll.min.js?ver=3.0.2
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
508c6c8665bb4da4b211a97cdc3b2e791109204f82265d6af2eb79c51b61e014

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 13:06:36 GMT
server
cloudflare
age
303923
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
cf-ray
7ea5bed14fc71c7f-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 25 Jul 2023 06:45:17 GMT
mai-scroll.min.js
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/mai-scroll.min.js?ver=1.11.9
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6e7fcc13e9fa0b4541bf314c25c54bf91807667df0a57d7cf30a554a7c00cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 13:06:36 GMT
server
cloudflare
age
60113
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
cf-ray
7ea5bed14fc81c7f-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 28 Jul 2023 02:28:47 GMT
fitvids.min.js
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 		2 KB
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/fitvids.min.js?ver=1.2.0
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
150cbe5c514aa70efcd179127476f4f5451db2ed4d033c0608afabdf9d18ec92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 13:06:36 GMT
server
cloudflare
age
60113
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
cf-ray
7ea5bed14fca1c7f-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 28 Jul 2023 02:28:47 GMT
fitvids-init.min.js
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 		68 B
282 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/fitvids-init.min.js?ver=1.11.9
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1414a599611253b31746e91b77f168573dbb42cc13a705fd72104a7eaca15e93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 06 Apr 2021 13:06:36 GMT
server
cloudflare
age
60113
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
cf-ray
7ea5bed14fcc1c7f-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 28 Jul 2023 02:28:47 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?ver=20160428
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cb143f3ca45bc083c04df6a4191b22a3cdde9dbee39960f09672f8c5e9e001b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 21 Jul 2023 19:10:40 GMT
content-md5
V+8SnFosUnEJXoxNAvbatQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
x-fb-debug
u+vIQdAIkXJZDmd+MWlNvcmJ9KlR0poXLlDgIH2Z00esxTa8yCTBvgohM3lbhinpnfY7U6aaXOxSBfXOUMucCA==
x-fb-content-md5
8f979859df79bfe9f62fa8a06e601a5b
cross-origin-opener-policy
same-origin-allow-popups
etag
"8a0bd3c835c41ef2199b406d47efdb98"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 21 Jul 2023 19:30:40 GMT
sspop.js
blog.paleohacks.com/wp-content/plugins/social_share_popup/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/social_share_popup/assets/js/sspop.js?ver=20160428
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa0d6c798742eedb9be8babd47ebaaace2c45e45d1bb86a4b1bf55a827980b91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 29 Aug 2018 12:45:14 GMT
server
cloudflare
age
129126
cf-polished
origSize=4756
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
cf-ray
7ea5bed14fce1c7f-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 27 Jul 2023 07:18:33 GMT
ea-share-count-support.js
blog.paleohacks.com/wp-content/plugins/social_share_popup/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/social_share_popup/assets/js/ea-share-count-support.js?ver=10.9.9
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
337548e5a49f9b0543f04e26958548f23cf9914ba71aecc4de6005597dd7a910

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 29 Aug 2018 12:45:14 GMT
server
cloudflare
age
129126
cf-polished
origSize=3949
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
cf-ray
7ea5bed14fcf1c7f-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 27 Jul 2023 07:18:33 GMT
universal-script
178194.tracking.hyros.com/v1/lst/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://178194.tracking.hyros.com/v1/lst/universal-script?ph=be1460aad6057c7a1655c8e1f69701db974993aa8c5a8087d36bd921dbbd93db&tag=!tracking
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.79.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-79-246.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers
gtm.js
www.googletagmanager.com/ 		230 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1ccd8afe56f0b455bba1b1ccba0eef363becc19167f7f2c4ba5e99c503311ead
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83576
x-xss-protection
0
last-modified
Fri, 21 Jul 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 21 Jul 2023 19:10:40 GMT
symbol-defs.svg
blog.paleohacks.com/wp-content/plugins/simple-social-icons/ 		19 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/simple-social-icons/symbol-defs.svg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194388578fe16a8f6d0790e1af9f6f935a03b3ecb8d7620f0ebca642761ebc88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 14 May 2020 13:04:10 GMT
server
cloudflare
age
2119629
etag
W/"5ebd41ca-4b81"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
cf-ray
7ea5bed148131c7f-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 27 Jul 2023 06:23:31 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%7CSatisfy&ver=1.2.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.paleohacks.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 00:21:44 GMT
x-content-type-options
nosniff
age
586136
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 00:21:44 GMT
sdk.js
connect.facebook.net/en_US/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=3be4881e421d35fd2bb75609aea48703
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6974d0dc9ca9cac6831ba21bba9a0fcb1ac3067714c685da2245248b57b30b73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://blog.paleohacks.com/
Origin
https://blog.paleohacks.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 21 Jul 2023 19:10:40 GMT
content-md5
wBMQ0udNy6/SoPyS54prIg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88733
x-fb-debug
CEtQxWJid6Fmw2rUQAAu+sBw1hRhev+LnHOG+aCLh9ZZhTxHjLdET3z+5KlEU7Mko4x4Ooqah1+SBuxMWbssMA==
x-fb-content-md5
93f354a0cca5aae240108c9396fe414d
cross-origin-opener-policy
same-origin-allow-popups
etag
"7c8a2d8cd296496ac0460af75259d7b4"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 20 Jul 2024 17:38:46 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=510626776365517&ev=fb_page_view&dl=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F%3Fmpcampaignid%3D10048221&rl=&if=false&ts=1689966640969&sw=1600&sh=1200&at=
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 21 Jul 2023 19:10:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/955239029/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/955239029/?random=1689966641003&cv=11&fst=1689966641003&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F%3Fmpcampaignid%3D10048221&hn=www.googleadservices.com&frm=0&tiba=20%20Paleo%20Protein%20Smoothies%20To%20Shake%20Up%20Your%20Morning%20%7C%20PaleoHacks%20Blog&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdfac542ba02fe75587505204e34f28ddc1c385b810f4f1a2878e1b792eb0a8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1368
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 21 Jul 2023 19:04:37 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
364
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 21 Jul 2023 21:04:37 GMT
fbevents.js
connect.facebook.net/en_US/ 		171 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5facf3ca997fd8a7658579d40b8bc44a659e12df5b45b2f1f1713f987b86366c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 21 Jul 2023 19:10:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
46993
x-xss-protection
0
pragma
public
x-fb-debug
v+3YClsl1ZBMhIhba0HMszCDqljCo92CJGFxQnxnsa+b28mi78t5S1/5ebNTOuP/R5yc1Y1bBFMzQqm6kwa6/A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
core.js
s.pinimg.com/ct/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:5a1::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
682b27e54462f82c7d74362de52e2aa29a0a0fa5edc381d664970eb94470fc5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

akamai-x-true-ttl
7200
content-encoding
br
x-cdn
akamai
etag
"b890a703adcb559f5e5d300aa7e4294f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
content-length
1466
jquery-3.5.1.min.js
track.mypaleorecipe.com/js/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:41 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 09 Nov 2021 03:31:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"15d86-5d052be3dfc43"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTPZfX%2BgKyzNaDlu7B%2F1bEwmyQVpFjCJ1uX4225Pnf7epan6nr7fQMVn4DPYrRyY693Ra7I1KOsppYRMO7nq8DpXRJKgM7K9pAPW8U9Dz2LQkb6sZ3wC87PHbtrD%2FgG3FfYT%2Fd7tqfU5VrHWwxGuhl0A2G6coQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7ea5bed2a91c37d7-FRA
alt-svc
h3=":443"; ma=86400
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3537aca32fd9019a921a280a6cb8ee3ee9e7443dc14dd04ed24486a04704203d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 13:20:49 GMT
content-encoding
gzip
age
20992
x-guploader-uploadid
ADPycdtUh3fBJi_4LUfg2sWwOy7c6S-NI5bNbe2LYu7axwu2brEIqwVKOCMkqe0U3KIdXR-013EX_NDV_NECqgj4DfkXK5UPaUAe
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17969
last-modified
Fri, 05 May 2023 17:33:19 GMT
server
UploadServer
etag
"6eb612a000fc103e2769e576a68fc412"
vary
Accept-Encoding
x-goog-generation
1683307999305716
x-goog-hash
crc32c=6XUl6A==, md5=brYSoAD8ED4naeV2po/EEg==
access-control-allow-origin
*
content-type
text/javascript
cache-control
public,max-age=86400
x-goog-stored-content-length
17969
accept-ranges
bytes
expires
Sat, 22 Jul 2023 13:20:49 GMT
js
www.googletagmanager.com/gtag/ 		227 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QMKQQWEFHC&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cdce925f223974f8773c5eb201d2260afeb72b04a0699a64c7bf07ee1ca35b28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81530
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 21 Jul 2023 19:10:41 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/ 		391 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5aa49f0af3e388fdd29408e87eba4ea66280dc6023105732c233ebc6924784b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 10:57:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
29608
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127551
x-xss-protection
0
server
cafe
etag
10618836103773446959
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 20 Jul 2024 10:57:13 GMT
main.bd3e0b05.js
s.pinimg.com/ct/lib/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.bd3e0b05.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:5a1::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ab6456ef0246f3d40fdb403bd81fed03ba17c7541266b465f06cc32f86649a73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

akamai-x-true-ttl
1209600
content-encoding
br
x-cdn
akamai
etag
"6dcfe4ec85689b22c849d9ef7f4b6487"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
content-length
18133
405752247076167
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/405752247076167?v=2.9.116&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
679a1fcf545ea5d1a751b5a0fc4be99f73f4f2ee22fbfb3f0a90fdf6684b49fd
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 21 Jul 2023 19:10:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110180
x-xss-protection
0
pragma
public
x-fb-debug
IlAfB9eVPxwUEyO+97zvTkevQJXQPShDGP1QyNNNepdsFQZA2QQdUhsKx646wF+ZSI7ZckiN1fPVgWAfdh4pLg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/user/ 		568 B
859 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2615989242318&cb=1689966641060&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.bd3e0b05.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
159ec23a6b35726aca57348e6615a6db4fa63c8bb12490cca4d260c8e05f9434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-cdn
akamai
akamai-grn
0.ccd5ce17.1689966641.8f8e22f
x-envoy-upstream-service-time
1
content-length
385
x-pinterest-rid
1008599005977811
pin-unauth
dWlkPVpqUTRPRFZtWm1JdE5tTm1ZeTAwTnpBNUxXSXhOMll0T1dKa1pXUm1abVF3TkRVNA
pragma
no-cache
referrer-policy
origin
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://blog.paleohacks.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:06:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
240
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 21 Jul 2023 20:06:41 GMT
collect
www.google-analytics.com/j/ 		4 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=829265085&t=pageview&_s=1&dl=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F%3Fmpcampaignid%3D10048221&ul=en-us&de=UTF-8&dt=20%20Paleo%20Protein%20Smoothies%20To%20Shake%20Up%20Your%20Morning%20%7C%20PaleoHacks%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAjAAAAACAAI~&jid=1504321185&gjid=535367918&cid=1509868738.1689966641&tid=UA-42752472-1&_gid=906201907.1689966641&_r=1&_slc=1&gtm=45He37j0n81TJTDCJG&cd1=recipes&cd2=March%2018%2C%202017&cd3=Lauren%20Fellows&cd5=drink-recipes%2Crecipe-collections%2Csmoothie-recipes%2Cvegetarian&z=1336498834
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.paleohacks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blog.paleohacks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2615989242318&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F%3Fmpcampaignid%3D10048221%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22bd3e0b05%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1689966641084
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:41 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.ccd5ce17.1689966641.8f8e231
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
2
content-length
35
x-pinterest-rid
1138547392446857
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-QMKQQWEFHC&gtm=45je37j0&_p=829265085&_gaz=1&cid=1509868738.1689966641&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689966641&sct=1&seg=0&dl=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F%3Fmpcampaignid%3D10048221&dt=20%20Paleo%20Protein%20Smoothies%20To%20Shake%20Up%20Your%20Morning%20%7C%20PaleoHacks%20Blog&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMKQQWEFHC&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blog.paleohacks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QMKQQWEFHC&cid=1509868738.1689966641&gtm=45je37j0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMKQQWEFHC&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blog.paleohacks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QMKQQWEFHC&cid=1509868738.1689966641&gtm=45je37j0&aip=1&z=1714137823
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=blog.paleohacks.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		96 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1445756710213098&correlator=2279871784299014&eid=31072019%2C31075029%2C44797786&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fifs&iu_parts=55892584%2CPH300x2502%2CPHBlog300x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x250%2C300x250&ifi=1&adks=79842087%2C1706127594&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1689966641160&lmt=1689966641&dlt=1689966640319&idt=809&adxs=-9%2C1100&adys=-9%2C1505&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F%3Fmpcampaignid%3D10048221&frm=20&vis=1&psz=0x-1%7C300x250&msz=0x-1%7C300x-1&fws=2%2C4&ohw=0%2C1600&ga_vid=1509868738.1689966641&ga_sid=1689966641&ga_hid=829265085&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75ffa5acf4d8d7334fb1737f7353046bcc162e41d94117a25eb08bd8bf522aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19656
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://blog.paleohacks.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A85C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.paleohacks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Jul 2023 19:10:41 GMT
expires
Sat, 20 Jul 2024 19:10:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-42752472-1&cid=1509868738.1689966641&jid=1504321185&gjid=535367918&_gid=906201907.1689966641&_u=YEBAAEAiAAAAACAAI~&z=1560543286
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.paleohacks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 21 Jul 2023 19:10:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blog.paleohacks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/955239029/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/955239029/?random=1689966641003&cv=11&fst=1689966000000&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F%3Fmpcampaignid%3D10048221&frm=0&tiba=20%20Paleo%20Protein%20Smoothies%20To%20Shake%20Up%20Your%20Morning%20%7C%20PaleoHacks%20Blog&fmt=3&is_vtc=1&random=2657143912&rmt_tld=0&ipr=y
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:41 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/955239029/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/955239029/?random=1689966641003&cv=11&fst=1689966000000&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F%3Fmpcampaignid%3D10048221&frm=0&tiba=20%20Paleo%20Protein%20Smoothies%20To%20Shake%20Up%20Your%20Morning%20%7C%20PaleoHacks%20Blog&fmt=3&is_vtc=1&random=2657143912&rmt_tld=1&ipr=y
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:41 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=405752247076167&ev=PageView&dl=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F%3Fmpcampaignid%3D10048221&rl=&if=false&ts=1689966641186&sw=1600&sh=1200&v=2.9.116&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1689966641185.7796007&cs_est=true&it=1689966641052&coo=false&tm=1&rqm=GET
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 21 Jul 2023 19:10:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=405752247076167&ev=PageView&dl=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F%3Fmpcampaignid%3D10048221&rl=&if=false&ts=1689966641188&sw=1600&sh=1200&v=2.9.116&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1689966641185.7796007&cs_est=true&it=1689966641052&coo=false&rqm=GET
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 21 Jul 2023 19:10:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=829265085&t=pageview&_s=1&dl=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F%3Fmpcampaignid%3D10048221&ul=en-us&de=UTF-8&dt=20%20Paleo%20Protein%20Smoothies%20To%20Shake%20Up%20Your%20Morning%20%7C%20PaleoHacks%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEAjBAAAACAAI~&jid=2028831186&gjid=1795862148&cid=1509868738.1689966641&tid=UA-81910700-1&_gid=906201907.1689966641&_slc=1&gtm=45He37j0n81TJTDCJG&z=26131819
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.paleohacks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blog.paleohacks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-81910700-1&cid=1509868738.1689966641&jid=2028831186&gjid=1795862148&_gid=906201907.1689966641&_u=aGDAiEAjBAAAAGAAI~&z=243204155
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.paleohacks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 21 Jul 2023 19:10:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blog.paleohacks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-42752472-1&cid=1509868738.1689966641&jid=1504321185&_u=YEBAAEAiAAAAACAAI~&z=1348516900
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-42752472-1&cid=1509868738.1689966641&jid=1504321185&_u=YEBAAEAiAAAAACAAI~&z=1348516900
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-81910700-1&cid=1509868738.1689966641&jid=2028831186&_u=aGDAiEAjBAAAAGAAI~&z=483836403
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-81910700-1&cid=1509868738.1689966641&jid=2028831186&_u=aGDAiEAjBAAAAGAAI~&z=483836403
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
can-i-show.js
paleohacks.lpages.co/static/all/js/ 		21 B
211 B 		Script
General
Check archive.org
Download Go to
Full URL
https://paleohacks.lpages.co/static/all/js/can-i-show.js
Requested by
Host: paleohacks.lpages.co
URL: https://paleohacks.lpages.co/leadbox-1556322866.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.21.202.35.bc.googleusercontent.com
Software
Leadpages /
Resource Hash
5517acae2f83cb92cf756a98d0f93e094084763764a615d3c60f4a0ffa5d38da
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:41 GMT
strict-transport-security
max-age=15768000
content-encoding
br
server
Leadpages
etag
W/"9la2GA"
vary
Accept-Encoding
x-cache
MISS, HIT
content-type
application/javascript
cache-control
no-cache
smtr
contextual.media.net/ 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?&Nu=*6KRL*Dt51lJ7r6w9D%24Iw&kkdd=**%7CH%7CA*9n&.6=-QEiiQQQFeImi-mE)-C&kRy_=-&59yr=e&79NJ=d)e-&N6R=E4jqCqCeE&NyNR=SPKPNhAKpG.P.my*P~Tv~A%3D%3D&N_6R=m)QQIm)IE&96BJ=Ceec)Ie&NN=lf&9N=Yf&o77y9=-&_J3M_w=o77y9%3A%2F%2FuwLkDyrwJLorNv9DNL5%2Fy_L7J6Kn95LL7o6J9%2F%3F5yNr5yr6kK6R%3D-eeFE))-&K9J=I&w*=-&MkR=F&v77wJ=)e%20V_L7J6K%20g5LL7o6J9%20Por7%20Pr97J%20d6vJ%20O6wv9orvJ9&5Nz=)mQ)I&yk6R=y--mE)EmFmQF7)e)Cem)--i-e&Ku=-
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUG3G308
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ae46c3d5e92b3a5b4a090c61a6cde0dc7cbdb70222cd7a32e6c4cc1734bbddb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
x-sc-h
22-ljwt
content-length
29530
expires
Fri, 21 Jul 2023 19:10:41 GMT
checksync.php
contextual.media.net/ Frame 30EA 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CUG3G308&https=1&itype=CM
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c833f74357d565730d9c30fff3e8fd9a8c3fb0d6ed6a39e0312f42c291977ebd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://blog.paleohacks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
5916
content-type
text/html; charset=UTF-8
date
Fri, 21 Jul 2023 19:10:41 GMT
expires
Sun, 23 Jul 2023 19:10:41 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
bping.php
lg3.media.net/ 		35 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=585&&vgd_cdv=1021&vgd_cage=1&vgd_tsce=L201&vgd_mcf=27625&gdpr=1&mspa=0&prid=8PRHGG6T9&cid=8CUG3G308&crid=726657258&vi=1689966640579178213&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=170785163&r=1689966641293&requrl=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F%3Fmpcampaignid%3D10048221&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=28753&vgd_rakh=1689966640173920333&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fdmedianet.js&vgd_pgid=p11782874764t202307211910&vgd_pgids=1&vgd_uspa=0&hvsid=00001689966641287006245729282985&gdpr=1&mspa=0&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Date
Fri, 21 Jul 2023 19:10:41 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Fri, 21 Jul 2023 19:10:41 GMT
/
api.ipify.org/ Frame 		0
0
/
api.ipify.org/ 		0
0
pinit_main.js
assets.pinterest.com/js/ 		66 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit_main.js?0.03311200815858362
Requested by
Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:5a1::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

akamai-x-true-ttl
300
content-encoding
br
x-cdn
akamai
etag
"3725764cf05d1a0938de73d398772331"
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=261
accept-ranges
bytes
content-length
18679
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=829265085&t=event&ni=Yes&_s=1&dl=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F%3Fmpcampaignid%3D10048221&ul=en-us&de=UTF-8&dt=20%20Paleo%20Protein%20Smoothies%20To%20Shake%20Up%20Your%20Morning%20%7C%20PaleoHacks%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=leadbox&ea=show&el=Breakfast%20Recipes%20Lead%20Magnet&_u=aGDACEAjBAAAAGAAI~&jid=&gjid=&cid=1509868738.1689966641&tid=UA-42752472-1&_gid=906201907.1689966641&gtm=45He37j0n81TJTDCJG&z=1918258342
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 23:27:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
70987
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
container.html
c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 63F8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.paleohacks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Jul 2023 19:10:41 GMT
expires
Sat, 20 Jul 2024 19:10:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dr
as.ad4m.at/ad/ Frame 64CA 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1httgmjmr6vqywqsb2v6k0bmdxgphhbveewss28mr1bhsr8tj0kapj9bmegjmqpf7vrd2a0wjrsbakrhkefz7n1a6ctc8p76sb0fxx0nc154m3kyawvh0y3k2x8ck0eqzdpvtfr525pnr99f29yjxjyhbttmznb0brfhbjv5gweam1zapq8w4a9v76nc1fp37gx8capsyz6zg9zrab6as1sa2b4nxs59q8g380ehz0hw19cnq5bb7f72ghhn95s0eqxg8k289fx4fe01acj5at1nt725j0mrwmbm5w9gemxg25vev0813j4vv0tndyhcrvqzpqcdxwjeaq1ck73eczewhy9ftfrb6ccc8bvhtf14n37dvdhj5603f5fqhj0vw3k74vwxr1146mt69bwe4ypxj2w9qx5r7sphndf2efwjzb5p32q0001w9zbkhdnf3hb7s2pa&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCn8SPMdi6ZPWnDYvygAf5p5rAA5DhgYRctqjCivACwI23ARABIABglYKAgLQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnlbeIAqqLI-4AIAqAMByAMCqgSKAk_QqJI-ptbxgyp-4NNH-I4QOJi37aZsbupnaLO-dtLrE_djFhYsZix2uVyXjA9kISs_mItqlr0k5mfkDEE1NJWlITRuIzE_QnXD8pW0GD7e_HL9OV4C19NcZU_HGEk749q8VeJt0j4PmcXsnPMcU4F8fzomeIdaDAni8-7AT2xppiAF9O-CiEYEdai91fhGm5letZXdHScq9F5-aQbgPHNWyzJ3h3qHCPmn0YxM0Jwv0uaXiXMLd84-5RcVPYXFEqShCrBum8nJloO2hfT5L9InAx1dxp_LMAK7a8aH_K_NsV3jBMosL0IKDVw8qXrxtS-ghX6jyYUx8WcfKzL8xY5txMlco02IiuBw4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0K5pXqbtJxp_ExzJAWbt7vL3QJDw%26client%3Dca-pub-5144389657785565%26adurl%3D
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae85b3a62e03f6cec749c1e847d6564d6f0c7479be7e7b97d0b48716d0467e8b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7ea5bed55c2b91e4-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 21 Jul 2023 19:10:41 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 80F5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 13:37:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
19995
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Aug 2023 13:37:26 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8F09 		1 KB
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
19422
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Jul 2023 13:46:59 GMT
etag
48472445140208031
expires
Sat, 22 Jul 2023 13:46:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 80F5 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 17:23:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
6414
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8309
x-xss-protection
0
server
cafe
etag
1379281626718990200
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Aug 2023 17:23:47 GMT
l
www.google.com/ads/measurement/ Frame 80F5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJzDjwaAQLQmb1Uilzos7e39lwEY63BV2WUHJFgCZYVvBgzfnOPw1T2nkS5H01Vm4dKe5o37qleu97jmjaBbbxQ43yug
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 80F5 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 13:14:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
21369
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 20 Jul 2024 13:14:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 80F5 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57333
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689766554590483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Jul 2023 19:10:41 GMT
truncated
/ Frame 80F5 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5118f86a504411f4695fec489aa3adf6a2db467a953752c820821098ab1d29c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 8F09
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESED9ydCR3xVkuesM4-2VNe7s&google_cver=1&google_push=AaAOQGGDEaXlBVt1W49svLXeVbZRJmmOFMeczfQGgbBG27k7elWn4kmyurYcFwa0LThb2BJIyIJCFDHZM7cObQ1dy8CeePNehpAjjw
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODUyMjQ2Nzk3MDkxNDc5MDg3OQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED9ydCR3xVkuesM4-2VNe7s&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED9ydCR3xVkuesM4-2VNe7s&google_cver=1
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Jul 2023 19:10:41 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED9ydCR3xVkuesM4-2VNe7s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8F09
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP97oh-_hphHypI-RKTH6vI&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP97oh-_hphHypI-RKTH6vI&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VkpBZUtmaDcxUW1Wd3Q1&google_gid=CAESEP97oh-_hphHypI-RKTH6vI&google_cver=1&google_push=AaAOQGEdcjunluTmc7YYlDbH3ZMAGxVZwRCx8g-Hm9reMqF...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VkpBZUtmaDcxUW1Wd3Q1&google_gid=CAESEP97oh-_hphHypI-RKTH6vI&google_cver=1&google_push=AaAOQGEdcjunluTmc7YYlDbH3ZMAGxVZwRCx8g-Hm9reMqFbbOPbotmdwtxeYVpx7WkUZB-y59MTlIvB7DYPOq_tnkCm7ZgF5vjn
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 21 Jul 2023 19:10:41 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-783-g46ba6fe#rel-ec2-master i-0ee6b652682556fe2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VkpBZUtmaDcxUW1Wd3Q1&google_gid=CAESEP97oh-_hphHypI-RKTH6vI&google_cver=1&google_push=AaAOQGEdcjunluTmc7YYlDbH3ZMAGxVZwRCx8g-Hm9reMqFbbOPbotmdwtxeYVpx7WkUZB-y59MTlIvB7DYPOq_tnkCm7ZgF5vjn
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 8F09
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDPvHCbhoQkEXnuupLWVtTE&google_cver=1&google_push=AaAOQGE-j-DO3bxNLcCF_KKQIf1UuoBLodo3AcWq0wy0hYu8SAp0YePFFN9cczdVlBBoP1aGVxNdZYVkDWb-_AMMBmfd0aGPFHqwM...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDPvHCbhoQkEXnuupLWVtTE&google_cver=1&google_push=AaAOQGE-j-DO3bxNLcCF_KKQIf1UuoBLodo3AcWq0wy0hYu8SAp0YePFFN9cczdVlBBoP1aGVxNdZYVkDWb-_AMMBmfd0aGPFHq...
43 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDPvHCbhoQkEXnuupLWVtTE&google_cver=1&google_push=AaAOQGE-j-DO3bxNLcCF_KKQIf1UuoBLodo3AcWq0wy0hYu8SAp0YePFFN9cczdVlBBoP1aGVxNdZYVkDWb-_AMMBmfd0aGPFHqwMQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGE-j-DO3bxNLcCF_KKQIf1UuoBLodo3AcWq0wy0hYu8SAp0YePFFN9cczdVlBBoP1aGVxNdZYVkDWb-_AMMBmfd0aGPFHqwMQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7ea5bed73ec84dbd-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
615
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDPvHCbhoQkEXnuupLWVtTE&google_cver=1&google_push=AaAOQGE-j-DO3bxNLcCF_KKQIf1UuoBLodo3AcWq0wy0hYu8SAp0YePFFN9cczdVlBBoP1aGVxNdZYVkDWb-_AMMBmfd0aGPFHqwMQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGE-j-DO3bxNLcCF_KKQIf1UuoBLodo3AcWq0wy0hYu8SAp0YePFFN9cczdVlBBoP1aGVxNdZYVkDWb-_AMMBmfd0aGPFHqwMQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7ea5bed5ac8a4dbd-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8F09
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECZrCINdIHXjSPdbvnvErLw&google_cver=1&google_push=AaAOQGGwCxRPmjV4vFTnkDlXKhsqEqIZDSJN2zS8G_SyV-hoFMna1q11RdlHLrKiqrjvdO_Amq06t9BeXofprd...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1ODM1MTQ1NDQ0MjIyMzc1OQ%3D%3D&google_push=AaAOQGGwCxRPmjV4vFTnkDlXKhsqEqIZDSJN2zS8G_SyV-hoFMna1q11RdlHLrKiqrjvdO_Amq06t9BeXofprd_vdE...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1ODM1MTQ1NDQ0MjIyMzc1OQ%3D%3D&google_push=AaAOQGGwCxRPmjV4vFTnkDlXKhsqEqIZDSJN2zS8G_SyV-hoFMna1q11RdlHLrKiqrjvdO_Amq06t9BeXofprd_vdEZ3MtcqSYsIpw
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1ODM1MTQ1NDQ0MjIyMzc1OQ%3D%3D&google_push=AaAOQGGwCxRPmjV4vFTnkDlXKhsqEqIZDSJN2zS8G_SyV-hoFMna1q11RdlHLrKiqrjvdO_Amq06t9BeXofprd_vdEZ3MtcqSYsIpw
Date
Fri, 21 Jul 2023 19:10:41 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
trk
ag.innovid.com/ Frame 8F09 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEHkurj0Zx8xJZBquhsmHu9k&google_cver=1&google_push=AaAOQGE0VLr8iuvhLyi2tzSIDPfPa91-Gf2BMZ2KnfmXtpS427V4HgiGl8uXnTKaUO_XfJiWrKpbaksRn4eSexv8pABcMrjgJfVo_w
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8100:141f:37a7:c589:e0b2 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Jul 2023 19:10:41 GMT
cache-control
no-cache
content-length
43
request-time
1
expires
-1
pixel
cm.g.doubleclick.net/ Frame 8F09
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEL5MW_5ocvYCVbC9Tssj6QE&google_cver=1&google_push=AaAOQGFbC-sTOLx32w2Q0fzYhub-cVCqTGjGuEVV4CajLFUD5G20Pq-yQmOi-eH5FOI0gzok_z0nISGpmm1j...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGFbC-sTOLx32w2Q0fzYhub-cVCqTGjGuEVV4CajLFUD5G20Pq-yQmOi-eH5FOI0gzok_z0nISGpmm1jmdwQMIOp4jgcmofY
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGFbC-sTOLx32w2Q0fzYhub-cVCqTGjGuEVV4CajLFUD5G20Pq-yQmOi-eH5FOI0gzok_z0nISGpmm1jmdwQMIOp4jgcmofY
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGFbC-sTOLx32w2Q0fzYhub-cVCqTGjGuEVV4CajLFUD5G20Pq-yQmOi-eH5FOI0gzok_z0nISGpmm1jmdwQMIOp4jgcmofY
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
googleredir
googlecm.hit.gemius.pl/ Frame 8F09 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 8F09 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KqHjGAyuKgCSqhwvmC8XX_89ba5gH2d0o8xWNkKlW2J8vryuMdGwo6dYLA0hyxpD4Gfk_1ng
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:41 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 64CA 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1httgmjmr6vqywqsb2v6k0bmdxgphhbveewss28mr1bhsr8tj0kapj9bmegjmqpf7vrd2a0wjrsbakrhkefz7n1a6ctc8p76sb0fxx0nc154m3kyawvh0y3k2x8ck0eqzdpvtfr525pnr99f29yjxjyhbttmznb0brfhbjv5gweam1zapq8w4a9v76nc1fp37gx8capsyz6zg9zrab6as1sa2b4nxs59q8g380ehz0hw19cnq5bb7f72ghhn95s0eqxg8k289fx4fe01acj5at1nt725j0mrwmbm5w9gemxg25vev0813j4vv0tndyhcrvqzpqcdxwjeaq1ck73eczewhy9ftfrb6ccc8bvhtf14n37dvdhj5603f5fqhj0vw3k74vwxr1146mt69bwe4ypxj2w9qx5r7sphndf2efwjzb5p32q0001w9zbkhdnf3hb7s2pa&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCn8SPMdi6ZPWnDYvygAf5p5rAA5DhgYRctqjCivACwI23ARABIABglYKAgLQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnlbeIAqqLI-4AIAqAMByAMCqgSKAk_QqJI-ptbxgyp-4NNH-I4QOJi37aZsbupnaLO-dtLrE_djFhYsZix2uVyXjA9kISs_mItqlr0k5mfkDEE1NJWlITRuIzE_QnXD8pW0GD7e_HL9OV4C19NcZU_HGEk749q8VeJt0j4PmcXsnPMcU4F8fzomeIdaDAni8-7AT2xppiAF9O-CiEYEdai91fhGm5letZXdHScq9F5-aQbgPHNWyzJ3h3qHCPmn0YxM0Jwv0uaXiXMLd84-5RcVPYXFEqShCrBum8nJloO2hfT5L9InAx1dxp_LMAK7a8aH_K_NsV3jBMosL0IKDVw8qXrxtS-ghX6jyYUx8WcfKzL8xY5txMlco02IiuBw4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0K5pXqbtJxp_ExzJAWbt7vL3QJDw%26client%3Dca-pub-5144389657785565%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1httgmjmr6vqywqsb2v6k0bmdxgphhbveewss28mr1bhsr8tj0kapj9bmegjmqpf7vrd2a0wjrsbakrhkefz7n1a6ctc8p76sb0fxx0nc154m3kyawvh0y3k2x8ck0eqzdpvtfr525pnr99f29yjxjyhbttmznb0brfhbjv5gweam1zapq8w4a9v76nc1fp37gx8capsyz6zg9zrab6as1sa2b4nxs59q8g380ehz0hw19cnq5bb7f72ghhn95s0eqxg8k289fx4fe01acj5at1nt725j0mrwmbm5w9gemxg25vev0813j4vv0tndyhcrvqzpqcdxwjeaq1ck73eczewhy9ftfrb6ccc8bvhtf14n37dvdhj5603f5fqhj0vw3k74vwxr1146mt69bwe4ypxj2w9qx5r7sphndf2efwjzb5p32q0001w9zbkhdnf3hb7s2pa&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCn8SPMdi6ZPWnDYvygAf5p5rAA5DhgYRctqjCivACwI23ARABIABglYKAgLQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnlbeIAqqLI-4AIAqAMByAMCqgSKAk_QqJI-ptbxgyp-4NNH-I4QOJi37aZsbupnaLO-dtLrE_djFhYsZix2uVyXjA9kISs_mItqlr0k5mfkDEE1NJWlITRuIzE_QnXD8pW0GD7e_HL9OV4C19NcZU_HGEk749q8VeJt0j4PmcXsnPMcU4F8fzomeIdaDAni8-7AT2xppiAF9O-CiEYEdai91fhGm5letZXdHScq9F5-aQbgPHNWyzJ3h3qHCPmn0YxM0Jwv0uaXiXMLd84-5RcVPYXFEqShCrBum8nJloO2hfT5L9InAx1dxp_LMAK7a8aH_K_NsV3jBMosL0IKDVw8qXrxtS-ghX6jyYUx8WcfKzL8xY5txMlco02IiuBw4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0K5pXqbtJxp_ExzJAWbt7vL3QJDw%26client%3Dca-pub-5144389657785565%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
806254
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iNePAb7jJWa48VWUCDLB1UFhxLKvPd%2BX5vutyBbc%2FRG7om7FrdBFFA9GSnMslObjDtKp4FeIPssef%2B4ElDNrascTArMN34IaQ0Nq59K0zPBPmHqXR7zjB4ajkuQNq044TX5A%2BBR1kv0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7ea5bed58c8491e4-FRA
expires
Fri, 21 Jul 2023 20:10:41 GMT
r62eglto.js
ad4m.at/ Frame 64CA 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1httgmjmr6vqywqsb2v6k0bmdxgphhbveewss28mr1bhsr8tj0kapj9bmegjmqpf7vrd2a0wjrsbakrhkefz7n1a6ctc8p76sb0fxx0nc154m3kyawvh0y3k2x8ck0eqzdpvtfr525pnr99f29yjxjyhbttmznb0brfhbjv5gweam1zapq8w4a9v76nc1fp37gx8capsyz6zg9zrab6as1sa2b4nxs59q8g380ehz0hw19cnq5bb7f72ghhn95s0eqxg8k289fx4fe01acj5at1nt725j0mrwmbm5w9gemxg25vev0813j4vv0tndyhcrvqzpqcdxwjeaq1ck73eczewhy9ftfrb6ccc8bvhtf14n37dvdhj5603f5fqhj0vw3k74vwxr1146mt69bwe4ypxj2w9qx5r7sphndf2efwjzb5p32q0001w9zbkhdnf3hb7s2pa&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCn8SPMdi6ZPWnDYvygAf5p5rAA5DhgYRctqjCivACwI23ARABIABglYKAgLQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnlbeIAqqLI-4AIAqAMByAMCqgSKAk_QqJI-ptbxgyp-4NNH-I4QOJi37aZsbupnaLO-dtLrE_djFhYsZix2uVyXjA9kISs_mItqlr0k5mfkDEE1NJWlITRuIzE_QnXD8pW0GD7e_HL9OV4C19NcZU_HGEk749q8VeJt0j4PmcXsnPMcU4F8fzomeIdaDAni8-7AT2xppiAF9O-CiEYEdai91fhGm5letZXdHScq9F5-aQbgPHNWyzJ3h3qHCPmn0YxM0Jwv0uaXiXMLd84-5RcVPYXFEqShCrBum8nJloO2hfT5L9InAx1dxp_LMAK7a8aH_K_NsV3jBMosL0IKDVw8qXrxtS-ghX6jyYUx8WcfKzL8xY5txMlco02IiuBw4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0K5pXqbtJxp_ExzJAWbt7vL3QJDw%26client%3Dca-pub-5144389657785565%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
268828
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TQ%2BNnK7MgKBm0GHv7et9%2F%2BX6thoi7xm0VUNk8cXA1J3YB99CcBZ3tu2SOq7bjYPzIg2hgxKkax5NG4%2F0AZNcDK57Bd1Iel39%2FPRegmUyWX2gkaXUMirH5lFL7IyT7CKleuSUKlQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7ea5bed59c9f91e4-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 18 Jul 2023 16:30:13 GMT
jquery.cookie.js
track.mypaleorecipe.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.mypaleorecipe.com/js/jquery.cookie.js?v=1.0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dde3261ae85ead281a4f3120a5c4cee3bc7a1874c284c4a23874af1ada1f08ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:42 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Tue, 09 Nov 2021 03:31:23 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=3254
etag
W/"cb6-5d052be67bb4e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ql3z5J34uCdzf4XDkmuAoxXBEgUVtp8Fbfccb3I3zJmBcYdCHbo2gn82LFAJKBN1KS3%2FsC4O7ao7SZkxrjNejwkOmvDOmaiP3FoMvThi5lt1wBOAZEvns%2BnUkz5KAZRLXntyVlCO0FcUlGORCXlTZegOJn7D6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7ea5bed5cd0437d7-FRA
alt-svc
h3=":443"; ma=86400
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 64CA 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3201
x-guploader-uploadid
ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BCofd0h%2Fqlk%2FFtmzokyAifALs0YB3k5%2B5fCbtLWmYYhpeeIYU1cziST1BySayZHqHTCzrI8tcYBLEBSmrrfQ8uteUOy%2FppCj5ERk%2BxSFS2VWEIWYqEunRcBY%2BLsFyRJXTez2Nh9aI3MNpVod7zQq8%2F3%2B"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7ea5bed63ea16946-FRA
expires
Fri, 21 Jul 2023 19:17:20 GMT
frame.html
ad4m.at/ Frame D941 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1035965
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7ea5bed5eaea1e30-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 21 Jul 2023 19:10:41 GMT
expires
Sun, 09 Jul 2023 00:24:59 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6wQS0e7E%2F0EHLjNJqijtmMnvzaLAFiPl6AgkJxBs9VpnxQcgWbVPWKI8Rt7%2FtVdr%2FSODIOsnrCecxiWHxoGJ5t9ZLGdVDwWX%2FTRPLWlRbaO7B5hV6EzV5garRv3TP1NpwphvZ24%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
tran.png
contextual.media.net/__media__/pics/800015191/ Frame CC7B 		129 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/__media__/pics/800015191/tran.png
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e8b1012f16a7c0a81edf99671c9b9070b5a43cd55eb64d4f9ab8ca6a025647c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:41 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 24 Jan 2020 09:58:01 GMT
server
Apache
content-type
image/png
cache-control
max-age=232633
accept-ranges
bytes
content-length
129
expires
Mon, 24 Jul 2023 11:47:54 GMT
truncated
/ Frame CC7B 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame CC7B 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/png
SourceSansPro-Regular.woff
contextual.media.net/__media__/fonts/SourceSansPro-Regular/ Frame CC7B 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/SourceSansPro-Regular/SourceSansPro-Regular.woff
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a47eb231c8cb97b60cc5d21d9fcdcf9f8132ecf3a18f3c039b0e938e4d75c5e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://blog.paleohacks.com/
Origin
https://blog.paleohacks.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:41 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
30012
expires
Sat, 22 Jul 2023 19:10:41 GMT
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7ea5bed65ff26983-FRA
content-length
24
content-type
text/plain
date
Fri, 21 Jul 2023 19:10:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L0SstMuOwwDUhUZ9SxwMoLA1ftQ6W9Z0uPyebCcJwL7fXIC60auXeam1knXlj9p7hjOka3kcnBtFA%2Fv74VWWP4%2B2FfaCiKRvYNoZUrdTRRMJXBsLk198zXXEdEWFHOH6mD2seAk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-x91n
rs
ad4m.at/ Frame 64CA 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17d9ce1c35e5b33820bbf311fa3c73d6d986430b6d676d6c07f820a7f46e7b03

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 21 Jul 2023 19:10:41 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lw7Saem1Zl%2Fq1HU8Fg4o15BezZddZo5ht7s21k1qBmltGMCDwItJLYO%2B3he%2FG%2FdBXerYRAdOvGjc8n%2FvnwSE7898CvonEV59241TizKc2WeEo2FH2ZWCcU96aV901Znst4Stu3w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7ea5bed6a85f6983-FRA
x-backend-server
aa-reachservice-group-europe-west1-x91n
alt-svc
h3=":443"; ma=86400
bql.php
lg3.media.net/ Frame CC7B 		15 B
324 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=3813&&vgd_canary=0&vgd_l2type=scs_newfl&fp=apuRvDLAtBkB00__Cmkal3KFrsnGCYd4VsEPJ59Tez9hVFartwcuf5zx_3i7Af9Ah46EVPKyga_HTyUbLX_kMhVngWnIoo-WoboZhanKRbuBTtYJZ7d5crtQbe1YS5nwXtmEaN4yjJxiOm924366-Q%3D%3D&cme=fRSYK7JejNWtqwM-dvOsfTEfzaMPRVSQRdi4inpDEpDPNJBXhZ6pGkrO1FkWZ0qU9ejxcB3JYIi8Ak4NyCPgAyNhqam2GtSlCc-GQgI0Piz9eYlpVcZdsPlujVn_33WbT7UEgOhuYdk5FBJSp7QyE_2Dfxzo0gzyMOcLaaxwEgfzh6nPS4i9ldHjsyC9Uog7Fmq37iKEpT7Layxdq1BdOrZlk-Vk_6ZeaYd2eWGzOSJCVweyGj1wpG3CWMv3acsycyHIDFIRfAXlvKbgNObZPk_iubN9Av3W%7C%7Ce3Msn32YK88sFQx7GDfu1IqzMcz5jfVUNjMVo4q-V2DjOIqbFqXZn-g0SNN6OVybtwB2XObTLdvPzHO_WP-xCXjxx4D8axyavHGcm9K4l7bccb9pozYCmi3wagz43iilXtu5L-QPyWq_7i31x5fBvp5yNPcFUFdfJq91nloq3dGU89EK3JKNh5Lv6_nxt9-uBeFhxkgBRTczAoR8McjtII6bU0klTWYxz--96VTX5D2xe70LGyliuR307Ca86qujEnTue6yp-he6ZUbs62WI1gYHIKi_FZIj%7CKOA2tkfoPlCxJ92iUGwOAH8oJ5iM_MxvQktYTFi3_1TvliOzofAAOhNiVmc1qiD3%7CMzXcxtghpPMTC14AlJ5XMEJ-sQzcQki5MKIbrBSaL2wrhEb6xkogxqLksUX5gHw4ldvUs5WKCJ069tE_0lpTwDCnUEfq8HVslIvHFkASOsE%3D%7C&ksu=224&fdkt=307&vgde_kbbh=ffoyxQJuO&kwd[]=Strawberry+Banana+Smoothie+Recipe&kwt[]=307&kbc[]=25617&kwp[]=1&kid[]=27253459&kbc2[]=0%7Cactr%3D0.653%7C5%3D-1%7C6%3D-1%7C16%3D-1%7Cbkt%3D307%7Cps%3D1.104&ktd[]=3573446541568&kwd[]=Yogurt+Smoothie+Recipes&kwt[]=307&kbc[]=25617&kwp[]=2&kid[]=31467472&kbc2[]=0%7Cactr%3D0.304%7C5%3D-1%7C6%3D-1%7C16%3D-1%7Cbkt%3D307%7Cps%3D1.104&ktd[]=3573446541568&kwd[]=5+Healthy+Breakfast+Smoothies&kwt[]=307&kbc[]=25617&kwp[]=3&kid[]=350863813&kbc2[]=0%7Cactr%3D0.439%7C5%3D-1%7C6%3D-1%7C16%3D-1%7Cbkt%3D307%7Cps%3D1.104&ktd[]=3573429764352&kwd[]=Healthy+Yogurt+Smoothies&kwt[]=307&kbc[]=25617&kwp[]=4&kid[]=321279354&kbc2[]=0%7Cactr%3D0.206%7C5%3D-1%7C6%3D-1%7C16%3D-1%7Cbkt%3D307%7Cps%3D1.104&ktd[]=3573446541568&kwd[]=Peach+Smoothie+Recipe&kwt[]=307&kbc[]=25617&kwp[]=5&kid[]=211433388&kbc2[]=0%7Cactr%3D1.016%7C5%3D-1%7C6%3D-1%7C16%3D-1%7Cbkt%3D307%7Cps%3D1.104&ktd[]=3573446541568&v=1&gdpr=1&geo=50.12%7C8.75&dlper=25&lper=100&lpid=&tsid=1&hint=&cc=DE&wsip=170774545&bca=0&ugd=4&vgde_setid=Nff&cid=8CUG3G308&vi=1689966640579178213&vsid=DefVid&tdAdd[]=asnum%3D28753&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=1000&vgd_implt=3&vgd_cage=2&vgd_tsce=L201-S201&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_kals=lmid%3DvBase%7C%7Cttd%3D2&vgd_kalog=MPTD%3D384%7C%7CTPTD%3D150457034889890899460%7C%7CMI%3D3277%7C%7CCI%3D3276%7C%7CSI%3D3276%7C%7CSID%3D8%7C%7CTLID%3D6%7C%7CUUID%3D2IakW73Idp4isFfXil%7C%7CHID%3D0&vgd_katbid=-2&vgd_kasts=tstype%3D-10401%7C%7Cgbid%3D-2&vgd_pdtid=1&vgd_nrrv=73529&vgd_nrrmf=c80a&vgd_nrrsf=scrr&vgd_cty=frankfurt+am+main&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&pid=8PO52G640&sttm=1689966641287&upk=1689966641.26367&hvsid=00001689966641287006245729282985&verid=3121199&vgd_l1rakh=1689966640173920333&vgd_isiolc=1&abpl=2&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D28753&vgd_mcf=27625&vgd_vstrid=DefVid&vgd_icat=53&vgd_spcat=500998&vgd_cfud=220405&vgd_scsver=148&vgd_optout=0&vgd_l2shld=1&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_l1rpth=%2Fdmedianet.js&vgd_lbt=1000&vgd_btm=%7B%22SPAMPXL%22%3A%221%22%2C%22URLDC%22%3A%221%22%7D&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A302%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001689966641287006245729282985&rc=0&rand=1689966641594&matm=1689966641594&requrl=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F%3Fmpcampaignid%3D10048221&vgd_x_pos=1062&vgd_y_pos=377&vgd_ren_page_h=22191&vgd_ltimesrc=2&vgd_ltime=373&vgd_rtime=322&vgd_etm=6&vgd_l1hcsd=Ot83w%7C4814&vgd_l1ch=1&vgd_lhl=1245&vgd_pgid=p11782874764t202307211910&vgd_sbSup=0&vgd_nrrs=73529&vgd_cdv=1021&vgd_cntrdt=AS%7CDIV-726657258%7CDIV-paleo-492797654&vgd_eadm=1&vgd_end=1
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Date
Fri, 21 Jul 2023 19:10:41 GMT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15
Expires
Fri, 21 Jul 2023 19:10:41 GMT
/
www.facebook.com/tr/ Frame 001F 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://blog.paleohacks.com
Referer
https://blog.paleohacks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://blog.paleohacks.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 21 Jul 2023 19:10:41 GMT
priority
u=0,i
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
adview
securepubads.g.doubleclick.net/pagead/ Frame 80F5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CB59uMdi6ZPWnDYvygAf5p5rAA5DhgYRctqjCivACwI23ARABIABglYKAgLQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnlbeIAqqLI-4AIAqAMByAMCqgSHAk_QqJI-ptbxgyp-4NNH-I4QOJi37aZsbupnaLO-dtLrE_djFhYsZix2uVyXjA9kISs_mItqlr0k5mfkDEE1NJWlITRuIzE_QnXD8pW0GD7e_HL9OV4C19NcZU_HGEk749q8VeJt0j4PmcXsnPMcU4F8fzomeIdaDAni8-7AT2xppiAF9O-CiEYEdai91fhGm5letZXdHScq9F5-aQbgPHNWyzJ3h3qHCPmn0YxM0Jwv0uaXiXMLd84-5RcVPYXFEqShCrBum8nJloO2hfT5L9InAx1dxp_LMAK7a8aH_K_NsR_hJVj71sVKxdt0P6C4J92ZkXQOw6spLOfdYqAEUZBB3ByAPA1A4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTE0NDM4OTY1Nzc4NTU2NRiwmBU&sigh=PBdtfC_yVMY&uach_m=[UACH]&cid=CAQSOwBpAlJWCoRWYjd_bhqoKuYygXQl8oa2WRf3n3_IXbivuRxQOCRyVjbUXEFtG4heCSrm_Jgk-NgoUYLxGAE&cbvp=2&vis=1
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 80F5 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1kagy4r04874r0kxsvca1gf5c3r89nyyfjkdkgfw1k2re1rja91wmn2385nafdbt470ntre0d3s4xgk1sgtbk98dja6w0gt54pr528gkb54fkbyenwbjv1enpe33hrjz330js28dz6y8wsxeczamwqxm9028d5vy4czbjfrhsn1eaxv5g4zs7xf7b2d637kykttcreqq98g3zv5tg4a00rwnmm1f4tm2aqvswg3ca4x1xdjseh7xtzx6r7ba9j16nf96rev5f8pd0c8qbq97g0b12e8sms44gmr0bjtncr421mfw5r4wm280fe5xgbvh931thftt3hbcrk8nrb1fnbf67kgj2gj2674mjv0k2zneyczzpab01z530wcg66w62w527h0fphv748r&b=ZLrYMQADU_UK4DkLAAaT-XYgEsk6hEOeLUEvgw&cbvp=2
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 21 Jul 2023 19:10:41 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
rar
as.ad4m.at/ad/ Frame 6EC5 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=50&e=&g=392ec81b69420783db767c07ffdbfebe%2F6022338115397866070&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1689966641726&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxdwfq6h178364rk071zyp7ws379rd1v8nnfq78tk99c0pcvf4bvvm489xk7fbnt3vb1fxcajeya0y1z603h9f840jfwrgapajrh6j8v68gs3rc1fz1z42p394dhm9atsc9rvksqf7rjt8hp4t92ppjpb90aqh0yhrjav2xtv8rdk0fq1791vy93e0sbws61dpc620czktqbbtn04kq03rvmvrfpjg7a91wzv7ptfyge8ynmeh1jdymwdg5edrw78nwc8b9mvegd7jp99jxagm4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn8SPMdi6ZPWnDYvygAf5p5rAA5DhgYRctqjCivACwI23ARABIABglYKAgLQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnlbeIAqqLI-4AIAqAMByAMCqgSKAk_QqJI-ptbxgyp-4NNH-I4QOJi37aZsbupnaLO-dtLrE_djFhYsZix2uVyXjA9kISs_mItqlr0k5mfkDEE1NJWlITRuIzE_QnXD8pW0GD7e_HL9OV4C19NcZU_HGEk749q8VeJt0j4PmcXsnPMcU4F8fzomeIdaDAni8-7AT2xppiAF9O-CiEYEdai91fhGm5letZXdHScq9F5-aQbgPHNWyzJ3h3qHCPmn0YxM0Jwv0uaXiXMLd84-5RcVPYXFEqShCrBum8nJloO2hfT5L9InAx1dxp_LMAK7a8aH_K_NsV3jBMosL0IKDVw8qXrxtS-ghX6jyYUx8WcfKzL8xY5txMlco02IiuBw4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0K5pXqbtJxp_ExzJAWbt7vL3QJDw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88d683f1add45261e881bb076ee7a1f05830af435954033bfb80e24686b73085
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1httgmjmr6vqywqsb2v6k0bmdxgphhbveewss28mr1bhsr8tj0kapj9bmegjmqpf7vrd2a0wjrsbakrhkefz7n1a6ctc8p76sb0fxx0nc154m3kyawvh0y3k2x8ck0eqzdpvtfr525pnr99f29yjxjyhbttmznb0brfhbjv5gweam1zapq8w4a9v76nc1fp37gx8capsyz6zg9zrab6as1sa2b4nxs59q8g380ehz0hw19cnq5bb7f72ghhn95s0eqxg8k289fx4fe01acj5at1nt725j0mrwmbm5w9gemxg25vev0813j4vv0tndyhcrvqzpqcdxwjeaq1ck73eczewhy9ftfrb6ccc8bvhtf14n37dvdhj5603f5fqhj0vw3k74vwxr1146mt69bwe4ypxj2w9qx5r7sphndf2efwjzb5p32q0001w9zbkhdnf3hb7s2pa&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCn8SPMdi6ZPWnDYvygAf5p5rAA5DhgYRctqjCivACwI23ARABIABglYKAgLQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnlbeIAqqLI-4AIAqAMByAMCqgSKAk_QqJI-ptbxgyp-4NNH-I4QOJi37aZsbupnaLO-dtLrE_djFhYsZix2uVyXjA9kISs_mItqlr0k5mfkDEE1NJWlITRuIzE_QnXD8pW0GD7e_HL9OV4C19NcZU_HGEk749q8VeJt0j4PmcXsnPMcU4F8fzomeIdaDAni8-7AT2xppiAF9O-CiEYEdai91fhGm5letZXdHScq9F5-aQbgPHNWyzJ3h3qHCPmn0YxM0Jwv0uaXiXMLd84-5RcVPYXFEqShCrBum8nJloO2hfT5L9InAx1dxp_LMAK7a8aH_K_NsV3jBMosL0IKDVw8qXrxtS-ghX6jyYUx8WcfKzL8xY5txMlco02IiuBw4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0K5pXqbtJxp_ExzJAWbt7vL3QJDw%26client%3Dca-pub-5144389657785565%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7ea5bed71d521e30-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 21 Jul 2023 19:10:41 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 6EC5 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=50&e=&g=392ec81b69420783db767c07ffdbfebe%2F6022338115397866070&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1689966641726&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxdwfq6h178364rk071zyp7ws379rd1v8nnfq78tk99c0pcvf4bvvm489xk7fbnt3vb1fxcajeya0y1z603h9f840jfwrgapajrh6j8v68gs3rc1fz1z42p394dhm9atsc9rvksqf7rjt8hp4t92ppjpb90aqh0yhrjav2xtv8rdk0fq1791vy93e0sbws61dpc620czktqbbtn04kq03rvmvrfpjg7a91wzv7ptfyge8ynmeh1jdymwdg5edrw78nwc8b9mvegd7jp99jxagm4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn8SPMdi6ZPWnDYvygAf5p5rAA5DhgYRctqjCivACwI23ARABIABglYKAgLQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnlbeIAqqLI-4AIAqAMByAMCqgSKAk_QqJI-ptbxgyp-4NNH-I4QOJi37aZsbupnaLO-dtLrE_djFhYsZix2uVyXjA9kISs_mItqlr0k5mfkDEE1NJWlITRuIzE_QnXD8pW0GD7e_HL9OV4C19NcZU_HGEk749q8VeJt0j4PmcXsnPMcU4F8fzomeIdaDAni8-7AT2xppiAF9O-CiEYEdai91fhGm5letZXdHScq9F5-aQbgPHNWyzJ3h3qHCPmn0YxM0Jwv0uaXiXMLd84-5RcVPYXFEqShCrBum8nJloO2hfT5L9InAx1dxp_LMAK7a8aH_K_NsV3jBMosL0IKDVw8qXrxtS-ghX6jyYUx8WcfKzL8xY5txMlco02IiuBw4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0K5pXqbtJxp_ExzJAWbt7vL3QJDw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=50&e=&g=392ec81b69420783db767c07ffdbfebe%2F6022338115397866070&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1689966641726&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxdwfq6h178364rk071zyp7ws379rd1v8nnfq78tk99c0pcvf4bvvm489xk7fbnt3vb1fxcajeya0y1z603h9f840jfwrgapajrh6j8v68gs3rc1fz1z42p394dhm9atsc9rvksqf7rjt8hp4t92ppjpb90aqh0yhrjav2xtv8rdk0fq1791vy93e0sbws61dpc620czktqbbtn04kq03rvmvrfpjg7a91wzv7ptfyge8ynmeh1jdymwdg5edrw78nwc8b9mvegd7jp99jxagm4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn8SPMdi6ZPWnDYvygAf5p5rAA5DhgYRctqjCivACwI23ARABIABglYKAgLQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnlbeIAqqLI-4AIAqAMByAMCqgSKAk_QqJI-ptbxgyp-4NNH-I4QOJi37aZsbupnaLO-dtLrE_djFhYsZix2uVyXjA9kISs_mItqlr0k5mfkDEE1NJWlITRuIzE_QnXD8pW0GD7e_HL9OV4C19NcZU_HGEk749q8VeJt0j4PmcXsnPMcU4F8fzomeIdaDAni8-7AT2xppiAF9O-CiEYEdai91fhGm5letZXdHScq9F5-aQbgPHNWyzJ3h3qHCPmn0YxM0Jwv0uaXiXMLd84-5RcVPYXFEqShCrBum8nJloO2hfT5L9InAx1dxp_LMAK7a8aH_K_NsV3jBMosL0IKDVw8qXrxtS-ghX6jyYUx8WcfKzL8xY5txMlco02IiuBw4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0K5pXqbtJxp_ExzJAWbt7vL3QJDw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
806254
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfJv6N7BoWXK0UFl%2FcqlqpfrS8%2FIF2ad53u9SGxeLXfGl%2FVGtPR0nEMvctGuJ659TB8QX9vI4tQp%2FPOxKDspPPacQZNB4kGIeYu%2FI1h3%2Bf4cqw1ofWn8BSFiMa5WgkLIHh9vVz%2BA1oE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7ea5bed75dc61e30-FRA
expires
Fri, 21 Jul 2023 20:10:41 GMT
C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame 6EC5 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=50&e=&g=392ec81b69420783db767c07ffdbfebe%2F6022338115397866070&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1689966641726&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxdwfq6h178364rk071zyp7ws379rd1v8nnfq78tk99c0pcvf4bvvm489xk7fbnt3vb1fxcajeya0y1z603h9f840jfwrgapajrh6j8v68gs3rc1fz1z42p394dhm9atsc9rvksqf7rjt8hp4t92ppjpb90aqh0yhrjav2xtv8rdk0fq1791vy93e0sbws61dpc620czktqbbtn04kq03rvmvrfpjg7a91wzv7ptfyge8ynmeh1jdymwdg5edrw78nwc8b9mvegd7jp99jxagm4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn8SPMdi6ZPWnDYvygAf5p5rAA5DhgYRctqjCivACwI23ARABIABglYKAgLQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnlbeIAqqLI-4AIAqAMByAMCqgSKAk_QqJI-ptbxgyp-4NNH-I4QOJi37aZsbupnaLO-dtLrE_djFhYsZix2uVyXjA9kISs_mItqlr0k5mfkDEE1NJWlITRuIzE_QnXD8pW0GD7e_HL9OV4C19NcZU_HGEk749q8VeJt0j4PmcXsnPMcU4F8fzomeIdaDAni8-7AT2xppiAF9O-CiEYEdai91fhGm5letZXdHScq9F5-aQbgPHNWyzJ3h3qHCPmn0YxM0Jwv0uaXiXMLd84-5RcVPYXFEqShCrBum8nJloO2hfT5L9InAx1dxp_LMAK7a8aH_K_NsV3jBMosL0IKDVw8qXrxtS-ghX6jyYUx8WcfKzL8xY5txMlco02IiuBw4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0K5pXqbtJxp_ExzJAWbt7vL3QJDw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
604455
cf-polished
origFmt=png, origSize=10283
alt-svc
h3=":443"; ma=86400
content-length
4736
cf-bgj
imgq:85,h2pri
last-modified
Thu, 06 Apr 2023 12:21:02 GMT
server
cloudflare
etag
"b90d04a587c2a1ab6749e51d8bb195d1"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KxcHmH32Q6NE10asXIPlwdvNlpEqwaEcbqKNKRvfJ0vtu8V3pu6k9mhlp6G3vSvc32IeYJFu7yompO%2Btq0TCD%2Fu%2BDnkh6%2FstIlE6lPeVjXmLifuBEGe4di3WfL1FTja5jk39%2FyIbW%2BaUlUmJ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ea5bed76f9391e4-FRA
expires
Sat, 22 Jul 2023 19:10:41 GMT
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 6EC5 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=50&e=&g=392ec81b69420783db767c07ffdbfebe%2F6022338115397866070&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1689966641726&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxdwfq6h178364rk071zyp7ws379rd1v8nnfq78tk99c0pcvf4bvvm489xk7fbnt3vb1fxcajeya0y1z603h9f840jfwrgapajrh6j8v68gs3rc1fz1z42p394dhm9atsc9rvksqf7rjt8hp4t92ppjpb90aqh0yhrjav2xtv8rdk0fq1791vy93e0sbws61dpc620czktqbbtn04kq03rvmvrfpjg7a91wzv7ptfyge8ynmeh1jdymwdg5edrw78nwc8b9mvegd7jp99jxagm4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn8SPMdi6ZPWnDYvygAf5p5rAA5DhgYRctqjCivACwI23ARABIABglYKAgLQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnlbeIAqqLI-4AIAqAMByAMCqgSKAk_QqJI-ptbxgyp-4NNH-I4QOJi37aZsbupnaLO-dtLrE_djFhYsZix2uVyXjA9kISs_mItqlr0k5mfkDEE1NJWlITRuIzE_QnXD8pW0GD7e_HL9OV4C19NcZU_HGEk749q8VeJt0j4PmcXsnPMcU4F8fzomeIdaDAni8-7AT2xppiAF9O-CiEYEdai91fhGm5letZXdHScq9F5-aQbgPHNWyzJ3h3qHCPmn0YxM0Jwv0uaXiXMLd84-5RcVPYXFEqShCrBum8nJloO2hfT5L9InAx1dxp_LMAK7a8aH_K_NsV3jBMosL0IKDVw8qXrxtS-ghX6jyYUx8WcfKzL8xY5txMlco02IiuBw4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0K5pXqbtJxp_ExzJAWbt7vL3QJDw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2381596
cf-polished
origFmt=png, origSize=105738
alt-svc
h3=":443"; ma=86400
content-length
55786
cf-bgj
imgq:85,h2pri
last-modified
Mon, 04 Jul 2022 08:55:40 GMT
server
cloudflare
etag
"147be38db57f89c69c9e65b05983ff0e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GB5q%2BaDu2yRy7jY6tphQ60WP2fMwlozKX1EUnpmeDuBBaNV5JIR4scza4QqUynlOogWJs7Mfr5I5yyINCNtjltfP1fwL7xWjExO%2B6%2BqKQ8JMC%2BE%2FP%2FdqT3dLtVNCwItNvLKBBH2mnxHtsgsO"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ea5bed76f9491e4-FRA
expires
Sat, 22 Jul 2023 19:10:41 GMT
link.html
track.webgains.com/ Frame 6EC5 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kf8vdbb6bg8dqenn1ezaqs94fbgw7y86sk61thnyz821t0xe22ea1tztekm15msre58ezpedrbe8rj7kzgfk78hrfzbhkw4spnyyn91bxj10ww44nc44fppgymh3r876ae4hfmkvmmvqhypp226hb92r2sykzenmmkjjzqpjrsry8ah6jgq8tqt43vceazpxa2zf0kdcpaw8brwpd4wmycq65hjew8kr05d52d95qwf6m9dn2rq8tdnmg2e4qaf26w0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jxdwfq6h178364rk071zyp7ws379rd1v8nnfq78tk99c0pcvf4bvvm489xk7fbnt3vb1fxcajeya0y1z603h9f840jfwrgapajrh6j8v68gs3rc1fz1z42p394dhm9atsc9rvksqf7rjt8hp4t92ppjpb90aqh0yhrjav2xtv8rdk0fq1791vy93e0sbws61dpc620czktqbbtn04kq03rvmvrfpjg7a91wzv7ptfyge8ynmeh1jdymwdg5edrw78nwc8b9mvegd7jp99jxagm4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCn8SPMdi6ZPWnDYvygAf5p5rAA5DhgYRctqjCivACwI23ARABIABglYKAgLQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnlbeIAqqLI-4AIAqAMByAMCqgSKAk_QqJI-ptbxgyp-4NNH-I4QOJi37aZsbupnaLO-dtLrE_djFhYsZix2uVyXjA9kISs_mItqlr0k5mfkDEE1NJWlITRuIzE_QnXD8pW0GD7e_HL9OV4C19NcZU_HGEk749q8VeJt0j4PmcXsnPMcU4F8fzomeIdaDAni8-7AT2xppiAF9O-CiEYEdai91fhGm5letZXdHScq9F5-aQbgPHNWyzJ3h3qHCPmn0YxM0Jwv0uaXiXMLd84-5RcVPYXFEqShCrBum8nJloO2hfT5L9InAx1dxp_LMAK7a8aH_K_NsV3jBMosL0IKDVw8qXrxtS-ghX6jyYUx8WcfKzL8xY5txMlco02IiuBw4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0K5pXqbtJxp_ExzJAWbt7vL3QJDw%252526client%25253Dca-pub-5144389657785565%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=50&e=&g=392ec81b69420783db767c07ffdbfebe%2F6022338115397866070&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1689966641726&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxdwfq6h178364rk071zyp7ws379rd1v8nnfq78tk99c0pcvf4bvvm489xk7fbnt3vb1fxcajeya0y1z603h9f840jfwrgapajrh6j8v68gs3rc1fz1z42p394dhm9atsc9rvksqf7rjt8hp4t92ppjpb90aqh0yhrjav2xtv8rdk0fq1791vy93e0sbws61dpc620czktqbbtn04kq03rvmvrfpjg7a91wzv7ptfyge8ynmeh1jdymwdg5edrw78nwc8b9mvegd7jp99jxagm4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn8SPMdi6ZPWnDYvygAf5p5rAA5DhgYRctqjCivACwI23ARABIABglYKAgLQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnlbeIAqqLI-4AIAqAMByAMCqgSKAk_QqJI-ptbxgyp-4NNH-I4QOJi37aZsbupnaLO-dtLrE_djFhYsZix2uVyXjA9kISs_mItqlr0k5mfkDEE1NJWlITRuIzE_QnXD8pW0GD7e_HL9OV4C19NcZU_HGEk749q8VeJt0j4PmcXsnPMcU4F8fzomeIdaDAni8-7AT2xppiAF9O-CiEYEdai91fhGm5letZXdHScq9F5-aQbgPHNWyzJ3h3qHCPmn0YxM0Jwv0uaXiXMLd84-5RcVPYXFEqShCrBum8nJloO2hfT5L9InAx1dxp_LMAK7a8aH_K_NsV3jBMosL0IKDVw8qXrxtS-ghX6jyYUx8WcfKzL8xY5txMlco02IiuBw4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0K5pXqbtJxp_ExzJAWbt7vL3QJDw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.134.113.28 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-134-113-28.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
18e68f82c8bb97595ed34c4a03b66a68007bfebe86c702c6939299eebac01446

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:42 GMT
last-modified
Fri, 21 Jul 2023 19:10:41 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Fri, 21 Jul 2023 19:11:41 GMT
pvClk.min.js
analytics.webgains.io/ Frame 6EC5 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kf8vdbb6bg8dqenn1ezaqs94fbgw7y86sk61thnyz821t0xe22ea1tztekm15msre58ezpedrbe8rj7kzgfk78hrfzbhkw4spnyyn91bxj10ww44nc44fppgymh3r876ae4hfmkvmmvqhypp226hb92r2sykzenmmkjjzqpjrsry8ah6jgq8tqt43vceazpxa2zf0kdcpaw8brwpd4wmycq65hjew8kr05d52d95qwf6m9dn2rq8tdnmg2e4qaf26w0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jxdwfq6h178364rk071zyp7ws379rd1v8nnfq78tk99c0pcvf4bvvm489xk7fbnt3vb1fxcajeya0y1z603h9f840jfwrgapajrh6j8v68gs3rc1fz1z42p394dhm9atsc9rvksqf7rjt8hp4t92ppjpb90aqh0yhrjav2xtv8rdk0fq1791vy93e0sbws61dpc620czktqbbtn04kq03rvmvrfpjg7a91wzv7ptfyge8ynmeh1jdymwdg5edrw78nwc8b9mvegd7jp99jxagm4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCn8SPMdi6ZPWnDYvygAf5p5rAA5DhgYRctqjCivACwI23ARABIABglYKAgLQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnlbeIAqqLI-4AIAqAMByAMCqgSKAk_QqJI-ptbxgyp-4NNH-I4QOJi37aZsbupnaLO-dtLrE_djFhYsZix2uVyXjA9kISs_mItqlr0k5mfkDEE1NJWlITRuIzE_QnXD8pW0GD7e_HL9OV4C19NcZU_HGEk749q8VeJt0j4PmcXsnPMcU4F8fzomeIdaDAni8-7AT2xppiAF9O-CiEYEdai91fhGm5letZXdHScq9F5-aQbgPHNWyzJ3h3qHCPmn0YxM0Jwv0uaXiXMLd84-5RcVPYXFEqShCrBum8nJloO2hfT5L9InAx1dxp_LMAK7a8aH_K_NsV3jBMosL0IKDVw8qXrxtS-ghX6jyYUx8WcfKzL8xY5txMlco02IiuBw4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0K5pXqbtJxp_ExzJAWbt7vL3QJDw%252526client%25253Dca-pub-5144389657785565%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-41.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 11:11:27 GMT
content-encoding
gzip
via
1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 17:26:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
28756
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
v7it6J4Ohqhv5cQMpv5kaVTZEdO9z_3Vq_vp_JwGfNms8IDZOPld5g==
1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 6EC5 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1689966942&Signature=IEYJvmFqxwPsNBcQeU8dpLPX5nC0~oVLwGzDTKL9tccB48awy4ShrqqQiyxgayoPafXIKW4G66Tp8eT~uqVBzXzaXPimnjYpAY1j241CTaQF0Os~euQ~COr9XQW-CIPDfETxDaErbAMvBoUDMlND2srKioVxUc6GwboeCHGBf3rAoay39Vl3kkzVOKwQPAmFccbQtvNmD1T6Ga2SCTAMRksMwy4p3CEWn9A5NXLDOrKm~R5iy9r9TCWtlBWTSs7tqOiB7K8lEwahgszYjIkjbnGr8HadekP7g9AR8COQtkBoky8LeYbBLXOZAjiDeOX83y3DCRRf1Gv3mLKMvduF4Q__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=50&e=&g=392ec81b69420783db767c07ffdbfebe%2F6022338115397866070&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1689966641726&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxdwfq6h178364rk071zyp7ws379rd1v8nnfq78tk99c0pcvf4bvvm489xk7fbnt3vb1fxcajeya0y1z603h9f840jfwrgapajrh6j8v68gs3rc1fz1z42p394dhm9atsc9rvksqf7rjt8hp4t92ppjpb90aqh0yhrjav2xtv8rdk0fq1791vy93e0sbws61dpc620czktqbbtn04kq03rvmvrfpjg7a91wzv7ptfyge8ynmeh1jdymwdg5edrw78nwc8b9mvegd7jp99jxagm4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn8SPMdi6ZPWnDYvygAf5p5rAA5DhgYRctqjCivACwI23ARABIABglYKAgLQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnlbeIAqqLI-4AIAqAMByAMCqgSKAk_QqJI-ptbxgyp-4NNH-I4QOJi37aZsbupnaLO-dtLrE_djFhYsZix2uVyXjA9kISs_mItqlr0k5mfkDEE1NJWlITRuIzE_QnXD8pW0GD7e_HL9OV4C19NcZU_HGEk749q8VeJt0j4PmcXsnPMcU4F8fzomeIdaDAni8-7AT2xppiAF9O-CiEYEdai91fhGm5letZXdHScq9F5-aQbgPHNWyzJ3h3qHCPmn0YxM0Jwv0uaXiXMLd84-5RcVPYXFEqShCrBum8nJloO2hfT5L9InAx1dxp_LMAK7a8aH_K_NsV3jBMosL0IKDVw8qXrxtS-ghX6jyYUx8WcfKzL8xY5txMlco02IiuBw4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0K5pXqbtJxp_ExzJAWbt7vL3QJDw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.26.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-26-110.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 20 Jul 2023 20:51:34 GMT
via
1.1 af4c7c5690ef99c2d2945817a4e41504.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:41:35 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P1
age
80349
etag
"d4e8f970f24f6d19b53aa92b1907c1ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15054
x-amz-cf-id
5ykWSrQFU_NsvZ1ZgJBsvpcSeiFQdJmPU4iS8_WsCN-J_-TRvqC5Sw==
unified-tag.js
cdn.attn.tv/tag/4-latest/ 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Requested by
Host: cdn.attn.tv
URL: https://cdn.attn.tv/paleohacks/dtag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225f:b000:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb146db6ebd66b29cbeafeb55af7564efb760cc48331528d813f1a138fec4224

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id
BZnJov3r5JGZ4lImsjBrefikPNX1bzER
content-encoding
gzip
via
1.1 5bab9b28b9df8c7c6cb942e5654e9558.cloudfront.net (CloudFront)
date
Fri, 21 Jul 2023 19:06:47 GMT
x-amz-cf-pop
TXL50-P2
age
243
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 21 Jul 2023 18:50:24 GMT
server
AmazonS3
etag
W/"417c390a77500bfc8f56c98c964183e1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300
x-amz-cf-id
tn6Al00tH_OvAJHIV7ZHH5nT2Cqyu1f8dU0qnkONdRnhETA-eDq3Xw==
admin-ajax.php
blog.paleohacks.com/wp-admin/ 		16 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-admin/admin-ajax.php
Requested by
Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.23
Resource Hash
16154b9f51ea5424301cac6740a8ce906699e9f0330334034c56f054b50beb29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 21 Jul 2023 19:10:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-powered-by
PHP/7.3.23
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/json; charset: utf-8
access-control-allow-origin
https://blog.paleohacks.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
cf-ray
7ea5bed9ab871c7f-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
admin-ajax.php
blog.paleohacks.com/wp-admin/ 		2 KB
838 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-admin/admin-ajax.php?action=display_popular_articles&_=1689966640827
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.23
Resource Hash
611bde69387dbefbc603066ec9bd8beee4521fcd38c66fa600b1319f3092c883
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:43 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.3.23
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
x-robots-tag
noindex
cf-ray
7ea5bed9aba21c7f-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 11 Jan 1984 05:00:00 GMT
/
blog.paleohacks.com/protein-smoothies/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.23
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.3.23
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
cache-control
max-age=0
cf-ray
7ea5bed9bba51c7f-FRA
link
<https://blog.paleohacks.com/wp-json/>; rel="https://api.w.org/", <https://blog.paleohacks.com/wp-json/wp/v2/posts/80585>; rel="alternate"; type="application/json", <https://blog.paleohacks.com/?p=80585>; rel=shortlink
alt-svc
h3=":443"; ma=86400
expires
Fri, 21 Jul 2023 19:10:42 GMT
Hind-Regular.woff2
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/hind/ 		93 KB
93 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/hind/Hind-Regular.woff2
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=5.5.12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5891185bbadfceb49591b012abeeea967dca978a653930a6ca23863d9a3f4c92

Request headers

Referer
https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=5.5.12
Origin
https://blog.paleohacks.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:42 GMT
cf-cache-status
HIT
last-modified
Tue, 22 Jun 2021 13:05:01 GMT
server
cloudflare
age
1155574
vary
Accept-Encoding,User-Agent
cache-control
max-age=2592000
cf-ray
7ea5bed9bba61c7f-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 07 Aug 2023 10:11:08 GMT
Montserrat-SemiBold.woff2
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/montserrat/ 		79 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/montserrat/Montserrat-SemiBold.woff2
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=5.5.12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47a6d3380cf89ad6b678478ccb347dc3ddeadcf7ca344bfc842424aaf7bfd025

Request headers

Referer
https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=5.5.12
Origin
https://blog.paleohacks.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:42 GMT
cf-cache-status
HIT
last-modified
Tue, 22 Jun 2021 13:05:01 GMT
server
cloudflare
age
2003449
vary
Accept-Encoding,User-Agent
cache-control
max-age=2592000
cf-ray
7ea5bed9bba91c7f-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 28 Jul 2023 14:39:53 GMT
feedback.php
www.facebook.com/plugins/ Frame D476
Redirect Chain
  • https://www.facebook.com/v4.0/plugins/comments.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f4cb75f5dca2%26domain%3Db...
  • https://www.facebook.com/plugins/comments.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f4cb75f5dca2%26domain%3Dblog.p...
  • https://www.facebook.com/plugins/feedback.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f4cb75f5dca2%26domain%3Dblog.p...
300 KB
61 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/feedback.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f4cb75f5dca2%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Fff3734a6720518%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=3be4881e421d35fd2bb75609aea48703
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b3a5b74f9c9e61d876201c7cbed656b4e0eb1b21b952cc0a54d785a199c7abd6
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.paleohacks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-origin
date
Fri, 21 Jul 2023 19:10:42 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
kmynbPBQfIKe35W8ighWH+8zPuYlkqExrkaUiMeM//VjhbZe2SPJK16GafnJDXTOoJJEV7rBmb+b0qGhfOCr1w==
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 21 Jul 2023 19:10:42 GMT
location
https://www.facebook.com/plugins/feedback.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f4cb75f5dca2%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Fff3734a6720518%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width
origin-agent-cluster
?0
priority
u=0,i
strict-transport-security
max-age=15552000; preload
x-fb-debug
t9LgF8/dkBprlibcH6SbpGZPGxST4HsdsC31HiQWbrLKjEIBLUor5YEORQvwPBrThO41O0kG9JdOWFcvlCKk2w==
like.php
www.facebook.com/v4.0/plugins/ Frame 6B0F 		36 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v4.0/plugins/like.php?action=like&app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb641f43ffe4c8%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Fff3734a6720518%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Ffacebook.com%2Fpaleohacks&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=3be4881e421d35fd2bb75609aea48703
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6163a1793a31054c8e0614925b6056ea48982bcbc2fefaf1b3830668005d473a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.paleohacks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 21 Jul 2023 19:10:42 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v11.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
78oEVCWhLytWJfPPx2/BMGq3BlFEEaaFkQsc3FyJeeRAaa275bksn+TZDLqqBYJVTxoRxUyOU0L8/yHFg9SiTw==
x-xss-protection
0
/
paleohacks.lpages.co/leadbox/1434c2873f72a2%3A13300845e746dc/5697423099822080/ Frame 79F6 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paleohacks.lpages.co/leadbox/1434c2873f72a2%3A13300845e746dc/5697423099822080/?lp-in-iframe=1&mpcampaignid=10048221&__fromjs=1
Requested by
Host: paleohacks.lpages.co
URL: https://paleohacks.lpages.co/leadbox-1556322866.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.21.202.35.bc.googleusercontent.com
Software
Leadpages /
Resource Hash
c1be9f83e44f68ace4eee63b3dc6bb421dd413e0819bab3fccb484c3ed0dca87

Request headers

Referer
https://blog.paleohacks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
br
content-type
text/html
date
Fri, 21 Jul 2023 19:10:42 GMT
server
Leadpages
vary
Accept-Encoding
/
paleohacks.lpages.co/leadbox/1434c2873f72a2%3A13300845e746dc/5697423099822080/ Frame 0D5F 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paleohacks.lpages.co/leadbox/1434c2873f72a2%3A13300845e746dc/5697423099822080/?lp-in-iframe=1&mpcampaignid=10048221&__fromjs=1
Requested by
Host: paleohacks.lpages.co
URL: https://paleohacks.lpages.co/leadbox-1556322866.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.21.202.35.bc.googleusercontent.com
Software
Leadpages /
Resource Hash
c1be9f83e44f68ace4eee63b3dc6bb421dd413e0819bab3fccb484c3ed0dca87

Request headers

Referer
https://blog.paleohacks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
br
content-type
text/html
date
Fri, 21 Jul 2023 19:10:42 GMT
server
Leadpages
vary
Accept-Encoding
main.js
track.mypaleorecipe.com/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.mypaleorecipe.com/js/main.js?v=1.1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ae0b0e74edee33dd3e9d91c15b595508fc05e1ced11a15dbe787d0f9862dfc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4983
cf-polished
origSize=4494
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 09 Nov 2021 03:31:21 GMT
server
cloudflare
etag
W/"118e-5d052be46686b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9cJj7ruw3%2Bu4hv5L3v2m0ByeuyCGQ%2B5ZQDrf5aJIPCk84ul9gJewZr2GynuYDdSfQTuNAoH4GAg1hnHqaAKvoqERtyEyDHTFvXcs7P9Hap7MXpLGsHefHp0Aj1WjG1gE66C7NQacOCL%2BvwjCzjdqEIqjzdP6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7ea5bed9ed19bbad-FRA
/
paleohacks.attn.tv/d/ 		5 B
257 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://paleohacks.attn.tv/d/?attn_vid=09fc05f232004f9084a2136c7f08f3ea
Requested by
Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:42 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
application/json
access-control-allow-origin
*
x-envoy-upstream-service-time
4
cf-ray
7ea5beda587c39d9-FRA
alt-svc
h3=":443"; ma=86400
e
events.attentivemobile.com/ 		0
160 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.attentivemobile.com/e?v=4.24.3_c15668c873&pd=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F%3Fmpcampaignid%3D10048221&u=09fc05f232004f9084a2136c7f08f3ea&c=paleohacks&ceid=UsU&lt=1689966642243&tag=modern&cs=1447345895&t=v&r=&m=%7B%22source%22%3A%22a%22%7D&cb=1689966642247
Requested by
Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/plain;charset=UTF-8
x-envoy-upstream-service-time
1
cf-ray
7ea5beda5bf11c15-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
paleohacks.attn.tv.js
cdn.attn.tv/growth-tag-assets/client-configs/ 		0
384 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.attn.tv/growth-tag-assets/client-configs/paleohacks.attn.tv.js
Requested by
Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225f:b000:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id
kGJjc2HxNgGNuk_7UqP1h9o.liqWLb8I
content-encoding
via
1.1 5bab9b28b9df8c7c6cb942e5654e9558.cloudfront.net (CloudFront)
date
Fri, 21 Jul 2023 06:36:06 GMT
last-modified
Mon, 17 Dec 2018 20:59:49 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P2
age
45282
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
0
x-amz-cf-id
VDG1FlVBvQdvP06ymSvz78RL1i-Tug1OCHP84R0mq1U9qROUy8fQbw==
createVisitor
track.mypaleorecipe.com/api/ 		9 B
714 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.mypaleorecipe.com/api/createVisitor
Requested by
Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash
8b9f639109e4af53e07c008d35c38374fa01b28a452272c04b5995658c86ddde

Request headers

Accept
*/*
Referer
https://blog.paleohacks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:42 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.33
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfkDT1MpT8KXsIqocU9weCYhRKclWw5aYAui9ZNMUdT5V9KyaHMtfew%2FQ9edxIvLxc0%2BQ4I4MDFqv6wmp%2BzXd%2F4CjA9M5C1m8Sua%2BZRbffZYHCACpskipIcwTIJdMHkqosydOExHJZnlOjnZhT2Ld7GWwRZUlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, max-age=0, no-cache
cf-ray
7ea5beda3f879b43-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 6B0F 		299 B
565 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v4.0/plugins/like.php?action=like&app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb641f43ffe4c8%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Fff3734a6720518%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Ffacebook.com%2Fpaleohacks&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:42 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
299
x-fb-debug
P0xOMeTfYDmrzOIQSg9usNRUYT+98GS2B2Ryfex9hLYHGPfVR/oNDFgI1hHJMta3UGxZVRsE9BqBUBLe+qPzkQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 19 Jul 2024 06:38:38 GMT
LVbUFwfoGjA.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yB/l/en_US/ Frame 6B0F 		518 KB
134 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yB/l/en_US/LVbUFwfoGjA.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v4.0/plugins/like.php?action=like&app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb641f43ffe4c8%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Fff3734a6720518%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Ffacebook.com%2Fpaleohacks&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8242fc13955acde235e23608039f811597f59b7c25f3ee5e846570db044d67cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
DZU9OiWzvlfN+sdoSsim3A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
136736
x-fb-debug
+xcIlzDUe0T5jEwnfxp3cREdYpZyF9/H8AMX5cH/HQtua9wMQrC3JRCZkQjdV5+cW031Kan7qju3MKgyzbMEfA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1,i
expires
Wed, 17 Jul 2024 00:49:57 GMT
LVbUFwfoGjA.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yB/l/en_US/ Frame 6B0F 		518 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yB/l/en_US/LVbUFwfoGjA.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v4.0/plugins/like.php?action=like&app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb641f43ffe4c8%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Fff3734a6720518%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Ffacebook.com%2Fpaleohacks&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8242fc13955acde235e23608039f811597f59b7c25f3ee5e846570db044d67cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
DZU9OiWzvlfN+sdoSsim3A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
136736
x-fb-debug
Oi0/fUXhUic9GwuLuoJHb3ICNqIjYJHtQ4gqBlR2TQSUu+VA0JsS1LgA/R2SULuqREqaj+7CZWA2RI4jf5wbgg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 20 Jul 2024 01:53:10 GMT
/
log.pinterest.com/ 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.pinterest.com/?type=pidget&guid=45dHEGEi9Bm4&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F&viaSrc=canonical
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 21 Jul 2023 19:10:42 GMT
via
1.1 varnish
x-cache
MISS
x-envoy-upstream-service-time
11
x-pinterest-rid
4185042209489221
content-length
0
x-served-by
cache-fra-eddf8230052-FRA
pragma
no-cache
server
envoy
x-timer
S1689966643.510261,VS0,VE36
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
accept-ranges
bytes
expires
Sat, 01 Jan 2000 00:00:00 GMT
Mk94vMMnE0_.css
static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/ Frame D476 		721 B
530 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/Mk94vMMnE0_.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f4cb75f5dca2%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Fff3734a6720518%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fe4cbace9fd4820232a3ef9ebfef646bb3948bec6a5fbf5015a7caa1eb09718e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
8PXgZwd+47LIQZAIO7K6FA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
393
x-fb-debug
mzI0oVLuVX4te2xJ9bmly4JWVIQQDD+HNaorA0vV6vIltNQo9+ZpfQPu5uZOCHUSpbtIkIssLcnCG5uMpazkaA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=0
expires
Thu, 11 Jul 2024 16:50:51 GMT
_qHCM0GC8i1.css
static.xx.fbcdn.net/rsrc.php/v3/yD/l/0,cross/ Frame D476 		122 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/l/0,cross/_qHCM0GC8i1.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f4cb75f5dca2%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Fff3734a6720518%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6c75b0d6862aafea13a1ad7f4779ea4f47a058be8aed60c15cf32dacea3e3acd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
tm6JBE8h8l6bBfgsWgb4iA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19947
x-fb-debug
RF5Om1QUxvKe2zAO0xG82EEeesavMwqwA7xt5R33CWnLjGQrEwIG1gfLKVkgRr073yG7dKo38Ghu5Ep+KWQ1KQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=0
expires
Thu, 11 Jul 2024 21:01:07 GMT
1t_e1hNxdjZ.js
static.xx.fbcdn.net/rsrc.php/v3/yu/r/ Frame D476 		307 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yu/r/1t_e1hNxdjZ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f4cb75f5dca2%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Fff3734a6720518%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8a132bc5849b9036742f0a8ef191d221138fe9882475f1b6ed5cde8642693edd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
dWRLdqvSGfRhinHI5vL32A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
83410
x-fb-debug
rL9FpNWMFjUWDy6p1kzZeg9xKiLH7iOhGfF5Rgf8+QuTHUz3jtpEzAUHhHi0TZxds47qef9XQ74+PkZL8dwY9w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1
expires
Tue, 16 Jul 2024 23:48:21 GMT
PcJyFRF97KA.js
static.xx.fbcdn.net/rsrc.php/v3i7M54/yP/l/en_US/ Frame D476 		154 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yP/l/en_US/PcJyFRF97KA.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f4cb75f5dca2%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Fff3734a6720518%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
67969d49ae2921f7ba587394b0db1f2dbb99fe3a26159cbaca48d46fe06898c3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
F9lsow3v/rLwA/oWP7lPog==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
44239
x-fb-debug
Bxy7+73f2Rrd/xjBbUFniIGvECsofCHKY84eTWlCaiUkq8hJfdgRaSan1Qt236XiibzAw6kN7VYMWW2/RuMklQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1
expires
Fri, 12 Jul 2024 23:48:54 GMT
jeHb6BADhx9.js
static.xx.fbcdn.net/rsrc.php/v3iFip4/y6/l/en_US/ Frame D476 		1 MB
279 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iFip4/y6/l/en_US/jeHb6BADhx9.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f4cb75f5dca2%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Fff3734a6720518%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e17b3f5ca80e9c4c692d471f9537168654b266dbdfcb28e015f93e21b61486df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mSwYoSMzxm+aVmFFa7q7AQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
285903
x-fb-debug
1jozAjVhlijBQNbOr1YKkpGgvjQ/cGF16R81p7gEsSdkE1RbE6JFZk2abYAYCXSAGi5sYWaDwUup7LBKQ5z5GA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
x-fb-optimizer
1
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1
expires
Sat, 20 Jul 2024 16:27:46 GMT
_iRAJ9MEXXb.js
static.xx.fbcdn.net/rsrc.php/v3/yg/r/ Frame D476 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yg/r/_iRAJ9MEXXb.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f4cb75f5dca2%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Fff3734a6720518%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
48f3299c5ea607670cf4fa7b23590e53b86370c98a93939c07196793d7b899c7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
/sRY64jfmzQiYf6c0mXCLw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1053
x-fb-debug
bENN33guzyDZ0H2i7IjJRyKoMMvl2mb9PyliEI+tDw7FNewu3ChepevUzztlA/wyzRt+O68G2l5fppLxBYOnGQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1
expires
Sat, 20 Jul 2024 16:27:29 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame D476 		507 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f4cb75f5dca2%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Fff3734a6720518%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
x-fb-debug
yReOBetRYk/RedfFSS4HU5PDgM7YTWhLbSr1EJaTnYHPSd/uCjWxg39GNFDmNWPokehk75DDnX1/oXj6/99KJQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1
expires
Sat, 20 Jul 2024 05:16:25 GMT
ONSaGuuMQLO.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame D476 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/ONSaGuuMQLO.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f4cb75f5dca2%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Fff3734a6720518%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f398c6f250a4b7c3751acc2297e4b29bc311c1db88f540c8fe032aa89ece7ff3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
b5LsNWRz5JRuAq4DiK9WLw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9328
x-fb-debug
SqK9dw/36SYsGbnGbJVcYEWYDnuEQ+LlAwOAXAo3eR14NC8ZkHN2ZiWBMPgQlCmUJhkHrRMEoAPJUeSeYRO9Zw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1
expires
Thu, 11 Jul 2024 18:01:41 GMT
A26OeqL15Mp.js
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/ Frame D476 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yJ/r/A26OeqL15Mp.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f4cb75f5dca2%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Fff3734a6720518%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d6cddb0acb8765d10d69cd416b80ae7c8a9cb35333f4569c4aac932c2e396ea9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
hAHu/efVQlxvbPr8YcLnNg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16011
x-fb-debug
ObMj0HAVA4IGyE4QUrsmBwVxCk8McxlIHBdQ4Vr3nFWyTFT38v7ClIbya9SvtggnMsNJShcyBvdjgMcTgPL2zg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1
expires
Sun, 14 Jul 2024 00:10:19 GMT
zHnCwistHtb.js
static.xx.fbcdn.net/rsrc.php/v3iPwL4/yc/l/en_US/ Frame D476 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iPwL4/yc/l/en_US/zHnCwistHtb.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f4cb75f5dca2%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Fff3734a6720518%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
75e79ffb3d2ce5c30bf5b2041576c11a95489d425b683786666f7c0ecb6bf521
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
eVUH2dDXxxw7URwLJJoRnQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13191
x-fb-debug
LhblSbbEIHzR4Yc9pYhrtfdYjGSKzoOjNvnH/ExYmwJl6FmccTGakH1ubqERJFaq7gFaXqLDckeTyJ5Mr5mR+g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1
expires
Thu, 18 Jul 2024 18:29:36 GMT
bqi.php
lg3.media.net/ 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=1930&lf=3&&vgd_tsce=L201&vgd_l2type=scs_newfl&pid=8PO52G640&vgd_cdv=1021&vgd_cage=1&kalog=MPTD=384||TPTD=150457034889890899460||MI=3277||CI=3276||SI=3276||SID=8||TLID=6||UUID=2IakW73Idp4isFfXil||HID=0&katen=1&pc=100&katbid=-2&kals=lmid=vBase||ttd=2&kata=at2&kasts=tstype=-10401||gbid=-2&cme=fRSYK7JejNWtqwM-dvOsfTEfzaMPRVSQRdi4inpDEpDPNJBXhZ6pGkrO1FkWZ0qU9ejxcB3JYIi8Ak4NyCPgAyNhqam2GtSlCc-GQgI0Piz9eYlpVcZdsPlujVn_33WbT7UEgOhuYdk5FBJSp7QyE_2Dfxzo0gzyMOcLaaxwEgfzh6nPS4i9ldHjsyC9Uog7Fmq37iKEpT7Layxdq1BdOrZlk-Vk_6ZeaYd2eWGzOSJCVweyGj1wpG3CWMv3acsycyHIDFIRfAXlvKbgNObZPk_iubN9Av3W||e3Msn32YK88sFQx7GDfu1IqzMcz5jfVUNjMVo4q-V2DjOIqbFqXZn-g0SNN6OVybtwB2XObTLdvPzHO_WP-xCXjxx4D8axyavHGcm9K4l7bccb9pozYCmi3wagz43iilXtu5L-QPyWq_7i31x5fBvp5yNPcFUFdfJq91nloq3dGU89EK3JKNh5Lv6_nxt9-uBeFhxkgBRTczAoR8McjtII6bU0klTWYxz--96VTX5D2xe70LGyliuR307Ca86qujEnTue6yp-he6ZUbs62WI1gYHIKi_FZIj|KOA2tkfoPlCxJ92iUGwOAH8oJ5iM_MxvQktYTFi3_1TvliOzofAAOhNiVmc1qiD3|MzXcxtghpPMTC14AlJ5XMEJ-sQzcQki5MKIbrBSaL2wrhEb6xkogxqLksUX5gHw4ldvUs5WKCJ069tE_0lpTwDCnUEfq8HVslIvHFkASOsE=|&fp=apuRvDLAtBkB00__Cmkal3KFrsnGCYd4VsEPJ59Tez9hVFartwcuf5zx_3i7Af9Ah46EVPKyga_HTyUbLX_kMhVngWnIoo-WoboZhanKRbuBTtYJZ7d5crtQbe1YS5nwXtmEaN4yjJxiOm924366-Q==&vgd_x_pos=1062&vgd_y_pos=377&vgd_rensize=302_250&vgd_ren_page_h=22228&vgd_lbt=1000&vgd_btm={%22SPAMPXL%22:%221%22,%22URLDC%22:%221%22}&gdpr=1&mspa=0&prid=8PRHGG6T9&cid=8CUG3G308&crid=726657258&requrl=https://blog.paleohacks.com/protein-smoothies/mpcampaignid=10048221&vi=1689966640579178213&ugd=4&cc=DE&sc=HE&startTime=1689966641279&l1ch=1&l1hcsd=l1!Ot83w|4814&sttm=1689966641287&upk=1689966641.26367&hvsid=00001689966641287006245729282985&verid=3121199&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1689966640173920333&vgd_sc=HE&vgd_uspa=0&vgd_isiolc=1&vgd_pgid=p11782874764t202307211910&vgd_pgids=1
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Date
Fri, 21 Jul 2023 19:10:42 GMT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15
Expires
Fri, 21 Jul 2023 19:10:42 GMT
css2
fonts.googleapis.com/ Frame 0D5F 		9 KB
835 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap
Requested by
Host: paleohacks.lpages.co
URL: https://paleohacks.lpages.co/leadbox/1434c2873f72a2%3A13300845e746dc/5697423099822080/?lp-in-iframe=1&mpcampaignid=10048221&__fromjs=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a63284d0b07236a49f89dd197f9aa2ea595e314e750b5d42834fbda2f7cba411
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paleohacks.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 21 Jul 2023 19:10:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 21 Jul 2023 18:48:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 21 Jul 2023 19:10:42 GMT
/
api.ipify.org/ 		21 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
64.185.227.156 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS
64-185-227-156.static.webnx.com
Software
nginx/1.25.1 /
Resource Hash
e7e7431b9cf4e5b9b4c1c03a02f12677a1ff48e92af634fb2bf0fa9d6d2d6f67

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://blog.paleohacks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 21 Jul 2023 19:10:43 GMT
Server
nginx/1.25.1
Connection
keep-alive
Content-Length
21
Vary
Origin
Content-Type
application/json
css2
fonts.googleapis.com/ Frame 79F6 		9 KB
858 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap
Requested by
Host: paleohacks.lpages.co
URL: https://paleohacks.lpages.co/leadbox/1434c2873f72a2%3A13300845e746dc/5697423099822080/?lp-in-iframe=1&mpcampaignid=10048221&__fromjs=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a63284d0b07236a49f89dd197f9aa2ea595e314e750b5d42834fbda2f7cba411
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paleohacks.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 21 Jul 2023 19:10:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 21 Jul 2023 18:43:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 21 Jul 2023 19:10:42 GMT
unrenderedCreative
paleohacks.attn.tv/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://paleohacks.attn.tv/unrenderedCreative?v=4.24.3&r=&id=09fc05f232004f9084a2136c7f08f3ea&pv=1&l=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F%3Fmpcampaignid%3D10048221&w=1600&h=1200&ss_ref=ORGANIC&m=marketing&m=live-sms&m=backInStock&f=2
Requested by
Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://blog.paleohacks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 21 Jul 2023 19:10:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
22
cf-ray
7ea5bede5e6039d9-FRA
alt-svc
h3=":443"; ma=86400
tracking-event
api.webgains.io/ Frame 6EC5 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.66.180 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-66-180.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 21 Jul 2023 19:10:43 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.66.180 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-66-180.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Fri, 21 Jul 2023 19:10:43 GMT
server
nginx
createActivityLog
track.mypaleorecipe.com/api/ 		8 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.mypaleorecipe.com/api/createActivityLog?visitor_id=155746179&activity_type_id=1&fbp=fb.1.1689966641185.7796007&fbc=undefined&ga=GA1.2.1509868738.1689966641&client_ip_address=37.58.58.246&client_user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/115.0.5790.102%20Safari/537.36&full_url=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F%3Fmpcampaignid%3D10048221&utm_source=0&utm_medium=0&utm_campaign=0&utm_content=0&utm_term=0
Requested by
Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash
c5d2b24e68b8ac27727ae26248865936f2d2d8179fc7e90bbc1ee99ae5aab725

Request headers

Accept
*/*
Referer
https://blog.paleohacks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.33
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2s%2BqOdQkCxF8s2ATX5DNYDeynltl04pQzepC8oyLzgscnvT1PLuBxr9y%2FmcArMeGafB%2B1RMxs4KmWv2zNttb3d1UVq7nThomll3HP6RKxYyoX2ZOaP%2F5ATGX5tpVKVF7MyfbNA%2BZW4IzzywvgCHvl397WiCdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, max-age=0, no-cache
cf-ray
7ea5bedffe209b43-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
admin-ajax.php
blog.paleohacks.com/wp-admin/ 		1 KB
932 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://blog.paleohacks.com/wp-admin/admin-ajax.php?action=show_optin_async&post_id=80585&_=1689966641563
Requested by
Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.23
Resource Hash
bd833e56774c4e58549c8e1f8bbb5e325443444010b44e061dce257da15f4518
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.3.23
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
x-robots-tag
noindex
cf-ray
7ea5bedffc951c7f-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 11 Jan 1984 05:00:00 GMT
bottles-with-red-yellow-green-and-blue-liquids-e1464759531540.jpg
blog.paleohacks.com/wp-content/uploads/2016/05/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2016/05/bottles-with-red-yellow-green-and-blue-liquids-e1464759531540.jpg
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bf18c595a16d5650676f61967d5956c41f9371aaca301e1297bb5e99cf7c90f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:43 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Nov 2019 17:46:36 GMT
server
cloudflare
etag
"5dc6fb7c-575c"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bee09d8c1c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
22364
expires
Sun, 20 Aug 2023 19:10:43 GMT
createUrlParam
track.mypaleorecipe.com/api/ 		8 B
678 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.mypaleorecipe.com/api/createUrlParam?url_param_key=mpcampaignid&url_param_value=10048221&activity_id=27413085
Requested by
Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash
b4e827ad72023944815099096a25ccb9e11d197d1354269ee28bff1396dcf462

Request headers

Accept
*/*
Referer
https://blog.paleohacks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.33
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qwPjoPZ2Sd2gqBcGnGV%2FmU4X3%2Bso8DUZ94DonHjZ%2BeF4LUEBvmGNRkWY88ThCl22%2Ffu5jP9DAAjhIlkpdBl8dTcJJs0jpBaSPFJ25lPlUYF22tWrDv9ERzLFdooWlZgkN%2BxgN2VUvRRQGmxRS6e7Up4mX%2BdcRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, max-age=0, no-cache
cf-ray
7ea5bee12f6e9b43-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/uploads/415/904/33/881/775/653.js?ver=2.12.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0464715c4c43f82ddcc164d56fba69897559251056a05b34b0e7daff43222ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27580
x-xss-protection
0
server
cafe
etag
943 / 19559 / m202307180101 / config-hash: 3532551707473895787
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 21 Jul 2023 19:10:43 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=blog.paleohacks.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		169 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1445756710213098&correlator=2279871784299014&eid=31072019%2C31075029%2C44797786&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fifs&iu_parts=55892584%2Cdesktopfooter%2Cph_widebanner%2Csitefooterbanner%2CPaleohacksSidebarBanner&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%2C970x250%7C728x90%2C970x250%7C728x90%2C300x250%7C300x600&ifi=3&adks=2912191614%2C3129430941%2C2355259855%2C698452367&sfv=1-0-40&sc=1&cookie=ID%3D5e31b3aa8e0a61a9%3AT%3D1689966641%3ART%3D1689966641%3AS%3DALNI_MZKnnmKN3BnHMRwTnwqnbZioeJAEQ&gpic=UID%3D00000c426ed18a24%3AT%3D1689966641%3ART%3D1689966641%3AS%3DALNI_MZg3PY6I9PPaKYXcAN8ZjIOcNhlgg&abxe=1&dt=1689966643600&lmt=1689966643&dlt=1689966640319&idt=809&adxs=0%2C315%2C315%2C1062&adys=1110%2C341%2C22678%2C2959&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C2%7C3&ucis=3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fblog.paleohacks.com%2Fprotein-smoothies%2F%3Fmpcampaignid%3D10048221&frm=20&vis=1&psz=728x-1%7C1600x0%7C1600x0%7C302x0&msz=728x-1%7C1600x0%7C1600x0%7C302x0&fws=516%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&ga_vid=1509868738.1689966641&ga_sid=1689966641&ga_hid=829265085&ga_fc=true&ga_cid=906201907.1689966641
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f6ba0d520ab45e29a96c755045d991b68d40ca504a926ad2c3831bc262730ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:43 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31153
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://blog.paleohacks.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 02DE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.paleohacks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Jul 2023 19:10:41 GMT
expires
Sat, 20 Jul 2024 19:10:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9B0F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.paleohacks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Jul 2023 19:10:41 GMT
expires
Sat, 20 Jul 2024 19:10:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F34D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.paleohacks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Jul 2023 19:10:41 GMT
expires
Sat, 20 Jul 2024 19:10:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CC02 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.paleohacks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Jul 2023 19:10:41 GMT
expires
Sat, 20 Jul 2024 19:10:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dr
as.ad4m.at/ad/ Frame A1CB 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jfzq3n978rqhz86vaq04bv946wt4kakznvhrfj58mxfwnqdzw8pcbxecn68ajbh1khfaszv6zwbebj4jew7699gp0spr63z3fmty5zxsy8qejv45aar81wd8e1mt65vfxg7zwephjh8qjc54c8z2dk1eat7yshnxp1n8f0xdjnzjynh952cwpbe0ehq8m0qj7gh0mfrs682ev1vjt1zz4sxmdzzcr5d3fdr6wfzxea36fxzaj9djtqzvkkdf4kt59wj1bj5k39p5gm9gsk29whw3pxy779wg8nkr6597c9wj2qw7nvh4ke3x7zqxgbpeqwq23y0er17qccv7t3aq94g477qbgwfw4xhg5z453xk02tck7m0ka5qp2rkym990ewna1mf74yf623pf5my8dh1e4q5tserbjyn5z52tgm1saq3fd80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8P5aM9i6ZIe_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgAJP0GHWMcR81Ylc3pgp46uQKqTkWb6HhmzxVcxwi6gxI6xlNRcGlUGTr2dkozjEvaItsvNdYCak_ZEJgwR0u20ySDRCX7k813XVI10T2GB8gDjKaNhyiZglCB8c1ihqDpLS6bSQrcaBdV4DGiaz008ZL9_4lH7YIxeZqgqieoP0MuwFv_x9dX_KyfZ9zna5BYB-jAG7UjgCp97MUGuKU1Ppga3immHuI7TzLCGU-QAgMrINhLvFzKNUYYVlS_46XA7m-mqdFjTZYomYCvoiWwRwqMlJ4eh-ZxLaNf5Qn_2alBWcDaHh9It0XNAdFSwMMeGWi6JlI5fkSQSg7XTavVfe4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2YXOyBCuxPX0M8hb04dTiy3pGF_Q%26client%3Dca-pub-5144389657785565%26adurl%3D
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6be18654cc2ff528e1eb057baf3b8bd6567d9fe66696ed385b14e2e85c6176b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7ea5bee46d8d1e30-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 21 Jul 2023 19:10:43 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 02DE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 13:37:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
19997
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Aug 2023 13:37:26 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 59D0 		1 KB
682 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
19424
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Jul 2023 13:46:59 GMT
etag
48472445140208031
expires
Sat, 22 Jul 2023 13:46:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 02DE 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 17:23:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
6416
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8309
x-xss-protection
0
server
cafe
etag
1379281626718990200
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Aug 2023 17:23:47 GMT
l
www.google.com/ads/measurement/ Frame 02DE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3WWxxqnO0UQUlF10KfvtNqea5ilEaQSTqrlI1sCaRWaGy1_n2irzQNnGlfW64LdUpwhWB3fNIabVSLbmOO2Pfq0Fugg
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 02DE 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 13:14:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
21371
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 20 Jul 2024 13:14:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 02DE 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57333
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689766554590483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Jul 2023 19:10:43 GMT
dr
as.ad4m.at/ad/ Frame E019 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1ke5scfjqadcvm9g58s9zas2wddcprec5tzrcawqmvp9wt53jf6axed26mw81d11791vbe09nyapc93qgcdwsctk5dac8gc37h4qjaj0yjpfdrv7qam84s41akw7dmqk2d1pbkybn79w6apzx224cc7m6ba6ykwbxes8v9d9fdzs9gjpqcqyw41xed6ht0bhvgcdvecpw6hh7jxgnre7b6j1jjwygyjmav857tn26ey7wzejddy0yeydrx993ea7wec75w9e2y6ta9a1txp6z386mwf3kmpgcs1qy8avs8evh18nhn1w9ta8yb8r037vszqahza4r5m8cstjmx55k9a4gdbjt1rp28qrkfgc4ssq534qvm0qfd07hrqnkpwf90swg4w2grg2v86mdgbd9kmzqys6mw54068x8yrmxj3m4y65&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvevWM9i6ZIi_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgQJP0F1pO3yX67ZzeK1a9e8mcP7zqajDgx-vVyjCHkUr2fBiDi1fWwR1Q9Z9FymkY3BlVDAAikbKp1gkb6bse2j9kLbI5vcHSYG0NVpTHy8pqn34nb7fcQgCrGFa8RtQtE6yhLp0ccXYR4F40XaC6eLeMVD9UcmRSrZz773Wp7ob0ybSCdywsKlRQ2GLel2IN5Nhv-ypp9zjAzJ0kyL5jY9wG-NSi_KUikurnIMMttHBSpxFWUJAxK8K8T_HcrpCO-I4ENnOJLoBJXb-AfOAYc0MlD2ArxifhvDeDqS7p1UAAu2rTtlzjEWMhDi3DbT2kjMPtNJvcm7vmM2z2ViYVWUDV-AEAYAGhpG7mv_1zaN4oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Vle0Y0JIAlvdm_9HUfcsqcQBCgA%26client%3Dca-pub-5144389657785565%26adurl%3D
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6939232b8f1f5b30506a90ba69d1c7f7c2ab6018a59290367eb8437d98458d6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7ea5bee47db01e30-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 21 Jul 2023 19:10:43 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 3342 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 13:37:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
19997
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Aug 2023 13:37:26 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2428 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
19424
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Jul 2023 13:46:59 GMT
etag
48472445140208031
expires
Sat, 22 Jul 2023 13:46:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 3342 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 17:23:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
6416
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8309
x-xss-protection
0
server
cafe
etag
1379281626718990200
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Aug 2023 17:23:47 GMT
l
www.google.com/ads/measurement/ Frame 3342 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQqa7Hnw5ytx9mIv-jpEp2IYNSyE1Ay2U25GeGr017k8GzuNIS2hKa8qJI_jkt_UT4I5DKS6EKn8eLZ1T4sCsjSz_wTRA
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3342 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 13:14:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
21371
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 20 Jul 2024 13:14:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3342 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57333
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689766554590483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Jul 2023 19:10:43 GMT
dr
as.ad4m.at/ad/ Frame 1504 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hnb3jc6p52zbbncd6w6rjf9k1870qedcjh22p1j70jzxfc17xw82x9ad2adyss98f125h2b4pjp4yvmx60y0dpqwgpsbxabbzcb1xs0nbvr3w8k7ebtag5nsr9mecqxpvx8c2am39f5fza9d41d98fd8299kprm3nn4ysa0c98awpen24w5cw6excry7gbyv0vjx3w3q4bjpgmza02zd1tkwpygks6pprn1669s1yzdegm4p2kdc21722t8c7p4d6732gsfpwgrcf0s61nzsz3k44v01f1w5sv0c76nesxgqyjn4q84qae9pcn91g0x9v3tv1mpep2ek7v79jawx4dqn0pgyyvs6kma9s9zc48d8xd0g502x833dc4w9gq2t2z862cd0wmnybcnzc8gj8ydwzrw7rdf693exrxf474cs85eryjhx15726aymajh4gzkd605k4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiT-SM9i6ZIm_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEigJP0MyASFGl1c5ginUxYDANj1F2ylqaEEg7IT9maQIdqW4bARAt_XtQHBvEJu3MiHw3g7c8tMQhPzFQwIsvzbqIRHp4qAgUt4euCG_x4JfCMwx7_hvy2s4M-q_uxwyM7ICimDCfNPTrVZdDk0WsExIq0n0OWTGwXdst00EDxQwO3aQ_vQOW-2CElQLmc7LbmbKHsZLeZgF5xcMDM1Crw6028WjFE-f2U8h5QMXoIWmNGYeL-dNWwwri4jAC-naGZpIdPVsusT7sL_FOu5Do617PSwAPxqSYIPnoSUGh4sT3NPrqV7MHd2BMkjr_jOGP4h-U860PWrR9TolKNsFUchZqmrzZmkGG_PjRWeAEAYAGkvWh6ZqGvtcWoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0yKEy7pq4STHDcHe-LdYt2quKDFg%26client%3Dca-pub-5144389657785565%26adurl%3D
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86078e67acfc24254302385d284700cda5dc5542c2408596cc718ecccfcb3e05
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7ea5bee48dbc1e30-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 21 Jul 2023 19:10:43 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame F34D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 13:37:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
19997
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Aug 2023 13:37:26 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 466A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
19424
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Jul 2023 13:46:59 GMT
etag
48472445140208031
expires
Sat, 22 Jul 2023 13:46:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame F34D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 17:23:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
6416
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8309
x-xss-protection
0
server
cafe
etag
1379281626718990200
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Aug 2023 17:23:47 GMT
l
www.google.com/ads/measurement/ Frame F34D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQcC-AJ-PrprlbCybEQT8blJ6DYANf_f_fOCBzwfKvc2dvEEakTBNlfct97biTvBPwa4FSW2rfz_LK6Y_WYhS-N7sjwg
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F34D 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 13:14:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
21371
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 20 Jul 2024 13:14:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F34D 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57333
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689766554590483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Jul 2023 19:10:43 GMT
dr
as.ad4m.at/ad/ Frame 5FA0 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kn6tt5qnee1w41yyj2y27wx8yqfecjvn0h5cs1a83b425temq8tpq399qr0vsr979xy7zzf5ajpxmw2s01x2z502f90j2ffahhexkhf3t0at797ben0b9xhyx3n3skfbj8t2keaw7q5ffqx57btkfznssjxt4mgk6amfcnymf2knwsy5hz4jc9epbv5r0nehhs4m6s8ckphgbptk9ed3hdvgytap10mqxa79av3vxysys03hjpvhtbacjs83h3qwjybhanca0etswy4zs8knbjavp0rrwzwtdsnvg20hfcb4kspt9hb100awyap91tcc1p4rb41ry604n5gns90qwv3sbks1srnnrdz9rvgg2xwng7k0pqddn237eg6s0m8sgf2dr3m4v5bdpstafnfn7a14zacjf4dj21waannen6va12k&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-5VpM9i6ZIq_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoElAJP0BErL4Qz4KYSSOSfO-TxjYSJw6a68vKcJkBTx4F3YkdKi0S94QdX7n1qrcA-myZ0-Fkqb0G4Jzmt_tYMpUs14JBeVbzr7wlmoLzshjQv4n5M5ezMOub12oGMlWD5NcgOi26D0DnZqaImaRu5hSW9zLR9VzK4HP-soRHzziv7UnVbUKqdCMGRqWSkQr2zaUmsBGV-r26bHOJZCwBc3xckK9aimFg5eTyG641KEfcQv2_5P4MlHe54JOrztY7bNiBhmsbIr-nitdyAxca98dyaosJZREDgcwoLReT775VmZ7v5aFi3X4VjTcpBhpm_Vzs8FvbkUeFpYzS5qWvJxpmeOvDemvxMWod1QP6Ad6CSpelEnWngBAGABpbepJTeoYKahgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3mqg9F4Pgi-eWOuF2wC9YBDx76Gw%26client%3Dca-pub-5144389657785565%26adurl%3D
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c23308a250ea3ca6ae0b6f730051226aec859ee4ac86d98c1a90ca1b6b0408dc
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7ea5bee49dde1e30-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 21 Jul 2023 19:10:43 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame E0CE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 13:37:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
19997
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Aug 2023 13:37:26 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3B7C 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
19424
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Jul 2023 13:46:59 GMT
etag
48472445140208031
expires
Sat, 22 Jul 2023 13:46:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame E0CE 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 17:23:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
6416
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8309
x-xss-protection
0
server
cafe
etag
1379281626718990200
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 04 Aug 2023 17:23:47 GMT
l
www.google.com/ads/measurement/ Frame E0CE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQYhl4oGuoJEqbPaivUqe-_CvKwft1t4COSsSUmlGZB-O3xVx7Z1TB77W3wtIRhQohrAjif0KdowXehvXz934EGaKmF5w
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E0CE 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 13:14:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
21371
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 20 Jul 2024 13:14:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E0CE 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57333
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689766554590483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Jul 2023 19:10:43 GMT
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame A1CB 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jfzq3n978rqhz86vaq04bv946wt4kakznvhrfj58mxfwnqdzw8pcbxecn68ajbh1khfaszv6zwbebj4jew7699gp0spr63z3fmty5zxsy8qejv45aar81wd8e1mt65vfxg7zwephjh8qjc54c8z2dk1eat7yshnxp1n8f0xdjnzjynh952cwpbe0ehq8m0qj7gh0mfrs682ev1vjt1zz4sxmdzzcr5d3fdr6wfzxea36fxzaj9djtqzvkkdf4kt59wj1bj5k39p5gm9gsk29whw3pxy779wg8nkr6597c9wj2qw7nvh4ke3x7zqxgbpeqwq23y0er17qccv7t3aq94g477qbgwfw4xhg5z453xk02tck7m0ka5qp2rkym990ewna1mf74yf623pf5my8dh1e4q5tserbjyn5z52tgm1saq3fd80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8P5aM9i6ZIe_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgAJP0GHWMcR81Ylc3pgp46uQKqTkWb6HhmzxVcxwi6gxI6xlNRcGlUGTr2dkozjEvaItsvNdYCak_ZEJgwR0u20ySDRCX7k813XVI10T2GB8gDjKaNhyiZglCB8c1ihqDpLS6bSQrcaBdV4DGiaz008ZL9_4lH7YIxeZqgqieoP0MuwFv_x9dX_KyfZ9zna5BYB-jAG7UjgCp97MUGuKU1Ppga3immHuI7TzLCGU-QAgMrINhLvFzKNUYYVlS_46XA7m-mqdFjTZYomYCvoiWwRwqMlJ4eh-ZxLaNf5Qn_2alBWcDaHh9It0XNAdFSwMMeGWi6JlI5fkSQSg7XTavVfe4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2YXOyBCuxPX0M8hb04dTiy3pGF_Q%26client%3Dca-pub-5144389657785565%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jfzq3n978rqhz86vaq04bv946wt4kakznvhrfj58mxfwnqdzw8pcbxecn68ajbh1khfaszv6zwbebj4jew7699gp0spr63z3fmty5zxsy8qejv45aar81wd8e1mt65vfxg7zwephjh8qjc54c8z2dk1eat7yshnxp1n8f0xdjnzjynh952cwpbe0ehq8m0qj7gh0mfrs682ev1vjt1zz4sxmdzzcr5d3fdr6wfzxea36fxzaj9djtqzvkkdf4kt59wj1bj5k39p5gm9gsk29whw3pxy779wg8nkr6597c9wj2qw7nvh4ke3x7zqxgbpeqwq23y0er17qccv7t3aq94g477qbgwfw4xhg5z453xk02tck7m0ka5qp2rkym990ewna1mf74yf623pf5my8dh1e4q5tserbjyn5z52tgm1saq3fd80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8P5aM9i6ZIe_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgAJP0GHWMcR81Ylc3pgp46uQKqTkWb6HhmzxVcxwi6gxI6xlNRcGlUGTr2dkozjEvaItsvNdYCak_ZEJgwR0u20ySDRCX7k813XVI10T2GB8gDjKaNhyiZglCB8c1ihqDpLS6bSQrcaBdV4DGiaz008ZL9_4lH7YIxeZqgqieoP0MuwFv_x9dX_KyfZ9zna5BYB-jAG7UjgCp97MUGuKU1Ppga3immHuI7TzLCGU-QAgMrINhLvFzKNUYYVlS_46XA7m-mqdFjTZYomYCvoiWwRwqMlJ4eh-ZxLaNf5Qn_2alBWcDaHh9It0XNAdFSwMMeGWi6JlI5fkSQSg7XTavVfe4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2YXOyBCuxPX0M8hb04dTiy3pGF_Q%26client%3Dca-pub-5144389657785565%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
806256
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dI9J5vykYJLp6ylqaUGh524wTINFh5jlGaxHPRZx2zPSD7u2ddaxBkOLMUXdqTz%2FMTa1x%2BwKyrHSWFTizCzUAS02d%2BpBpDieJ%2Bpz2kTZuykcgvhzJOvrXht27dyswQl6QWsCl3dive0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7ea5bee4adff1e30-FRA
expires
Fri, 21 Jul 2023 20:10:43 GMT
r62eglto.js
ad4m.at/ Frame A1CB 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jfzq3n978rqhz86vaq04bv946wt4kakznvhrfj58mxfwnqdzw8pcbxecn68ajbh1khfaszv6zwbebj4jew7699gp0spr63z3fmty5zxsy8qejv45aar81wd8e1mt65vfxg7zwephjh8qjc54c8z2dk1eat7yshnxp1n8f0xdjnzjynh952cwpbe0ehq8m0qj7gh0mfrs682ev1vjt1zz4sxmdzzcr5d3fdr6wfzxea36fxzaj9djtqzvkkdf4kt59wj1bj5k39p5gm9gsk29whw3pxy779wg8nkr6597c9wj2qw7nvh4ke3x7zqxgbpeqwq23y0er17qccv7t3aq94g477qbgwfw4xhg5z453xk02tck7m0ka5qp2rkym990ewna1mf74yf623pf5my8dh1e4q5tserbjyn5z52tgm1saq3fd80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8P5aM9i6ZIe_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgAJP0GHWMcR81Ylc3pgp46uQKqTkWb6HhmzxVcxwi6gxI6xlNRcGlUGTr2dkozjEvaItsvNdYCak_ZEJgwR0u20ySDRCX7k813XVI10T2GB8gDjKaNhyiZglCB8c1ihqDpLS6bSQrcaBdV4DGiaz008ZL9_4lH7YIxeZqgqieoP0MuwFv_x9dX_KyfZ9zna5BYB-jAG7UjgCp97MUGuKU1Ppga3immHuI7TzLCGU-QAgMrINhLvFzKNUYYVlS_46XA7m-mqdFjTZYomYCvoiWwRwqMlJ4eh-ZxLaNf5Qn_2alBWcDaHh9It0XNAdFSwMMeGWi6JlI5fkSQSg7XTavVfe4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2YXOyBCuxPX0M8hb04dTiy3pGF_Q%26client%3Dca-pub-5144389657785565%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
268820
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9%2BjwejBy7jqLusS7bA5HrINzUml2Rki6pn4i53yA6pASCEGhG5cibIpfyByPlklCKXz5DVtFA0mcS2Q%2BTxz2JuM3QXviV1bMFJ8X89hmOjg%2B4SysUJOKzZMqQ4jJRmoVzRkeHU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7ea5bee4ae001e30-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 18 Jul 2023 16:30:13 GMT
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame E019 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ke5scfjqadcvm9g58s9zas2wddcprec5tzrcawqmvp9wt53jf6axed26mw81d11791vbe09nyapc93qgcdwsctk5dac8gc37h4qjaj0yjpfdrv7qam84s41akw7dmqk2d1pbkybn79w6apzx224cc7m6ba6ykwbxes8v9d9fdzs9gjpqcqyw41xed6ht0bhvgcdvecpw6hh7jxgnre7b6j1jjwygyjmav857tn26ey7wzejddy0yeydrx993ea7wec75w9e2y6ta9a1txp6z386mwf3kmpgcs1qy8avs8evh18nhn1w9ta8yb8r037vszqahza4r5m8cstjmx55k9a4gdbjt1rp28qrkfgc4ssq534qvm0qfd07hrqnkpwf90swg4w2grg2v86mdgbd9kmzqys6mw54068x8yrmxj3m4y65&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvevWM9i6ZIi_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgQJP0F1pO3yX67ZzeK1a9e8mcP7zqajDgx-vVyjCHkUr2fBiDi1fWwR1Q9Z9FymkY3BlVDAAikbKp1gkb6bse2j9kLbI5vcHSYG0NVpTHy8pqn34nb7fcQgCrGFa8RtQtE6yhLp0ccXYR4F40XaC6eLeMVD9UcmRSrZz773Wp7ob0ybSCdywsKlRQ2GLel2IN5Nhv-ypp9zjAzJ0kyL5jY9wG-NSi_KUikurnIMMttHBSpxFWUJAxK8K8T_HcrpCO-I4ENnOJLoBJXb-AfOAYc0MlD2ArxifhvDeDqS7p1UAAu2rTtlzjEWMhDi3DbT2kjMPtNJvcm7vmM2z2ViYVWUDV-AEAYAGhpG7mv_1zaN4oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Vle0Y0JIAlvdm_9HUfcsqcQBCgA%26client%3Dca-pub-5144389657785565%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1ke5scfjqadcvm9g58s9zas2wddcprec5tzrcawqmvp9wt53jf6axed26mw81d11791vbe09nyapc93qgcdwsctk5dac8gc37h4qjaj0yjpfdrv7qam84s41akw7dmqk2d1pbkybn79w6apzx224cc7m6ba6ykwbxes8v9d9fdzs9gjpqcqyw41xed6ht0bhvgcdvecpw6hh7jxgnre7b6j1jjwygyjmav857tn26ey7wzejddy0yeydrx993ea7wec75w9e2y6ta9a1txp6z386mwf3kmpgcs1qy8avs8evh18nhn1w9ta8yb8r037vszqahza4r5m8cstjmx55k9a4gdbjt1rp28qrkfgc4ssq534qvm0qfd07hrqnkpwf90swg4w2grg2v86mdgbd9kmzqys6mw54068x8yrmxj3m4y65&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvevWM9i6ZIi_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgQJP0F1pO3yX67ZzeK1a9e8mcP7zqajDgx-vVyjCHkUr2fBiDi1fWwR1Q9Z9FymkY3BlVDAAikbKp1gkb6bse2j9kLbI5vcHSYG0NVpTHy8pqn34nb7fcQgCrGFa8RtQtE6yhLp0ccXYR4F40XaC6eLeMVD9UcmRSrZz773Wp7ob0ybSCdywsKlRQ2GLel2IN5Nhv-ypp9zjAzJ0kyL5jY9wG-NSi_KUikurnIMMttHBSpxFWUJAxK8K8T_HcrpCO-I4ENnOJLoBJXb-AfOAYc0MlD2ArxifhvDeDqS7p1UAAu2rTtlzjEWMhDi3DbT2kjMPtNJvcm7vmM2z2ViYVWUDV-AEAYAGhpG7mv_1zaN4oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Vle0Y0JIAlvdm_9HUfcsqcQBCgA%26client%3Dca-pub-5144389657785565%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
806256
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGT1WivlZyltoEsfljuWc13E0cp8vjVId%2BufbCTzPd%2FFiKIgQhcYBP%2FXqmXqYoy3HjujVMOIWz7gdgiEkZgf8qHM6ZlzqfLG5VqSOZKU7bHaKamxT%2Fsk721xusmBCMCbmr0pJr%2B%2F0g4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7ea5bee4ce1d1e30-FRA
expires
Fri, 21 Jul 2023 20:10:43 GMT
r62eglto.js
ad4m.at/ Frame E019 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ke5scfjqadcvm9g58s9zas2wddcprec5tzrcawqmvp9wt53jf6axed26mw81d11791vbe09nyapc93qgcdwsctk5dac8gc37h4qjaj0yjpfdrv7qam84s41akw7dmqk2d1pbkybn79w6apzx224cc7m6ba6ykwbxes8v9d9fdzs9gjpqcqyw41xed6ht0bhvgcdvecpw6hh7jxgnre7b6j1jjwygyjmav857tn26ey7wzejddy0yeydrx993ea7wec75w9e2y6ta9a1txp6z386mwf3kmpgcs1qy8avs8evh18nhn1w9ta8yb8r037vszqahza4r5m8cstjmx55k9a4gdbjt1rp28qrkfgc4ssq534qvm0qfd07hrqnkpwf90swg4w2grg2v86mdgbd9kmzqys6mw54068x8yrmxj3m4y65&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvevWM9i6ZIi_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgQJP0F1pO3yX67ZzeK1a9e8mcP7zqajDgx-vVyjCHkUr2fBiDi1fWwR1Q9Z9FymkY3BlVDAAikbKp1gkb6bse2j9kLbI5vcHSYG0NVpTHy8pqn34nb7fcQgCrGFa8RtQtE6yhLp0ccXYR4F40XaC6eLeMVD9UcmRSrZz773Wp7ob0ybSCdywsKlRQ2GLel2IN5Nhv-ypp9zjAzJ0kyL5jY9wG-NSi_KUikurnIMMttHBSpxFWUJAxK8K8T_HcrpCO-I4ENnOJLoBJXb-AfOAYc0MlD2ArxifhvDeDqS7p1UAAu2rTtlzjEWMhDi3DbT2kjMPtNJvcm7vmM2z2ViYVWUDV-AEAYAGhpG7mv_1zaN4oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Vle0Y0JIAlvdm_9HUfcsqcQBCgA%26client%3Dca-pub-5144389657785565%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
268820
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2UBKZ%2BgNbHXC5VNnvLd8Je8dIEhdWK%2BRMoVqA3fVGFrtPgmCG4MpptqKX1gHYx3ThTa8NyZsS0nk7rh7tP9F1GsMaY2q0a4s64EJ25i69sU9U4o9MSAdotTYnFNqqRWJCHTKkEE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7ea5bee4ce1f1e30-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 18 Jul 2023 16:30:13 GMT
dpixel
cms.quantserve.com/ Frame 59D0 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAum9ZfhFi6iTn0Rba1an5E&google_cver=1&google_push=AaAOQGHCV10YBSrFK1-1Hp74deo_Vau8ZK_l3Cfp-X_DlmLZ4aUs5AI7IDDyW0QUuZqEoGKqeykEoTWYd7pP8cCiTkr6BrcdcKeC0y8
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:44 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 59D0 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFFb1M1uC26DIJXbVwQI9Vs&google_cver=1&google_push=AaAOQGE9v--nja8-B6Y-ScpMtfZLoEISNYwqe_6SfQPkbCdxP9tsycWXN9n0qfr9UuQfVmQLFiKCvhgxFtLHsUOkFfiBn1voS6iUtlY
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Jul 2023 19:10:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 59D0
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELwki-cOh_Saef214yyFVs0&google_cver=1&google_push=AaAOQGG2gXs-PDJaO2X55v-nAFzaLFZg6QNhWHtYiUDowCGNCCbATsRzuKYGRLtWs3tjvB-16UKMcfjV4Xi...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGG2gXs-PDJaO2X55v-nAFzaLFZg6QNhWHtYiUDowCGNCCbATsRzuKYGRLtWs3tjvB-16UKMcfjV4XiWYjd3BRAVDvGc6gP9UA&google_hm=D4FT3DIWRwqEdP5RlE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGG2gXs-PDJaO2X55v-nAFzaLFZg6QNhWHtYiUDowCGNCCbATsRzuKYGRLtWs3tjvB-16UKMcfjV4XiWYjd3BRAVDvGc6gP9UA&google_hm=D4FT3DIWRwqEdP5RlEjIV_Y
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:43 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGG2gXs-PDJaO2X55v-nAFzaLFZg6QNhWHtYiUDowCGNCCbATsRzuKYGRLtWs3tjvB-16UKMcfjV4XiWYjd3BRAVDvGc6gP9UA&google_hm=D4FT3DIWRwqEdP5RlEjIV_Y
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 59D0 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEAEIg-eCEurZ33Gv2A_hZbY&google_cver=1&google_push=AaAOQGGNCQuYe0-1OJFkqTLqqg7zYRiEsH5C2hyF8EazWQ-knDxJ2EPyIho9MTthGiVtNJHkEr9GHvB5d9ER9vNwQaGXlQu_p6Oen0Y
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 59D0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJVwuBimno7-lTiBzNXOOOw&google_cver=1&google_push=AaAOQGEAtJo2Gm9GKvUi618zBpg0OfIbMA7_Ee6rrLtqIV4EOQoyU6AzK8A3bZT6xmGdCMsR12wF9XzHIdYJhlQ6Zwz_...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJVwuBimno7-lTiBzNXOOOw&google_cver=1&google_push=AaAOQGEAtJo2Gm9GKvUi618zBpg0OfIbMA7_Ee6rrLtqIV4EOQoyU6AzK8A3bZT6xmGdCMsR12wF9XzHIdYJhl...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGEAtJo2Gm9GKvUi618zBpg0OfIbMA7_Ee6rrLtqIV4EOQoyU6AzK8A3bZT6xmGdCMsR12wF9XzHIdYJhlQ6Zwz_amy0Dr1bKGM&google_hm=SOkvKWE6Q_2WkPAVALPJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGEAtJo2Gm9GKvUi618zBpg0OfIbMA7_Ee6rrLtqIV4EOQoyU6AzK8A3bZT6xmGdCMsR12wF9XzHIdYJhlQ6Zwz_amy0Dr1bKGM&google_hm=SOkvKWE6Q_2WkPAVALPJvg==
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGEAtJo2Gm9GKvUi618zBpg0OfIbMA7_Ee6rrLtqIV4EOQoyU6AzK8A3bZT6xmGdCMsR12wF9XzHIdYJhlQ6Zwz_amy0Dr1bKGM&google_hm=SOkvKWE6Q_2WkPAVALPJvg==
date
Fri, 21 Jul 2023 19:10:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 59D0
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPMn_ATS2WQEtSghU-b34ug&google_cver=1&google_push=AaAOQGEoz4Q-vUTFBMp6x827gOYkCLBwh4FtIAeJYHHiKSqai7nrz4ACIhV7w2_9UIY51jJ2Xk7HmN1ctBNROW39hWI5Zq7...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEoz4Q-vUTFBMp6x827gOYkCLBwh4FtIAeJYHHiKSqai7nrz4ACIhV7w2_9UIY51jJ2Xk7HmN1ctBNROW39hWI5Zq7ET3-08ik&google_hm=eS1tX1hzQjhaRTJwR01...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEoz4Q-vUTFBMp6x827gOYkCLBwh4FtIAeJYHHiKSqai7nrz4ACIhV7w2_9UIY51jJ2Xk7HmN1ctBNROW39hWI5Zq7ET3-08ik&google_hm=eS1tX1hzQjhaRTJwR01PZUNrOExqNmE5V25XQTQwckdLMn5B
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 21 Jul 2023 19:10:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEoz4Q-vUTFBMp6x827gOYkCLBwh4FtIAeJYHHiKSqai7nrz4ACIhV7w2_9UIY51jJ2Xk7HmN1ctBNROW39hWI5Zq7ET3-08ik&google_hm=eS1tX1hzQjhaRTJwR01PZUNrOExqNmE5V25XQTQwckdLMn5B
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame 59D0 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3D%25%25GOOGLE_PUSH%25%25&google_gid=CAESEDnupx557On4XtS7ejSDEp4&google_cver=1&google_push=AaAOQGE0Jb6PgmcXRx10_blUxZsrkyH_22ZHpke0hbTV_IFBADNhu7_1iRM49c0-Lob6gFfIKor3BckNikyyb0cSHGWkothRxV_EgeA
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:43 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
177792
expires
Fri, 21 Jul 2023 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 59D0 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JzDwAnHCTA5buc7gZGGPQw5mSZvEW4tsFs1sKyxytIYPksw01LdKmGVt99ON-Pq5PHnvR0
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 1504 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hnb3jc6p52zbbncd6w6rjf9k1870qedcjh22p1j70jzxfc17xw82x9ad2adyss98f125h2b4pjp4yvmx60y0dpqwgpsbxabbzcb1xs0nbvr3w8k7ebtag5nsr9mecqxpvx8c2am39f5fza9d41d98fd8299kprm3nn4ysa0c98awpen24w5cw6excry7gbyv0vjx3w3q4bjpgmza02zd1tkwpygks6pprn1669s1yzdegm4p2kdc21722t8c7p4d6732gsfpwgrcf0s61nzsz3k44v01f1w5sv0c76nesxgqyjn4q84qae9pcn91g0x9v3tv1mpep2ek7v79jawx4dqn0pgyyvs6kma9s9zc48d8xd0g502x833dc4w9gq2t2z862cd0wmnybcnzc8gj8ydwzrw7rdf693exrxf474cs85eryjhx15726aymajh4gzkd605k4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiT-SM9i6ZIm_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEigJP0MyASFGl1c5ginUxYDANj1F2ylqaEEg7IT9maQIdqW4bARAt_XtQHBvEJu3MiHw3g7c8tMQhPzFQwIsvzbqIRHp4qAgUt4euCG_x4JfCMwx7_hvy2s4M-q_uxwyM7ICimDCfNPTrVZdDk0WsExIq0n0OWTGwXdst00EDxQwO3aQ_vQOW-2CElQLmc7LbmbKHsZLeZgF5xcMDM1Crw6028WjFE-f2U8h5QMXoIWmNGYeL-dNWwwri4jAC-naGZpIdPVsusT7sL_FOu5Do617PSwAPxqSYIPnoSUGh4sT3NPrqV7MHd2BMkjr_jOGP4h-U860PWrR9TolKNsFUchZqmrzZmkGG_PjRWeAEAYAGkvWh6ZqGvtcWoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0yKEy7pq4STHDcHe-LdYt2quKDFg%26client%3Dca-pub-5144389657785565%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hnb3jc6p52zbbncd6w6rjf9k1870qedcjh22p1j70jzxfc17xw82x9ad2adyss98f125h2b4pjp4yvmx60y0dpqwgpsbxabbzcb1xs0nbvr3w8k7ebtag5nsr9mecqxpvx8c2am39f5fza9d41d98fd8299kprm3nn4ysa0c98awpen24w5cw6excry7gbyv0vjx3w3q4bjpgmza02zd1tkwpygks6pprn1669s1yzdegm4p2kdc21722t8c7p4d6732gsfpwgrcf0s61nzsz3k44v01f1w5sv0c76nesxgqyjn4q84qae9pcn91g0x9v3tv1mpep2ek7v79jawx4dqn0pgyyvs6kma9s9zc48d8xd0g502x833dc4w9gq2t2z862cd0wmnybcnzc8gj8ydwzrw7rdf693exrxf474cs85eryjhx15726aymajh4gzkd605k4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiT-SM9i6ZIm_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEigJP0MyASFGl1c5ginUxYDANj1F2ylqaEEg7IT9maQIdqW4bARAt_XtQHBvEJu3MiHw3g7c8tMQhPzFQwIsvzbqIRHp4qAgUt4euCG_x4JfCMwx7_hvy2s4M-q_uxwyM7ICimDCfNPTrVZdDk0WsExIq0n0OWTGwXdst00EDxQwO3aQ_vQOW-2CElQLmc7LbmbKHsZLeZgF5xcMDM1Crw6028WjFE-f2U8h5QMXoIWmNGYeL-dNWwwri4jAC-naGZpIdPVsusT7sL_FOu5Do617PSwAPxqSYIPnoSUGh4sT3NPrqV7MHd2BMkjr_jOGP4h-U860PWrR9TolKNsFUchZqmrzZmkGG_PjRWeAEAYAGkvWh6ZqGvtcWoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0yKEy7pq4STHDcHe-LdYt2quKDFg%26client%3Dca-pub-5144389657785565%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
806256
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4lxZglF2OtCB9PuR%2FioWmZqC9cqpmkPknCfcuBcyrgmy1AAYlDnFQfBPgft%2FGy8macpEm9vb509O%2B5wI%2Fhwz9%2FTEYwLnl3QhR9fAcKqVwjbbPfIltHY%2Bi8vBwTum1hlBd01zv1HC2Q%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7ea5bee4de391e30-FRA
expires
Fri, 21 Jul 2023 20:10:43 GMT
r62eglto.js
ad4m.at/ Frame 1504 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hnb3jc6p52zbbncd6w6rjf9k1870qedcjh22p1j70jzxfc17xw82x9ad2adyss98f125h2b4pjp4yvmx60y0dpqwgpsbxabbzcb1xs0nbvr3w8k7ebtag5nsr9mecqxpvx8c2am39f5fza9d41d98fd8299kprm3nn4ysa0c98awpen24w5cw6excry7gbyv0vjx3w3q4bjpgmza02zd1tkwpygks6pprn1669s1yzdegm4p2kdc21722t8c7p4d6732gsfpwgrcf0s61nzsz3k44v01f1w5sv0c76nesxgqyjn4q84qae9pcn91g0x9v3tv1mpep2ek7v79jawx4dqn0pgyyvs6kma9s9zc48d8xd0g502x833dc4w9gq2t2z862cd0wmnybcnzc8gj8ydwzrw7rdf693exrxf474cs85eryjhx15726aymajh4gzkd605k4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiT-SM9i6ZIm_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEigJP0MyASFGl1c5ginUxYDANj1F2ylqaEEg7IT9maQIdqW4bARAt_XtQHBvEJu3MiHw3g7c8tMQhPzFQwIsvzbqIRHp4qAgUt4euCG_x4JfCMwx7_hvy2s4M-q_uxwyM7ICimDCfNPTrVZdDk0WsExIq0n0OWTGwXdst00EDxQwO3aQ_vQOW-2CElQLmc7LbmbKHsZLeZgF5xcMDM1Crw6028WjFE-f2U8h5QMXoIWmNGYeL-dNWwwri4jAC-naGZpIdPVsusT7sL_FOu5Do617PSwAPxqSYIPnoSUGh4sT3NPrqV7MHd2BMkjr_jOGP4h-U860PWrR9TolKNsFUchZqmrzZmkGG_PjRWeAEAYAGkvWh6ZqGvtcWoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0yKEy7pq4STHDcHe-LdYt2quKDFg%26client%3Dca-pub-5144389657785565%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
268820
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51TvkbqqKWNfHBrvNldaHtHPePtER9uv%2BsuRSUfOHmTtG8HaGY2h0prOWdmnadPgayPIoD6DoxaG5PBbAnsWZZo2vBW8E%2BENTQFvfF%2FDcTSHprTBPeTzWmYhdK1CFx3o97TX5uE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7ea5bee4de3b1e30-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 18 Jul 2023 16:30:13 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 2428
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESED9ydCR3xVkuesM4-2VNe7s&google_cver=1&google_push=AaAOQGEhqo8xW2oFUNiRdSkwhEe-gls96kPnqzwKD1aGxoFQJ11P-d_ZzXq0hSx_EgtYutdA8Nb-oZqTjuIR8BOaLot60uEqvSQ32jM
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODUyMjQ2Nzk3MDkxNDc5MDg3OQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED9ydCR3xVkuesM4-2VNe7s&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED9ydCR3xVkuesM4-2VNe7s&google_cver=1
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Jul 2023 19:10:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED9ydCR3xVkuesM4-2VNe7s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2428
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMRL9vmWmlgbx6Ypwe-Hhsw&google_cver=1&google_push=AaAOQGFajMiFcAmshQxVdooCjNDgsLWHSsilvjJvXp56DtkQoKwfM-XGoYVmkIegdkRRehK5kaZ4gFaAf1CczEpm...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGFajMiFcAmshQxVdooCjNDgsLWHSsilvjJvXp56DtkQoKwfM-XGoYVmkIegdkRRehK5kaZ4gFaAf1CczEpm-nhfZ5t_o3imLkw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGFajMiFcAmshQxVdooCjNDgsLWHSsilvjJvXp56DtkQoKwfM-XGoYVmkIegdkRRehK5kaZ4gFaAf1CczEpm-nhfZ5t_o3imLkw
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 21 Jul 2023 19:10:44 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x29 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGFajMiFcAmshQxVdooCjNDgsLWHSsilvjJvXp56DtkQoKwfM-XGoYVmkIegdkRRehK5kaZ4gFaAf1CczEpm-nhfZ5t_o3imLkw
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 21 Jul 2023 19:10:43 GMT
i.match
a.tribalfusion.com/ Frame 2428 		43 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEDPvHCbhoQkEXnuupLWVtTE&google_cver=1&google_push=AaAOQGFIAjEHM13OFUJGOx-b8LTVn-DaPRpvhvEasvSDi-FH6M_Te7CQ2wEM4vqiHuqqGFJJqOAvH37McqFTnNFj5ztRoKyVBzu62ZQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFIAjEHM13OFUJGOx-b8LTVn-DaPRpvhvEasvSDi-FH6M_Te7CQ2wEM4vqiHuqqGFJJqOAvH37McqFTnNFj5ztRoKyVBzu62ZQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:44 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7ea5bee4d9c94dbd-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 2428 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFFb1M1uC26DIJXbVwQI9Vs&google_cver=1&google_push=AaAOQGGkU2XA2sSSGyYXGK4rNxxHLcr2TJiC2ahsbgJIdwc2cvoakJMNcOkkETYMmNtQk2zCY_jQ4yY4TV2lsinHzEFEafU4FwVVVlc
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Jul 2023 19:10:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 2428
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPMn_ATS2WQEtSghU-b34ug&google_cver=1&google_push=AaAOQGHozCUPjh-f27Pr-X6oLuV99yjymctsmlMcpXEvUVhLJ8Uzm8gthFDa6qdFqC5j2xsjVAWpSWyj1kaKfJHhGzg65Wd...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHozCUPjh-f27Pr-X6oLuV99yjymctsmlMcpXEvUVhLJ8Uzm8gthFDa6qdFqC5j2xsjVAWpSWyj1kaKfJHhGzg65Wde71t8oxI&google_hm=eS1fODQ5SWRCRTJwRnU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHozCUPjh-f27Pr-X6oLuV99yjymctsmlMcpXEvUVhLJ8Uzm8gthFDa6qdFqC5j2xsjVAWpSWyj1kaKfJHhGzg65Wde71t8oxI&google_hm=eS1fODQ5SWRCRTJwRnU3d1lkejZpTGpOOXlQSkhUSWh6MH5B
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 21 Jul 2023 19:10:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHozCUPjh-f27Pr-X6oLuV99yjymctsmlMcpXEvUVhLJ8Uzm8gthFDa6qdFqC5j2xsjVAWpSWyj1kaKfJHhGzg65Wde71t8oxI&google_hm=eS1fODQ5SWRCRTJwRnU3d1lkejZpTGpOOXlQSkhUSWh6MH5B
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame 2428 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3D%25%25GOOGLE_PUSH%25%25&google_gid=CAESEDnupx557On4XtS7ejSDEp4&google_cver=1&google_push=AaAOQGF4rAbCkXs_0PFCT9f4IKo8lSWkJa7epIVWWzyl1ky5eTHlrPuiuswE908dD2zukQBF2_HLfC91nezH27ilQA2bFfUbHY_-I2E
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:43 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
197840
expires
Fri, 21 Jul 2023 00:00:00 GMT
report
sync.teads.tv/um/ Frame 2428
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEJVbs2cUk1su...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGGDTi8OCD3FXAO9JCAi4b2p5jlenYn9zEhc4h9hm-XB4-xshmwflYLGVGRPvX74qRdqPSIyxLr5LtYdeAFeSVvveHdCemiSMjs
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

expires
Fri, 21 Jul 2023 19:10:44 GMT
pragma
no-cache
date
Fri, 21 Jul 2023 19:10:44 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 2428 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KYced0YWefHHBwv_d8m5Jmx5UsZVGioDWBrnBZVstVZJfUzVShZesodpA9XzMkdCdfeLGtbg
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 466A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP97oh-_hphHypI-RKTH6vI&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VkpBZUtmaDcxUW1Wd3Q1&google_gid=CAESEP97oh-_hphHypI-RKTH6vI&google_cver=1&google_push=AaAOQGHxDX1UspXyiEpxqJnKOCUVYd2LjlFkzRkLJHq0Ur_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VkpBZUtmaDcxUW1Wd3Q1&google_gid=CAESEP97oh-_hphHypI-RKTH6vI&google_cver=1&google_push=AaAOQGHxDX1UspXyiEpxqJnKOCUVYd2LjlFkzRkLJHq0Ur_SMuql1GJ6nYrkxdlg6GGyyLVNkyOsnNqudfqElkUgcyhADA9rjZ_8xPI
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 21 Jul 2023 19:10:43 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-783-g46ba6fe#rel-ec2-master i-039373edd24dbbb61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VkpBZUtmaDcxUW1Wd3Q1&google_gid=CAESEP97oh-_hphHypI-RKTH6vI&google_cver=1&google_push=AaAOQGHxDX1UspXyiEpxqJnKOCUVYd2LjlFkzRkLJHq0Ur_SMuql1GJ6nYrkxdlg6GGyyLVNkyOsnNqudfqElkUgcyhADA9rjZ_8xPI
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 466A
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEGfrgrumsDs1KQyx808lbZw&google_cver=1&google_push=AaAOQGEcY4CzbkRYMPYn2wuovgu-qR3OQ_uMxHvulCVZPrqTWUYbMcibOZOn7Fv1vWbLjGNPYfcZnvJr5rCfP_ZxdVfQW8HCKzoKpGiO
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F71BD05E10CB4F6CA1DE932D4CA8FDBA&google_push=AaAOQGEcY4CzbkRYMPYn2wuovgu-qR3OQ_uMxHvulCVZPrqTWUYbMcibOZOn7Fv1vWbLjGNPYfcZnvJr5rCfP_Z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F71BD05E10CB4F6CA1DE932D4CA8FDBA&google_push=AaAOQGEcY4CzbkRYMPYn2wuovgu-qR3OQ_uMxHvulCVZPrqTWUYbMcibOZOn7Fv1vWbLjGNPYfcZnvJr5rCfP_ZxdVfQW8HCKzoKpGiO
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 21 Jul 2023 19:10:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F71BD05E10CB4F6CA1DE932D4CA8FDBA&google_push=AaAOQGEcY4CzbkRYMPYn2wuovgu-qR3OQ_uMxHvulCVZPrqTWUYbMcibOZOn7Fv1vWbLjGNPYfcZnvJr5rCfP_ZxdVfQW8HCKzoKpGiO
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 20 Jul 2023 19:10:44 GMT
pixel
cm.g.doubleclick.net/ Frame 466A
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELwki-cOh_Saef214yyFVs0&google_cver=1&google_push=AaAOQGErIVh4kubIwZtduStoTLLUSdcS9Hb8KYr61VdVafSV73A3OQsLAxTElwcIfUOLnZDFID_DaJuOPIN...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGErIVh4kubIwZtduStoTLLUSdcS9Hb8KYr61VdVafSV73A3OQsLAxTElwcIfUOLnZDFID_DaJuOPINPpKxm7qmQoOo8fvXTAsk&google_hm=iOC6-tTyRgK39Zfi5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGErIVh4kubIwZtduStoTLLUSdcS9Hb8KYr61VdVafSV73A3OQsLAxTElwcIfUOLnZDFID_DaJuOPINPpKxm7qmQoOo8fvXTAsk&google_hm=iOC6-tTyRgK39Zfi5JG_i_Y
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:43 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGErIVh4kubIwZtduStoTLLUSdcS9Hb8KYr61VdVafSV73A3OQsLAxTElwcIfUOLnZDFID_DaJuOPINPpKxm7qmQoOo8fvXTAsk&google_hm=iOC6-tTyRgK39Zfi5JG_i_Y
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 466A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECZrCINdIHXjSPdbvnvErLw&google_cver=1&google_push=AaAOQGHnh501nLl8pO2RyB1xTKgbjj55HH5hrHHQvA6q20_DTD1XBefSX8ECkMUbUWyVjrX7tpZgywnJklHpaD...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1ODM1MTQ1NDQ0MjIyMzc1OQ%3D%3D&google_push=AaAOQGHnh501nLl8pO2RyB1xTKgbjj55HH5hrHHQvA6q20_DTD1XBefSX8ECkMUbUWyVjrX7tpZgywnJklHpaDAGci...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1ODM1MTQ1NDQ0MjIyMzc1OQ%3D%3D&google_push=AaAOQGHnh501nLl8pO2RyB1xTKgbjj55HH5hrHHQvA6q20_DTD1XBefSX8ECkMUbUWyVjrX7tpZgywnJklHpaDAGciAXivbBnBb-r018
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1ODM1MTQ1NDQ0MjIyMzc1OQ%3D%3D&google_push=AaAOQGHnh501nLl8pO2RyB1xTKgbjj55HH5hrHHQvA6q20_DTD1XBefSX8ECkMUbUWyVjrX7tpZgywnJklHpaDAGciAXivbBnBb-r018
Date
Fri, 21 Jul 2023 19:10:43 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 466A
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESECY1JcbEE93KPfgIV4v5mqg&google_cver=1&google_push=AaAOQGF_gXoWCUiBobWjj1RhMjBZ6a4jbg2aFWeOxoOvRzRQ5gGI32_ccF6RVAh_bhstqaRrMnJV6FuNVHkL2ka-...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=UXb092lWSCaLrOJ6wpujKg2&google_push=AaAOQGF_gXoWCUiBobWjj1RhMjBZ6a4jbg2aFWeOxoOvRzRQ5gGI32_ccF6RVAh_bhstqaRrMnJV6FuNVHkL2ka-LzSZDIWXbAzmkhKP
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=UXb092lWSCaLrOJ6wpujKg2&google_push=AaAOQGF_gXoWCUiBobWjj1RhMjBZ6a4jbg2aFWeOxoOvRzRQ5gGI32_ccF6RVAh_bhstqaRrMnJV6FuNVHkL2ka-LzSZDIWXbAzmkhKP
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 21 Jul 2023 19:10:44 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=UXb092lWSCaLrOJ6wpujKg2&google_push=AaAOQGF_gXoWCUiBobWjj1RhMjBZ6a4jbg2aFWeOxoOvRzRQ5gGI32_ccF6RVAh_bhstqaRrMnJV6FuNVHkL2ka-LzSZDIWXbAzmkhKP
x-host
tde-deliveryengine-production-75c9d7b6d6-s99kp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 466A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPMn_ATS2WQEtSghU-b34ug&google_cver=1&google_push=AaAOQGFxcCPLaxRa8cfNgPOWu9OA2d9LG-CYFB6TPvNWXwuTej47HDB_ASdJ-oCFTyGSWqcpLVjz8b4YcstFy8gPpzlHMpQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFxcCPLaxRa8cfNgPOWu9OA2d9LG-CYFB6TPvNWXwuTej47HDB_ASdJ-oCFTyGSWqcpLVjz8b4YcstFy8gPpzlHMpQlnGJke4UH&google_hm=eS1zNUh3LmJSRTJwSE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFxcCPLaxRa8cfNgPOWu9OA2d9LG-CYFB6TPvNWXwuTej47HDB_ASdJ-oCFTyGSWqcpLVjz8b4YcstFy8gPpzlHMpQlnGJke4UH&google_hm=eS1zNUh3LmJSRTJwSENuZS4wOC5semo5cVJVWHFEVmN0N35B
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 21 Jul 2023 19:10:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFxcCPLaxRa8cfNgPOWu9OA2d9LG-CYFB6TPvNWXwuTej47HDB_ASdJ-oCFTyGSWqcpLVjz8b4YcstFy8gPpzlHMpQlnGJke4UH&google_hm=eS1zNUh3LmJSRTJwSENuZS4wOC5semo5cVJVWHFEVmN0N35B
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame 466A 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3D%25%25GOOGLE_PUSH%25%25&google_gid=CAESEDnupx557On4XtS7ejSDEp4&google_cver=1&google_push=AaAOQGGoVD4yD3HtOp94nhuZ6qPjzi5QUdNxOBxjmezxoXNYrqp4DzZYJmVKRZRVAy-oEvuoSlRaKLiRjOdlsMiKuimGukkj3OZt8_o
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:43 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
198712
expires
Fri, 21 Jul 2023 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 466A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KrCz_IbvfI7Rmt0-ZzcEbAwGtzG80B7tG6mO4QCmyOgKQJih05zChsCxyvcWz_faDmb10n
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 5FA0 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kn6tt5qnee1w41yyj2y27wx8yqfecjvn0h5cs1a83b425temq8tpq399qr0vsr979xy7zzf5ajpxmw2s01x2z502f90j2ffahhexkhf3t0at797ben0b9xhyx3n3skfbj8t2keaw7q5ffqx57btkfznssjxt4mgk6amfcnymf2knwsy5hz4jc9epbv5r0nehhs4m6s8ckphgbptk9ed3hdvgytap10mqxa79av3vxysys03hjpvhtbacjs83h3qwjybhanca0etswy4zs8knbjavp0rrwzwtdsnvg20hfcb4kspt9hb100awyap91tcc1p4rb41ry604n5gns90qwv3sbks1srnnrdz9rvgg2xwng7k0pqddn237eg6s0m8sgf2dr3m4v5bdpstafnfn7a14zacjf4dj21waannen6va12k&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-5VpM9i6ZIq_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoElAJP0BErL4Qz4KYSSOSfO-TxjYSJw6a68vKcJkBTx4F3YkdKi0S94QdX7n1qrcA-myZ0-Fkqb0G4Jzmt_tYMpUs14JBeVbzr7wlmoLzshjQv4n5M5ezMOub12oGMlWD5NcgOi26D0DnZqaImaRu5hSW9zLR9VzK4HP-soRHzziv7UnVbUKqdCMGRqWSkQr2zaUmsBGV-r26bHOJZCwBc3xckK9aimFg5eTyG641KEfcQv2_5P4MlHe54JOrztY7bNiBhmsbIr-nitdyAxca98dyaosJZREDgcwoLReT775VmZ7v5aFi3X4VjTcpBhpm_Vzs8FvbkUeFpYzS5qWvJxpmeOvDemvxMWod1QP6Ad6CSpelEnWngBAGABpbepJTeoYKahgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3mqg9F4Pgi-eWOuF2wC9YBDx76Gw%26client%3Dca-pub-5144389657785565%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kn6tt5qnee1w41yyj2y27wx8yqfecjvn0h5cs1a83b425temq8tpq399qr0vsr979xy7zzf5ajpxmw2s01x2z502f90j2ffahhexkhf3t0at797ben0b9xhyx3n3skfbj8t2keaw7q5ffqx57btkfznssjxt4mgk6amfcnymf2knwsy5hz4jc9epbv5r0nehhs4m6s8ckphgbptk9ed3hdvgytap10mqxa79av3vxysys03hjpvhtbacjs83h3qwjybhanca0etswy4zs8knbjavp0rrwzwtdsnvg20hfcb4kspt9hb100awyap91tcc1p4rb41ry604n5gns90qwv3sbks1srnnrdz9rvgg2xwng7k0pqddn237eg6s0m8sgf2dr3m4v5bdpstafnfn7a14zacjf4dj21waannen6va12k&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-5VpM9i6ZIq_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoElAJP0BErL4Qz4KYSSOSfO-TxjYSJw6a68vKcJkBTx4F3YkdKi0S94QdX7n1qrcA-myZ0-Fkqb0G4Jzmt_tYMpUs14JBeVbzr7wlmoLzshjQv4n5M5ezMOub12oGMlWD5NcgOi26D0DnZqaImaRu5hSW9zLR9VzK4HP-soRHzziv7UnVbUKqdCMGRqWSkQr2zaUmsBGV-r26bHOJZCwBc3xckK9aimFg5eTyG641KEfcQv2_5P4MlHe54JOrztY7bNiBhmsbIr-nitdyAxca98dyaosJZREDgcwoLReT775VmZ7v5aFi3X4VjTcpBhpm_Vzs8FvbkUeFpYzS5qWvJxpmeOvDemvxMWod1QP6Ad6CSpelEnWngBAGABpbepJTeoYKahgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3mqg9F4Pgi-eWOuF2wC9YBDx76Gw%26client%3Dca-pub-5144389657785565%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
806257
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mp3CS5usqcSXiSrn52y19CAoc8kyv6oZiqnefDSW4dXfB%2BCd96UY7Z0QJjgwuiHyyaNK5369mKbirMZb6J%2Fmmri3HUYhUwaNcZtkRWHHLPuud4Ys8pvpjuzi7CaXCc51AQO9zZVPk4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7ea5bee4fe631e30-FRA
expires
Fri, 21 Jul 2023 20:10:44 GMT
r62eglto.js
ad4m.at/ Frame 5FA0 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kn6tt5qnee1w41yyj2y27wx8yqfecjvn0h5cs1a83b425temq8tpq399qr0vsr979xy7zzf5ajpxmw2s01x2z502f90j2ffahhexkhf3t0at797ben0b9xhyx3n3skfbj8t2keaw7q5ffqx57btkfznssjxt4mgk6amfcnymf2knwsy5hz4jc9epbv5r0nehhs4m6s8ckphgbptk9ed3hdvgytap10mqxa79av3vxysys03hjpvhtbacjs83h3qwjybhanca0etswy4zs8knbjavp0rrwzwtdsnvg20hfcb4kspt9hb100awyap91tcc1p4rb41ry604n5gns90qwv3sbks1srnnrdz9rvgg2xwng7k0pqddn237eg6s0m8sgf2dr3m4v5bdpstafnfn7a14zacjf4dj21waannen6va12k&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-5VpM9i6ZIq_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoElAJP0BErL4Qz4KYSSOSfO-TxjYSJw6a68vKcJkBTx4F3YkdKi0S94QdX7n1qrcA-myZ0-Fkqb0G4Jzmt_tYMpUs14JBeVbzr7wlmoLzshjQv4n5M5ezMOub12oGMlWD5NcgOi26D0DnZqaImaRu5hSW9zLR9VzK4HP-soRHzziv7UnVbUKqdCMGRqWSkQr2zaUmsBGV-r26bHOJZCwBc3xckK9aimFg5eTyG641KEfcQv2_5P4MlHe54JOrztY7bNiBhmsbIr-nitdyAxca98dyaosJZREDgcwoLReT775VmZ7v5aFi3X4VjTcpBhpm_Vzs8FvbkUeFpYzS5qWvJxpmeOvDemvxMWod1QP6Ad6CSpelEnWngBAGABpbepJTeoYKahgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3mqg9F4Pgi-eWOuF2wC9YBDx76Gw%26client%3Dca-pub-5144389657785565%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
268820
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNiugwNIOGStb6p6VLlw9gD%2B3nAQsJZ54mYndePfO4bmyPvpH5odXuUxzrpQ0fmN5m2iJmaTE8ciZOest11DRZI%2BcRVX7v4Uo55gNc4PU5UgFn3IZBcQhCfc7c70WRjReQ%2FtSUA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7ea5bee4fe651e30-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 18 Jul 2023 16:30:13 GMT
truncated
/ Frame 3342 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
decc23d4d2b9e39764e53fef2d9a316c86a7835e6115f0c26c5e1c74e4e3cdfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E0CE 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f33cbf9ef291c51db6380b4f948cec25eb7499b7381568b8c1c708dc9968278

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 02DE 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc3b9560801a452b77ea7c459117de4c65358d244fd160c6372cd08bf76b24b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 3B7C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIP7NqRrgekpsTsKJERQOtI&google_push=AaAOQGGaebP7VKvBeU4oWX-MpOG1PbwsBEV0LHtRrOtch8k3qB2iyHlBju...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIP7NqRrgekpsTsKJERQOtI&google_push=AaAOQGGaebP7VKvBeU4oWX-MpOG1PbwsBEV0LHtRrOtch8k3qB2iyHlBjuseEKVCEayd7eTXKe_5LbWF5gSoOqAwLXXOWULMcgrNxr5j
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230046-FRA
pragma
no-cache
date
Fri, 21 Jul 2023 19:10:44 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1689966644.117585,VS0,VE100
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIP7NqRrgekpsTsKJERQOtI&google_push=AaAOQGGaebP7VKvBeU4oWX-MpOG1PbwsBEV0LHtRrOtch8k3qB2iyHlBjuseEKVCEayd7eTXKe_5LbWF5gSoOqAwLXXOWULMcgrNxr5j
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 3B7C
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEGfrgrumsDs1KQyx808lbZw&google_cver=1&google_push=AaAOQGGlra7DVqpACSYO2kvWDlA-VaURXKlyZIe4UAH6MW1hFkLp7x32O0C9A1YOqjW2LurDNIEYWmWCL1-r9tuXI4fpoieqoMcBYvEZ
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F71BD05E10CB4F6CA1DE932D4CA8FDBA&google_push=AaAOQGGlra7DVqpACSYO2kvWDlA-VaURXKlyZIe4UAH6MW1hFkLp7x32O0C9A1YOqjW2LurDNIEYWmWCL1-r9tu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F71BD05E10CB4F6CA1DE932D4CA8FDBA&google_push=AaAOQGGlra7DVqpACSYO2kvWDlA-VaURXKlyZIe4UAH6MW1hFkLp7x32O0C9A1YOqjW2LurDNIEYWmWCL1-r9tuXI4fpoieqoMcBYvEZ
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 21 Jul 2023 19:10:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F71BD05E10CB4F6CA1DE932D4CA8FDBA&google_push=AaAOQGGlra7DVqpACSYO2kvWDlA-VaURXKlyZIe4UAH6MW1hFkLp7x32O0C9A1YOqjW2LurDNIEYWmWCL1-r9tuXI4fpoieqoMcBYvEZ
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 20 Jul 2023 19:10:44 GMT
google
match.adsrvr.org/track/cmf/ Frame 3B7C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFFb1M1uC26DIJXbVwQI9Vs&google_cver=1&google_push=AaAOQGHUguDZTjmbB9ENpfivllyutRkmJk9B95UqIzLyzthipsG0uCwzr4mNqyw7l0geV-yYa6iG0s_t0ZuSFkY7iT_d55SHWASbgkEe
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Jul 2023 19:10:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 3B7C
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEAEIg-eCEurZ33Gv2A_hZbY&google_cver=1&google_push=AaAOQGHwR-FweNGzQ08jgDXnX8x-64ohb23PQRWO-pfBZVLILArbP0dcY8MOJaKi3UBuloVd244ea2PBz7soWp...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AaAOQGHwR-FweNGzQ08jgDXnX8x-64ohb23PQRWO-pfBZVLILArbP0dcY8MOJaKi3UBuloVd244ea2PBz7soWps-8oMmfC1u2kImtdY&google_hm=hmS62DSycbq_vy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AaAOQGHwR-FweNGzQ08jgDXnX8x-64ohb23PQRWO-pfBZVLILArbP0dcY8MOJaKi3UBuloVd244ea2PBz7soWps-8oMmfC1u2kImtdY&google_hm=hmS62DSycbq_vye53g&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D64BAD834B271BABFBF27B9DEBLIS
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AaAOQGHwR-FweNGzQ08jgDXnX8x-64ohb23PQRWO-pfBZVLILArbP0dcY8MOJaKi3UBuloVd244ea2PBz7soWps-8oMmfC1u2kImtdY&google_hm=hmS62DSycbq_vye53g&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D64BAD834B271BABFBF27B9DEBLIS
date
Fri, 21 Jul 2023 19:10:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3B7C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJVwuBimno7-lTiBzNXOOOw&google_cver=1&google_push=AaAOQGHZ-YOImzs5P_y9SOv55MrDJbTEDw8lxbRpNHnqt_0zERXG60KE0DoRWcYb8zAbCRhxroi06WMZWNoK3LAx5ayT...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJVwuBimno7-lTiBzNXOOOw&google_cver=1&google_push=AaAOQGHZ-YOImzs5P_y9SOv55MrDJbTEDw8lxbRpNHnqt_0zERXG60KE0DoRWcYb8zAbCRhxroi06WMZWNoK3L...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGHZ-YOImzs5P_y9SOv55MrDJbTEDw8lxbRpNHnqt_0zERXG60KE0DoRWcYb8zAbCRhxroi06WMZWNoK3LAx5ayTZpa4EkPXNkQE&google_hm=EkD-i5ItR32BxTLUpIt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGHZ-YOImzs5P_y9SOv55MrDJbTEDw8lxbRpNHnqt_0zERXG60KE0DoRWcYb8zAbCRhxroi06WMZWNoK3LAx5ayTZpa4EkPXNkQE&google_hm=EkD-i5ItR32BxTLUpItyeg==
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGHZ-YOImzs5P_y9SOv55MrDJbTEDw8lxbRpNHnqt_0zERXG60KE0DoRWcYb8zAbCRhxroi06WMZWNoK3LAx5ayTZpa4EkPXNkQE&google_hm=EkD-i5ItR32BxTLUpItyeg==
date
Fri, 21 Jul 2023 19:10:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3B7C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPO8o0XrHVBwrPdMGtugnIg&google_cver=1&google_push=AaAOQGH5CMTKxhHcqNGq7iJXJ_dUkaV92vPJ7yFfi2M_xJb-EEMDFLMc4OZQaznMa-OPj8UzThBZWI3D...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPO8o0XrHVBwrPdMGtugnIg&google_cver=1&google_push=AaAOQGH5CMTKxhHcqNGq7iJXJ_dUkaV92vPJ7yFfi2M_xJb-EEMDFLMc4OZQaznMa-OPj8UzThB...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE4NTYxNzU4MjI0NzIzNTkxOQ&google_push=AaAOQGH5CMTKxhHcqNGq7iJXJ_dUkaV92vPJ7yFfi2M_xJb-EEMDFLMc4OZQaznMa-OPj8UzThBZWI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE4NTYxNzU4MjI0NzIzNTkxOQ&google_push=AaAOQGH5CMTKxhHcqNGq7iJXJ_dUkaV92vPJ7yFfi2M_xJb-EEMDFLMc4OZQaznMa-OPj8UzThBZWI3DR3LUMLCw57ryYcp7074NkN8z
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE4NTYxNzU4MjI0NzIzNTkxOQ&google_push=AaAOQGH5CMTKxhHcqNGq7iJXJ_dUkaV92vPJ7yFfi2M_xJb-EEMDFLMc4OZQaznMa-OPj8UzThBZWI3DR3LUMLCw57ryYcp7074NkN8z
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
report
sync.teads.tv/um/ Frame 3B7C
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEJVbs2cUk1su...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGHyCIxywDlroR952l_OdfLUB-giHU1N0HpM8G1XtJQiiOa4iSyCv2USOGMI7oYrQ1cko4LOv8UOgxUNBOnt7uY9j6WN-ZJzZZ-dog
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

expires
Fri, 21 Jul 2023 19:10:44 GMT
pragma
no-cache
date
Fri, 21 Jul 2023 19:10:44 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 3B7C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ka9MoIMGrMEAGf4OOCIca7fNtosXzq2I3LtjWGgGkevdWfw6FreDAExo1boMoCJVFTWmTcPA
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame F34D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20b7a33246e7f01900b8553817e02266d77b49365d011716f8411d12612ea54d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/png
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A1CB 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3204
x-guploader-uploadid
ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfAPqjmksT7uCFn292YmD547J%2FIOLaBw3S6qogMG3CDsf1w2mrNFDzZN%2Bby8mVMi5lWgcgzWCjR1HH3fcnXF3a9E0DKUuR897BAWx6%2BmRHpXmdM43WvzXFVMHU%2BwNPMNSKqogty2Ffj2zjZPZVrgvmxz"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7ea5bee5d9606946-FRA
expires
Fri, 21 Jul 2023 19:17:20 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame E019 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2666
x-guploader-uploadid
ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HXC5YbA9gUYqDn0OGMBQvUidw3q%2F3QiO3cf05IkEZVC9ffgqo%2Fndn6fzylXy4v0%2FxJzW2vGTJ48vnxrnxOo4gGz1s45JDiwY%2BGFoQ9WqvvUveu4T5aNpasx09TQU%2FiJQe5u9BpTUY7hIFjg6qih8B%2B1%2F"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7ea5bee5e81930f6-FRA
expires
Fri, 21 Jul 2023 19:17:20 GMT
frame.html
ad4m.at/ Frame 3DEA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1035968
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7ea5bee5e8431e30-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 21 Jul 2023 19:10:44 GMT
expires
Sun, 09 Jul 2023 00:24:59 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rdxw6tPSsDG2kCytXnntC%2BEYku5CVNcjuEFb4JfQA3TifzasaDtUGaOx4CL%2F6A7W0%2Fv6m1K1xC0ny1M%2Fu0Dj%2FTPWip8SDnzREGT%2BlI7QtsdccHJxdLqbZjhWD%2BkiEPC%2FHj%2FoSDM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 1504 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2666
x-guploader-uploadid
ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5dXJHossYrKXgDJRWGSW6kG9tEWAbyNeSzsXO0vAM%2FotfdcleXA7gk7lUjD%2BULosBxX6QY5YSpgN%2Fw8qbV8shjPWFQPg4nViMmqejZhl0763WpL9CFCBT3g3WpORdRHwsun2b1Bd8k2FFFFRbUT9Cha"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7ea5bee5e82630f6-FRA
expires
Fri, 21 Jul 2023 19:17:20 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 5FA0 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2666
x-guploader-uploadid
ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYe9BGKtERJd88UjTytuh2BO8KG22kTjA40hDwqq%2FYFjhj3x2stAjCwwpU457TiYlB3SOsXVER9l0RKZD5KQHFJUxzytXVl8x%2FPl%2Br2T3x1HLcbrfW9%2Fspmt2B7mPM5i7iTwgz2v443YNuBo138sUggh"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7ea5bee5e82830f6-FRA
expires
Fri, 21 Jul 2023 19:17:20 GMT
frame.html
ad4m.at/ Frame D4C6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1035968
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7ea5bee5e8481e30-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 21 Jul 2023 19:10:44 GMT
expires
Sun, 09 Jul 2023 00:24:59 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1MJNKleKeZXhdvl0dv34Lzejf163zUgYBizR%2BVKjTDUcwXsRy%2Br8uSoYAeVQCndVVEht57SwerLDeUkzaS%2Bx%2FMCpE6TRIQKot5q7o4RIh5EsJWU%2F4EvvHgjJEbXdaBwiGAP04k%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
frame.html
ad4m.at/ Frame 0508 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1035968
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7ea5bee5f8541e30-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 21 Jul 2023 19:10:44 GMT
expires
Sun, 09 Jul 2023 00:24:59 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYiP8p5zz6VGjU32cPT3Y8Aq7pKkZBR1lQPpFhfmqA1%2FNGXkd6tkenpzDtMLEIecMeMfMmX5SpJwJ%2B9G3Af%2FHS7RnjntyUZrUweL8V00AAQWLQqTLBxJX86ZEzv9%2BFaFrT0Z0iQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
frame.html
ad4m.at/ Frame 6324 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1035968
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7ea5bee5f8581e30-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 21 Jul 2023 19:10:44 GMT
expires
Sun, 09 Jul 2023 00:24:59 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GI6J5f7Gx9EW2OlmTtKN6k5WfLkGnpMA2rZXpsAHoHBhWJLowmocYtuEslVrAVP35NvfsE9idcZ58rxo5wCOq%2BFDqkfOfTVKg4c6JoewblLZHw13lw15op4O8Te2DbIKi2wpVH8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
adview
securepubads.g.doubleclick.net/pagead/ Frame 3342 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CZ_5LM9i6ZIi_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoE_gFP0F1pO3yX67ZzeK1a9e8mcP7zqajDgx-vVyjCHkUr2fBiDi1fWwR1Q9Z9FymkY3BlVDAAikbKp1gkb6bse2j9kLbI5vcHSYG0NVpTHy8pqn34nb7fcQgCrGFa8RtQtE6yhLp0ccXYR4F40XaC6eLeMVD9UcmRSrZz773Wp7ob0ybSCdywsKlRQ2GLel2IN5Nhv-ypp9zjAzJ0kyL5jY9wG-NSi_KUikurnIMMttHBSpxFWUJAxK8K8T_HcrpCO-I4ENnOJLoBJXb-AfOAYc0MlD2ArxifhvCcDIUpcKyHQiUsBk-pxdd-vSy9oL7Yiu6Pdpv9ivrxtNVmBcfYneAEAYAGhpG7mv_1zaN4oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTUxNDQzODk2NTc3ODU1NjUYsJgV&sigh=0tdrmX7-Htw&uach_m=[UACH]&cid=CAQSOwBpAlJW8xrbpvMeyQGEw4r2SomEjm_qcz_rRv2TJrQ7daDBOzCi9xM8pdMsfZxhpK3IvWRUbkfhwRl_GAE&cbvp=2&vis=1
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 3342 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1g4xr0gb0ydgvxraen5ay6vz8wsvjss7f72182p5qzwshwq5v5gm8jejs99wm6grd1v16tpj6pe7v3yzq2wdsgs2xfyd60fndvyjx50afd5145mp0vsn49f71jr58ys7q9dexbbsn5mes00ab2kx1k9mk611nzqw1n9c2rbytgzdmf3m0f3mj6j1y6k08f20m2gkyfw74q7fgrzngrnsakagr3wynj4qaj5g5x9b8qssggpfx4eaqnthp7dvdz3ypwdq47d0nz1vx04jgqq3cxcntehrnp6p1v2bz2rn9vmtqabx39ft4j70bzhhb05hgs1ygpbtq8t6xvfgpwqz49g4z3q6zdg4mqq9d3xzqh96w9pac290jvw4zmttmq6txtcv1j148r&b=ZLrYMwAJ34gH_ZbcAAQga9fgjc_HIWofdSsT1A&cbvp=2
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 21 Jul 2023 19:10:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
adview
securepubads.g.doubleclick.net/pagead/ Frame 02DE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CcXfoM9i6ZIe_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoE_QFP0GHWMcR81Ylc3pgp46uQKqTkWb6HhmzxVcxwi6gxI6xlNRcGlUGTr2dkozjEvaItsvNdYCak_ZEJgwR0u20ySDRCX7k813XVI10T2GB8gDjKaNhyiZglCB8c1ihqDpLS6bSQrcaBdV4DGiaz008ZL9_4lH7YIxeZqgqieoP0MuwFv_x9dX_KyfZ9zna5BYB-jAG7UjgCp97MUGuKU1Ppga3immHuI7TzLCGU-QAgMrINhLvFzKNUYYVlS_46XA7m-mqdFjTZYomYCvoiWwRwqMlJ4eh-Z1DYFGyHZnraXJLUm3uoZnlNSNqwHwIU7GFUwjCdt4nIUdF8cjQS4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTUxNDQzODk2NTc3ODU1NjUYsJgV&sigh=OKVwQweuhyE&uach_m=[UACH]&cid=CAQSOwBpAlJW8xrbpvMeyQGEw4r2SomEjm_qcz_rRv2TJrQ7daDBOzCi9xM8pdMsfZxhpK3IvWRUbkfhwRl_GAE&cbvp=2&vis=1
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 02DE 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1kx4a7ddn007zbccmh5f4w2d074km1pbenagdk0ay7zsvfv5mn0kfvbqk6dmx74xg9tadb2s45q4hpqy6f1nzfvwacd5zy8q9hx0xs4n7400b6wt6j3hwmt3xpgdghdx8m0152vfj5tt8hb6txyz7jafj4p1ayrmmtkgzegsy6be7nxn3fzypr707xsyvxcfqegh2nsfbsrwyazt7hwg36c9h8928knshqwe871qdcp77bpbeze26k5zmsg0f1njha88ejy04bkjwn3b8rfyavwk7q61ctzzjpvmrhmzznpqvgm8rkdjz7hp3vszyerr89a70k4g05tw8h6mk2anttja50k1pzvh8tvcx0g4yxwmqe3s7fcf4bmp145prj4ntjvavfrc30&b=ZLrYMwAJ34cH_ZbcAAQgawWa4X4JqwV1Q3LMyQ&cbvp=2
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 21 Jul 2023 19:10:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
adview
securepubads.g.doubleclick.net/pagead/ Frame E0CE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CfuMJM9i6ZIq_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEkQJP0BErL4Qz4KYSSOSfO-TxjYSJw6a68vKcJkBTx4F3YkdKi0S94QdX7n1qrcA-myZ0-Fkqb0G4Jzmt_tYMpUs14JBeVbzr7wlmoLzshjQv4n5M5ezMOub12oGMlWD5NcgOi26D0DnZqaImaRu5hSW9zLR9VzK4HP-soRHzziv7UnVbUKqdCMGRqWSkQr2zaUmsBGV-r26bHOJZCwBc3xckK9aimFg5eTyG641KEfcQv2_5P4MlHe54JOrztY7bNiBhmsbIr-nitdyAxca98dyaosJZREDgcwoLReT775VmZ7v5aFi3X4VjTcpBxJuexezFkbYs1qn_uX0rW1LdzDSUFOgDGj4FyH_hXtKYonwN5SHgBAGABpbepJTeoYKahgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTE0NDM4OTY1Nzc4NTU2NRiwmBU&sigh=IVBkoeve9YU&uach_m=[UACH]&cid=CAQSOwBpAlJW8xrbpvMeyQGEw4r2SomEjm_qcz_rRv2TJrQ7daDBOzCi9xM8pdMsfZxhpK3IvWRUbkfhwRl_GAE&cbvp=2&vis=1
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame E0CE 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1ghmmrcnpj5zq9xcc5s9tfj5r3m7qy8sq64b25x6hfh5za10cfyqvn2yx26taq8vta06mkd8eczb1f9xz276z334hxbvn5ycsw9sfjwfhd6235k0dg781ank987qm1aabzsj6mxx55fay52cvfcdr6qxqyb0mfxv7qenw2rnnsvmn000vxhgngqv71v5k077r9nv0q1mq3145mf4sfaeeyf9qz298gvaqwxr1knmfw38fwx7fxd5qf5p1mpeengn8x95k6zcfn4q0vcanppqzgwsefnab35sr1z0xwys7fjexs957zteshgcpmv7qzb2qd4p72z08w7fk66259bpsaz77yd4xmf6f7tfxc8dabxx8jtxdm5g852bjwj9q1hgyc3jmeq4qm&b=ZLrYMwAJ34oH_ZbcAAQga8FbxR29q_XJpKmc3A&cbvp=2
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 21 Jul 2023 19:10:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
adview
securepubads.g.doubleclick.net/pagead/ Frame F34D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CIKc0M9i6ZIm_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEhwJP0MyASFGl1c5ginUxYDANj1F2ylqaEEg7IT9maQIdqW4bARAt_XtQHBvEJu3MiHw3g7c8tMQhPzFQwIsvzbqIRHp4qAgUt4euCG_x4JfCMwx7_hvy2s4M-q_uxwyM7ICimDCfNPTrVZdDk0WsExIq0n0OWTGwXdst00EDxQwO3aQ_vQOW-2CElQLmc7LbmbKHsZLeZgF5xcMDM1Crw6028WjFE-f2U8h5QMXoIWmNGYeL-dNWwwri4jAC-naGZpIdPVsusT7sL_FOu5Do617PSwAPxqSYIPnoSUGh4sT3NPqoVZKVoJnL0vJ4xHdVq41myrkF975TVlTK9IjGioJ0tqQMRt7GNOAEAYAGkvWh6ZqGvtcWoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTUxNDQzODk2NTc3ODU1NjUYsJgV&sigh=LW06y6aPAc4&uach_m=[UACH]&cid=CAQSOwBpAlJW8xrbpvMeyQGEw4r2SomEjm_qcz_rRv2TJrQ7daDBOzCi9xM8pdMsfZxhpK3IvWRUbkfhwRl_GAE&cbvp=2&vis=1
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame F34D 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1h4ktfz3pad9xfcncf9wx9sjvhkmnd4wpy541yy8sdf2pas9yf8sxjx5tr50dmh4wa3kv123dyrgp79sct3r1htraw0ee5vrbhn33825c5gfqgf2fq6h75h60atcw568p4rt117zhyn26wcerghx6bnfnd1zz8nh0q95kh15w498w1kbzq0ha5hmt2670j1p3ebktqpsxw76k2ge48yvecde0mgr1h0fv2d16jfw2tn9d07hn1hvmf4902pz0vt9rsrx0m9fw99e38jejvn7k8kydvn2nfb6rjyarkee23mkxdf61yg9cvd5hg0k7wpwm1cg9twkdyb57ey95w3kxgpwzjxzmxgg60h8bgmjnhbffm0ghcj7w4vn6mds0v3hmwrgk2d2a0n6hyg&b=ZLrYMwAJ34kH_ZbcAAQga_nEmdavQy8jnVoiOA&cbvp=2
Requested by
Host: c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
URL: https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 21 Jul 2023 19:10:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
rs
ad4m.at/ Frame E019 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4945bee5c64f638c99c8acdc2eb4fe3e84637be1f0428ccb2e4efe38f5071e02

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5YgnRCoM22uTVptBXcGzKSV6IKakUt1%2BFfyLurkX%2B%2Fb7UIy5NMoRVgV%2BJqP6ZagxyukH2h6bzOlxocYQg7ybNUTA571sz6vu8nMNWGMwBRxRtl%2FtLBz6hwMV2FFLoiJgDS3HCI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7ea5bee67c936983-FRA
x-backend-server
aa-reachservice-group-europe-west1-x91n
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7ea5bee64c356983-FRA
content-length
24
content-type
text/plain
date
Fri, 21 Jul 2023 19:10:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZqaagugpw2AQYTFFpODk2PB4eu1AXOqwTzxKjNBR7gnk8pWE6V108Ojk954u6dITnFebe5Qtj1Ct7g%2BahaEdz2AxOyiQopG37Xgj%2FazMz6qXUODAXZazlD5VGgs9SvQKEYXcJ4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-x91n
rs
ad4m.at/ Frame A1CB 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10e4263a3d186abe0dc93a846313bcc2afad986c721d7298447c897ceda52ef3

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NdO5jr9JaFVfu4BaCiLB3ji%2F5PJJfNZyAL3k%2FLKXs6QnXAwrdy7R0WFnhyTYpJl34%2FySL%2BPQIJEc2Zg0BhGE8%2FMKlrkGnj5JY7XyiYhfddEejj5g%2BZrdY65qNMFc%2BBSkXASC4pc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7ea5bee67c886983-FRA
x-backend-server
aa-reachservice-group-europe-west1-rz5b
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7ea5bee64c366983-FRA
content-length
24
content-type
text/plain
date
Fri, 21 Jul 2023 19:10:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3l%2BjY42RD2Xb5gvbzthfoOypoXofIg78YMrrUFrmLpV7oXqGFWwqMzJbuAg3Kf%2FfMnwl4qF%2BLvQoOBVN%2BEGTgu2cnEB4c0FZAClKEc2EVctHdWrN0RF2EHQUKOuHsSp%2FUBUnoM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-x91n
rs
ad4m.at/ Frame 5FA0 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52184cd43bbd52529bce9c0e2210613e47f8a8e144429681b0811ae46a936656

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SwDrjykE%2BP9pZmCcMHoEbITxt9%2F6PErkUrfet7H3eR4POXsksbg8HmfpKhvJHVT5E0JiYTB79edFcAx5ES%2BlvDzTBxDka0XLMJU6EYJc8NKF1yM%2BJQhRlEXAuyQbbduEDwDTLEM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7ea5bee67c8d6983-FRA
x-backend-server
aa-reachservice-group-europe-west1-x91n
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7ea5bee64c386983-FRA
content-length
24
content-type
text/plain
date
Fri, 21 Jul 2023 19:10:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zB4y9eowK7%2FDsscpzFWjG1xbV7t2I027O6t6O95yaMg%2BxhkpwgT8Ra01Sles0FV0CkbsexGfXh90GwvvBtyfNlTYpITKz91r9n26nzvBJIUPuJzlG2hzdUIgin%2ByL2BS2qVsHrA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-rz5b
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7ea5bee64c3a6983-FRA
content-length
24
content-type
text/plain
date
Fri, 21 Jul 2023 19:10:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xndjHXf45qwA2jIhELe0EDD5N%2FmwcNKelAIBjUgzxFwlgMjm6eLpNL2F4sGcXHP2Gee88JkTndlSYiNIehagTDwu3eQQ4CqHhaPsinlzKIf%2BatDUGCKPSCUk7NtywOW9RsoFygk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-rz5b
rs
ad4m.at/ Frame 1504 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
683ce8e56410f4a95a1b3aa3b105175e539916b9c6a88682907937439d9b7e76

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZkpJB4xi5ed3np5LAq24ud93589O57GQ2X03flCFVbLZeaMzVDZXEY4mY9xxYr8Mzw9WsqWBtJED%2FnkkXFEKwm%2F8Gmgb5Pdxd8BGn%2BXRBJH1Vod6%2FbLmu91YbJ8H1XhR64I5hk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7ea5bee67c906983-FRA
x-backend-server
aa-reachservice-group-europe-west1-x91n
alt-svc
h3=":443"; ma=86400
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307110101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba03acc1b27410fe6f06c98363fdb0501f64dda2fbf95791e586d6e3e866affa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11665
x-xss-protection
0
ct.html
ct.pinterest.com/ Frame 10F6 		565 B
581 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.bd3e0b05.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://blog.paleohacks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

akamai-grn
0.ccd5ce17.1689966644.8f9117d
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Fri, 21 Jul 2023 19:10:44 GMT
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
vary
Accept-Encoding
x-cdn
akamai
x-envoy-upstream-service-time
0
x-pinterest-rid
3681079814916745
rar
as.ad4m.at/ad/ Frame D3CE 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=192347%2C19491%2C117569&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=728&d=90&e=&g=d1d0b3cb090a29805ed3c9b1ca5df8db%2F7193449840633158726&i=20774%2C20773%2C29981&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1689966644160&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jv522n7hz5mt4d4a810qyv41jvw2ddrb2vxyxhjpdhp8vgjs6e1bpm3afp96vn0sgsypmrf7axhvqn86jq7pm4mje7zxa1w5971b0qwtkyrhb7776051a3frmephv6ck6aracg4vhxxegf9n3f1kytcwnm9q9yxhq1rgzrfy4mez4w6nrawmw32srmrtz8zg0jvaf3429xxnpk94d7y49bz8sap7q64nnbypbvked961z1xg312nqrzgf4d44qq4tdn6k0x34716cftc0kg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8P5aM9i6ZIe_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgAJP0GHWMcR81Ylc3pgp46uQKqTkWb6HhmzxVcxwi6gxI6xlNRcGlUGTr2dkozjEvaItsvNdYCak_ZEJgwR0u20ySDRCX7k813XVI10T2GB8gDjKaNhyiZglCB8c1ihqDpLS6bSQrcaBdV4DGiaz008ZL9_4lH7YIxeZqgqieoP0MuwFv_x9dX_KyfZ9zna5BYB-jAG7UjgCp97MUGuKU1Ppga3immHuI7TzLCGU-QAgMrINhLvFzKNUYYVlS_46XA7m-mqdFjTZYomYCvoiWwRwqMlJ4eh-ZxLaNf5Qn_2alBWcDaHh9It0XNAdFSwMMeGWi6JlI5fkSQSg7XTavVfe4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2YXOyBCuxPX0M8hb04dTiy3pGF_Q%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd369723121fb6cd727c0b440fb544db43a2408ba63f029cf804f88fcf52b0b6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1jfzq3n978rqhz86vaq04bv946wt4kakznvhrfj58mxfwnqdzw8pcbxecn68ajbh1khfaszv6zwbebj4jew7699gp0spr63z3fmty5zxsy8qejv45aar81wd8e1mt65vfxg7zwephjh8qjc54c8z2dk1eat7yshnxp1n8f0xdjnzjynh952cwpbe0ehq8m0qj7gh0mfrs682ev1vjt1zz4sxmdzzcr5d3fdr6wfzxea36fxzaj9djtqzvkkdf4kt59wj1bj5k39p5gm9gsk29whw3pxy779wg8nkr6597c9wj2qw7nvh4ke3x7zqxgbpeqwq23y0er17qccv7t3aq94g477qbgwfw4xhg5z453xk02tck7m0ka5qp2rkym990ewna1mf74yf623pf5my8dh1e4q5tserbjyn5z52tgm1saq3fd80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8P5aM9i6ZIe_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgAJP0GHWMcR81Ylc3pgp46uQKqTkWb6HhmzxVcxwi6gxI6xlNRcGlUGTr2dkozjEvaItsvNdYCak_ZEJgwR0u20ySDRCX7k813XVI10T2GB8gDjKaNhyiZglCB8c1ihqDpLS6bSQrcaBdV4DGiaz008ZL9_4lH7YIxeZqgqieoP0MuwFv_x9dX_KyfZ9zna5BYB-jAG7UjgCp97MUGuKU1Ppga3immHuI7TzLCGU-QAgMrINhLvFzKNUYYVlS_46XA7m-mqdFjTZYomYCvoiWwRwqMlJ4eh-ZxLaNf5Qn_2alBWcDaHh9It0XNAdFSwMMeGWi6JlI5fkSQSg7XTavVfe4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2YXOyBCuxPX0M8hb04dTiy3pGF_Q%26client%3Dca-pub-5144389657785565%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7ea5bee85d811e30-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 21 Jul 2023 19:10:44 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
Popup-okt2017_-_rev-Breakfast_Recipes.jpg
blog.paleohacks.com/wp-content/uploads/2017/11/ 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.paleohacks.com/wp-content/uploads/2017/11/Popup-okt2017_-_rev-Breakfast_Recipes.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbf05c8de07965683efe374781f65e16d8afebbf1845634115d695e20693aa3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/protein-smoothies/?mpcampaignid=10048221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Jul 2023 19:10:45 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Nov 2019 20:38:12 GMT
server
cloudflare
etag
"5dc723b4-19a6b"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7ea5bee8598f1c7f-FRA
alt-svc
h3=":443"; ma=86400
content-length
105067
expires
Sun, 20 Aug 2023 19:10:44 GMT
rar
as.ad4m.at/ad/ Frame 688A 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14019&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1&c=300&d=50&e=&g=553bc22f9e04fe0ee8d6f54e31b87b70%2F3308937503420575864&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1689966644256&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxm7zw2mhzcery9e1jb43n1h3jj4yrtfv3j91smnkm02478zh2m05qz5qzvjkcnnx1hfdgke66ygtcqvmfs9rp4ea67ad7q0gtz7pgmpgk9e5d9jmxfgtxzfkjk1hy6wbtx0awh065ef4xphccm55jfe6jmrm4841q1yhd8fvafwjcsjqvv52xq9shhshw5wme9y11gmqh4g9a00t8wvvyydsaxw91nzwm9gwrd2e82fqzhwx1k6kftztnvs0q4xbw1rhhaw1msxb04ys80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-5VpM9i6ZIq_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoElAJP0BErL4Qz4KYSSOSfO-TxjYSJw6a68vKcJkBTx4F3YkdKi0S94QdX7n1qrcA-myZ0-Fkqb0G4Jzmt_tYMpUs14JBeVbzr7wlmoLzshjQv4n5M5ezMOub12oGMlWD5NcgOi26D0DnZqaImaRu5hSW9zLR9VzK4HP-soRHzziv7UnVbUKqdCMGRqWSkQr2zaUmsBGV-r26bHOJZCwBc3xckK9aimFg5eTyG641KEfcQv2_5P4MlHe54JOrztY7bNiBhmsbIr-nitdyAxca98dyaosJZREDgcwoLReT775VmZ7v5aFi3X4VjTcpBhpm_Vzs8FvbkUeFpYzS5qWvJxpmeOvDemvxMWod1QP6Ad6CSpelEnWngBAGABpbepJTeoYKahgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3mqg9F4Pgi-eWOuF2wC9YBDx76Gw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd91d4679e225414d5a07156c2406b1195778c3f30f30bedd0c403c6b403995e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1kn6tt5qnee1w41yyj2y27wx8yqfecjvn0h5cs1a83b425temq8tpq399qr0vsr979xy7zzf5ajpxmw2s01x2z502f90j2ffahhexkhf3t0at797ben0b9xhyx3n3skfbj8t2keaw7q5ffqx57btkfznssjxt4mgk6amfcnymf2knwsy5hz4jc9epbv5r0nehhs4m6s8ckphgbptk9ed3hdvgytap10mqxa79av3vxysys03hjpvhtbacjs83h3qwjybhanca0etswy4zs8knbjavp0rrwzwtdsnvg20hfcb4kspt9hb100awyap91tcc1p4rb41ry604n5gns90qwv3sbks1srnnrdz9rvgg2xwng7k0pqddn237eg6s0m8sgf2dr3m4v5bdpstafnfn7a14zacjf4dj21waannen6va12k&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-5VpM9i6ZIq_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoElAJP0BErL4Qz4KYSSOSfO-TxjYSJw6a68vKcJkBTx4F3YkdKi0S94QdX7n1qrcA-myZ0-Fkqb0G4Jzmt_tYMpUs14JBeVbzr7wlmoLzshjQv4n5M5ezMOub12oGMlWD5NcgOi26D0DnZqaImaRu5hSW9zLR9VzK4HP-soRHzziv7UnVbUKqdCMGRqWSkQr2zaUmsBGV-r26bHOJZCwBc3xckK9aimFg5eTyG641KEfcQv2_5P4MlHe54JOrztY7bNiBhmsbIr-nitdyAxca98dyaosJZREDgcwoLReT775VmZ7v5aFi3X4VjTcpBhpm_Vzs8FvbkUeFpYzS5qWvJxpmeOvDemvxMWod1QP6Ad6CSpelEnWngBAGABpbepJTeoYKahgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3mqg9F4Pgi-eWOuF2wC9YBDx76Gw%26client%3Dca-pub-5144389657785565%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7ea5bee86d8b1e30-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 21 Jul 2023 19:10:44 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 9674 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=117569%2C23576%2C34719&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=800&d=250&e=&g=2f88be73158720a9766a3c46f8b3be2e%2F3673517890145743693&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1689966644257&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gp140t5m7y1f7qnq3j3fz6d8php3qxbsf7ts879zjdkjgpp1mmxezaxvgt3gvwqvcbxpkgejwh165dv4e9a7hjcbqccsr7g9bgp7jxg3n6ng832b3khvtd9c9htn8wd614pwy29etzzfdk451krnp8pys6aqzvagra7wk80nd0es7xrt9rfy54ve5mqe3x10sbn7w5qkdjh9rahw2t80djx1phzjcc1xty6sy8bn04d83t7ne5dcjp319jhp8e8jn403t7egfpx5aak4mjy0fmt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiT-SM9i6ZIm_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEigJP0MyASFGl1c5ginUxYDANj1F2ylqaEEg7IT9maQIdqW4bARAt_XtQHBvEJu3MiHw3g7c8tMQhPzFQwIsvzbqIRHp4qAgUt4euCG_x4JfCMwx7_hvy2s4M-q_uxwyM7ICimDCfNPTrVZdDk0WsExIq0n0OWTGwXdst00EDxQwO3aQ_vQOW-2CElQLmc7LbmbKHsZLeZgF5xcMDM1Crw6028WjFE-f2U8h5QMXoIWmNGYeL-dNWwwri4jAC-naGZpIdPVsusT7sL_FOu5Do617PSwAPxqSYIPnoSUGh4sT3NPrqV7MHd2BMkjr_jOGP4h-U860PWrR9TolKNsFUchZqmrzZmkGG_PjRWeAEAYAGkvWh6ZqGvtcWoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0yKEy7pq4STHDcHe-LdYt2quKDFg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3cd62f0f64543cb7a9a820ed1e08cfab1e97c646ef12a47f5fc33cd11b227a6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1hnb3jc6p52zbbncd6w6rjf9k1870qedcjh22p1j70jzxfc17xw82x9ad2adyss98f125h2b4pjp4yvmx60y0dpqwgpsbxabbzcb1xs0nbvr3w8k7ebtag5nsr9mecqxpvx8c2am39f5fza9d41d98fd8299kprm3nn4ysa0c98awpen24w5cw6excry7gbyv0vjx3w3q4bjpgmza02zd1tkwpygks6pprn1669s1yzdegm4p2kdc21722t8c7p4d6732gsfpwgrcf0s61nzsz3k44v01f1w5sv0c76nesxgqyjn4q84qae9pcn91g0x9v3tv1mpep2ek7v79jawx4dqn0pgyyvs6kma9s9zc48d8xd0g502x833dc4w9gq2t2z862cd0wmnybcnzc8gj8ydwzrw7rdf693exrxf474cs85eryjhx15726aymajh4gzkd605k4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiT-SM9i6ZIm_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEigJP0MyASFGl1c5ginUxYDANj1F2ylqaEEg7IT9maQIdqW4bARAt_XtQHBvEJu3MiHw3g7c8tMQhPzFQwIsvzbqIRHp4qAgUt4euCG_x4JfCMwx7_hvy2s4M-q_uxwyM7ICimDCfNPTrVZdDk0WsExIq0n0OWTGwXdst00EDxQwO3aQ_vQOW-2CElQLmc7LbmbKHsZLeZgF5xcMDM1Crw6028WjFE-f2U8h5QMXoIWmNGYeL-dNWwwri4jAC-naGZpIdPVsusT7sL_FOu5Do617PSwAPxqSYIPnoSUGh4sT3NPrqV7MHd2BMkjr_jOGP4h-U860PWrR9TolKNsFUchZqmrzZmkGG_PjRWeAEAYAGkvWh6ZqGvtcWoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0yKEy7pq4STHDcHe-LdYt2quKDFg%26client%3Dca-pub-5144389657785565%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7ea5bee86d8e1e30-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 21 Jul 2023 19:10:44 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame E970 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=13957%2C183975%2C34719&b=YxGfrf3f9RxFVH9HetQtRR8ckS1T4pJcJQ%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=q4VSmfWfbPBuZHgHDtRCXXxaeSgTA2japQ%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=728&d=90&e=&g=4c6712363cc1126424080b1ca6a45b04%2F1009454974025483350&i=20774%2C20597%2C26474&j=14%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1689966644256&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g06wskc7mphr6eketntsjk2mk7b6w5w7rw4mqhzqbsedgceh1qzj01xvxxmm12j2jm12vje1xzvbq25hzs6tfc11x2bejcjktqhkp1tnbfvam6gyp0nfvc2dfq278bgzx3we3dwjzjb7dgtzsxg03czegh32z5s54wb73stdnw6bhr19qba3b591s586ws18ttet3jznv9px852tjnjpyradz9swmfvr426gkh90sas5p2w49rwaqn8y9mndzsndp2tz2v0n272k8e6g93g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvevWM9i6ZIi_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgQJP0F1pO3yX67ZzeK1a9e8mcP7zqajDgx-vVyjCHkUr2fBiDi1fWwR1Q9Z9FymkY3BlVDAAikbKp1gkb6bse2j9kLbI5vcHSYG0NVpTHy8pqn34nb7fcQgCrGFa8RtQtE6yhLp0ccXYR4F40XaC6eLeMVD9UcmRSrZz773Wp7ob0ybSCdywsKlRQ2GLel2IN5Nhv-ypp9zjAzJ0kyL5jY9wG-NSi_KUikurnIMMttHBSpxFWUJAxK8K8T_HcrpCO-I4ENnOJLoBJXb-AfOAYc0MlD2ArxifhvDeDqS7p1UAAu2rTtlzjEWMhDi3DbT2kjMPtNJvcm7vmM2z2ViYVWUDV-AEAYAGhpG7mv_1zaN4oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1Vle0Y0JIAlvdm_9HUfcsqcQBCgA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab41794b991bbf04516440dc95a8019e66fc13201a179b2bcef107a70858783
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1ke5scfjqadcvm9g58s9zas2wddcprec5tzrcawqmvp9wt53jf6axed26mw81d11791vbe09nyapc93qgcdwsctk5dac8gc37h4qjaj0yjpfdrv7qam84s41akw7dmqk2d1pbkybn79w6apzx224cc7m6ba6ykwbxes8v9d9fdzs9gjpqcqyw41xed6ht0bhvgcdvecpw6hh7jxgnre7b6j1jjwygyjmav857tn26ey7wzejddy0yeydrx993ea7wec75w9e2y6ta9a1txp6z386mwf3kmpgcs1qy8avs8evh18nhn1w9ta8yb8r037vszqahza4r5m8cstjmx55k9a4gdbjt1rp28qrkfgc4ssq534qvm0qfd07hrqnkpwf90swg4w2grg2v86mdgbd9kmzqys6mw54068x8yrmxj3m4y65&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvevWM9i6ZIi_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgQJP0F1pO3yX67ZzeK1a9e8mcP7zqajDgx-vVyjCHkUr2fBiDi1fWwR1Q9Z9FymkY3BlVDAAikbKp1gkb6bse2j9kLbI5vcHSYG0NVpTHy8pqn34nb7fcQgCrGFa8RtQtE6yhLp0ccXYR4F40XaC6eLeMVD9UcmRSrZz773Wp7ob0ybSCdywsKlRQ2GLel2IN5Nhv-ypp9zjAzJ0kyL5jY9wG-NSi_KUikurnIMMttHBSpxFWUJAxK8K8T_HcrpCO-I4ENnOJLoBJXb-AfOAYc0MlD2ArxifhvDeDqS7p1UAAu2rTtlzjEWMhDi3DbT2kjMPtNJvcm7vmM2z2ViYVWUDV-AEAYAGhpG7mv_1zaN4oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Vle0Y0JIAlvdm_9HUfcsqcQBCgA%26client%3Dca-pub-5144389657785565%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7ea5bee86d931e30-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 21 Jul 2023 19:10:44 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame D3CE 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C117569&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=728&d=90&e=&g=d1d0b3cb090a29805ed3c9b1ca5df8db%2F7193449840633158726&i=20774%2C20773%2C29981&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1689966644160&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jv522n7hz5mt4d4a810qyv41jvw2ddrb2vxyxhjpdhp8vgjs6e1bpm3afp96vn0sgsypmrf7axhvqn86jq7pm4mje7zxa1w5971b0qwtkyrhb7776051a3frmephv6ck6aracg4vhxxegf9n3f1kytcwnm9q9yxhq1rgzrfy4mez4w6nrawmw32srmrtz8zg0jvaf3429xxnpk94d7y49bz8sap7q64nnbypbvked961z1xg312nqrzgf4d44qq4tdn6k0x34716cftc0kg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8P5aM9i6ZIe_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgAJP0GHWMcR81Ylc3pgp46uQKqTkWb6HhmzxVcxwi6gxI6xlNRcGlUGTr2dkozjEvaItsvNdYCak_ZEJgwR0u20ySDRCX7k813XVI10T2GB8gDjKaNhyiZglCB8c1ihqDpLS6bSQrcaBdV4DGiaz008ZL9_4lH7YIxeZqgqieoP0MuwFv_x9dX_KyfZ9zna5BYB-jAG7UjgCp97MUGuKU1Ppga3immHuI7TzLCGU-QAgMrINhLvFzKNUYYVlS_46XA7m-mqdFjTZYomYCvoiWwRwqMlJ4eh-ZxLaNf5Qn_2alBWcDaHh9It0XNAdFSwMMeGWi6JlI5fkSQSg7XTavVfe4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2YXOyBCuxPX0M8hb04dTiy3pGF_Q%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=192347%2C19491%2C117569&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=728&d=90&e=&g=d1d0b3cb090a29805ed3c9b1ca5df8db%2F7193449840633158726&i=20774%2C20773%2C29981&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1689966644160&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jv522n7hz5mt4d4a810qyv41jvw2ddrb2vxyxhjpdhp8vgjs6e1bpm3afp96vn0sgsypmrf7axhvqn86jq7pm4mje7zxa1w5971b0qwtkyrhb7776051a3frmephv6ck6aracg4vhxxegf9n3f1kytcwnm9q9yxhq1rgzrfy4mez4w6nrawmw32srmrtz8zg0jvaf3429xxnpk94d7y49bz8sap7q64nnbypbvked961z1xg312nqrzgf4d44qq4tdn6k0x34716cftc0kg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8P5aM9i6ZIe_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgAJP0GHWMcR81Ylc3pgp46uQKqTkWb6HhmzxVcxwi6gxI6xlNRcGlUGTr2dkozjEvaItsvNdYCak_ZEJgwR0u20ySDRCX7k813XVI10T2GB8gDjKaNhyiZglCB8c1ihqDpLS6bSQrcaBdV4DGiaz008ZL9_4lH7YIxeZqgqieoP0MuwFv_x9dX_KyfZ9zna5BYB-jAG7UjgCp97MUGuKU1Ppga3immHuI7TzLCGU-QAgMrINhLvFzKNUYYVlS_46XA7m-mqdFjTZYomYCvoiWwRwqMlJ4eh-ZxLaNf5Qn_2alBWcDaHh9It0XNAdFSwMMeGWi6JlI5fkSQSg7XTavVfe4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2YXOyBCuxPX0M8hb04dTiy3pGF_Q%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
806257
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVOXQUnM%2FeGBeQapcK2T5Ax7td4aeQmUkSPcuZ0fot%2BRRq394EtjtSVyt2SP9AB3iqYVp6qIZHF9vTvPnlh1HZzjlRyVLoulaKm44%2Fn2FRFDHWdX41sjX0oNs4iRZvBwbWGE8G3upiw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7ea5bee89dd61e30-FRA
expires
Fri, 21 Jul 2023 20:10:44 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame D3CE 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C117569&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=728&d=90&e=&g=d1d0b3cb090a29805ed3c9b1ca5df8db%2F7193449840633158726&i=20774%2C20773%2C29981&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1689966644160&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jv522n7hz5mt4d4a810qyv41jvw2ddrb2vxyxhjpdhp8vgjs6e1bpm3afp96vn0sgsypmrf7axhvqn86jq7pm4mje7zxa1w5971b0qwtkyrhb7776051a3frmephv6ck6aracg4vhxxegf9n3f1kytcwnm9q9yxhq1rgzrfy4mez4w6nrawmw32srmrtz8zg0jvaf3429xxnpk94d7y49bz8sap7q64nnbypbvked961z1xg312nqrzgf4d44qq4tdn6k0x34716cftc0kg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8P5aM9i6ZIe_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgAJP0GHWMcR81Ylc3pgp46uQKqTkWb6HhmzxVcxwi6gxI6xlNRcGlUGTr2dkozjEvaItsvNdYCak_ZEJgwR0u20ySDRCX7k813XVI10T2GB8gDjKaNhyiZglCB8c1ihqDpLS6bSQrcaBdV4DGiaz008ZL9_4lH7YIxeZqgqieoP0MuwFv_x9dX_KyfZ9zna5BYB-jAG7UjgCp97MUGuKU1Ppga3immHuI7TzLCGU-QAgMrINhLvFzKNUYYVlS_46XA7m-mqdFjTZYomYCvoiWwRwqMlJ4eh-ZxLaNf5Qn_2alBWcDaHh9It0XNAdFSwMMeGWi6JlI5fkSQSg7XTavVfe4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2YXOyBCuxPX0M8hb04dTiy3pGF_Q%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1638544
cf-polished
origSize=115129, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
75430
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTL1VopcX7QpvMwdVQTjXQUfjXDzl5YxxVykwydejRO5ZqAHjo3443l%2BIlOiet86yrvyZ3aVAVQWPv8qB%2Fie%2FyYFUdWEdH6WzxJR2dorhzu6gpdyY4YO8xGZiCxU2I1i2XynFo7om6lwM5MG"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ea5bee89de21e30-FRA
expires
Sat, 22 Jul 2023 19:10:44 GMT
0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
assets.ad4m.at/ Frame D3CE 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C117569&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=728&d=90&e=&g=d1d0b3cb090a29805ed3c9b1ca5df8db%2F7193449840633158726&i=20774%2C20773%2C29981&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1689966644160&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jv522n7hz5mt4d4a810qyv41jvw2ddrb2vxyxhjpdhp8vgjs6e1bpm3afp96vn0sgsypmrf7axhvqn86jq7pm4mje7zxa1w5971b0qwtkyrhb7776051a3frmephv6ck6aracg4vhxxegf9n3f1kytcwnm9q9yxhq1rgzrfy4mez4w6nrawmw32srmrtz8zg0jvaf3429xxnpk94d7y49bz8sap7q64nnbypbvked961z1xg312nqrzgf4d44qq4tdn6k0x34716cftc0kg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8P5aM9i6ZIe_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgAJP0GHWMcR81Ylc3pgp46uQKqTkWb6HhmzxVcxwi6gxI6xlNRcGlUGTr2dkozjEvaItsvNdYCak_ZEJgwR0u20ySDRCX7k813XVI10T2GB8gDjKaNhyiZglCB8c1ihqDpLS6bSQrcaBdV4DGiaz008ZL9_4lH7YIxeZqgqieoP0MuwFv_x9dX_KyfZ9zna5BYB-jAG7UjgCp97MUGuKU1Ppga3immHuI7TzLCGU-QAgMrINhLvFzKNUYYVlS_46XA7m-mqdFjTZYomYCvoiWwRwqMlJ4eh-ZxLaNf5Qn_2alBWcDaHh9It0XNAdFSwMMeGWi6JlI5fkSQSg7XTavVfe4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2YXOyBCuxPX0M8hb04dTiy3pGF_Q%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
83601
cf-polished
qual=85, origFmt=jpeg, origSize=60344
alt-svc
h3=":443"; ma=86400
content-length
22974
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Mar 2023 22:26:34 GMT
server
cloudflare
etag
"06609266defcd14ec685b2464aeced2e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q14cVXNXWjongl7aFCJMWmnpbhL1w9Cpv9ozl%2Fl9CmKKUV8fOFHgy18AuCt9wNt5rVWAdVfoDxefkqDmCZ2IsECPTsWHtemyT4kD%2BiD1Bl6zr7741u9KnCcWng1KuNbQXE1smviyXomeglKZ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ea5bee89de51e30-FRA
expires
Sat, 22 Jul 2023 19:10:44 GMT
/
partner.o2online.de/a/ Frame D3CE
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=COONo6zAoIADFXif_Qcd4xkEPg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023072121104487051631069X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_N...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023072121104487051631069X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2023072121104487051631069X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C117569&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=728&d=90&e=&g=d1d0b3cb090a29805ed3c9b1ca5df8db%2F7193449840633158726&i=20774%2C20773%2C29981&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1689966644160&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jv522n7hz5mt4d4a810qyv41jvw2ddrb2vxyxhjpdhp8vgjs6e1bpm3afp96vn0sgsypmrf7axhvqn86jq7pm4mje7zxa1w5971b0qwtkyrhb7776051a3frmephv6ck6aracg4vhxxegf9n3f1kytcwnm9q9yxhq1rgzrfy4mez4w6nrawmw32srmrtz8zg0jvaf3429xxnpk94d7y49bz8sap7q64nnbypbvked961z1xg312nqrzgf4d44qq4tdn6k0x34716cftc0kg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8P5aM9i6ZIe_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgAJP0GHWMcR81Ylc3pgp46uQKqTkWb6HhmzxVcxwi6gxI6xlNRcGlUGTr2dkozjEvaItsvNdYCak_ZEJgwR0u20ySDRCX7k813XVI10T2GB8gDjKaNhyiZglCB8c1ihqDpLS6bSQrcaBdV4DGiaz008ZL9_4lH7YIxeZqgqieoP0MuwFv_x9dX_KyfZ9zna5BYB-jAG7UjgCp97MUGuKU1Ppga3immHuI7TzLCGU-QAgMrINhLvFzKNUYYVlS_46XA7m-mqdFjTZYomYCvoiWwRwqMlJ4eh-ZxLaNf5Qn_2alBWcDaHh9It0XNAdFSwMMeGWi6JlI5fkSQSg7XTavVfe4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2YXOyBCuxPX0M8hb04dTiy3pGF_Q%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Fri, 21 Jul 2023 19:10:44 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023072121104487051631069X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2023072121104487051631069X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218
date
Fri, 21 Jul 2023 19:10:44 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame D3CE 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C117569&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=728&d=90&e=&g=d1d0b3cb090a29805ed3c9b1ca5df8db%2F7193449840633158726&i=20774%2C20773%2C29981&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1689966644160&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jv522n7hz5mt4d4a810qyv41jvw2ddrb2vxyxhjpdhp8vgjs6e1bpm3afp96vn0sgsypmrf7axhvqn86jq7pm4mje7zxa1w5971b0qwtkyrhb7776051a3frmephv6ck6aracg4vhxxegf9n3f1kytcwnm9q9yxhq1rgzrfy4mez4w6nrawmw32srmrtz8zg0jvaf3429xxnpk94d7y49bz8sap7q64nnbypbvked961z1xg312nqrzgf4d44qq4tdn6k0x34716cftc0kg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8P5aM9i6ZIe_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgAJP0GHWMcR81Ylc3pgp46uQKqTkWb6HhmzxVcxwi6gxI6xlNRcGlUGTr2dkozjEvaItsvNdYCak_ZEJgwR0u20ySDRCX7k813XVI10T2GB8gDjKaNhyiZglCB8c1ihqDpLS6bSQrcaBdV4DGiaz008ZL9_4lH7YIxeZqgqieoP0MuwFv_x9dX_KyfZ9zna5BYB-jAG7UjgCp97MUGuKU1Ppga3immHuI7TzLCGU-QAgMrINhLvFzKNUYYVlS_46XA7m-mqdFjTZYomYCvoiWwRwqMlJ4eh-ZxLaNf5Qn_2alBWcDaHh9It0XNAdFSwMMeGWi6JlI5fkSQSg7XTavVfe4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2YXOyBCuxPX0M8hb04dTiy3pGF_Q%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
229e5a0cf38692aadb68fe1ab6ea1e26a0a3b26fbb4e731f33ad807a50ef1227

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
612025
cf-polished
origSize=24833, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
13494
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lpf7cCgY7lnNUk43ydA6uZcuD%2BwDItugm4kvGtH%2FU0FKtLNVq%2BN0vxrM9lZXsUcSYkVGylgA4zm%2FtbHvexoa3MxUwuzVnrAgEjlUnzp1ELKsnExVchJuN6eBuKaDdDde0rFJTZQK28Y%2Fc5h3"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ea5bee89deb1e30-FRA
expires
Sat, 22 Jul 2023 19:10:44 GMT
51ECFC013A5F4D4C3D4DC1C255BF8F138C8B8A67556A0A34EA7C631900B254A0EB5547C19BAB6B3133A765FC8201B8BDAD0A142C2E2304A3FBDC1210CDE43179
assets.ad4m.at/ Frame D3CE 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/51ECFC013A5F4D4C3D4DC1C255BF8F138C8B8A67556A0A34EA7C631900B254A0EB5547C19BAB6B3133A765FC8201B8BDAD0A142C2E2304A3FBDC1210CDE43179
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C117569&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=728&d=90&e=&g=d1d0b3cb090a29805ed3c9b1ca5df8db%2F7193449840633158726&i=20774%2C20773%2C29981&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1689966644160&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jv522n7hz5mt4d4a810qyv41jvw2ddrb2vxyxhjpdhp8vgjs6e1bpm3afp96vn0sgsypmrf7axhvqn86jq7pm4mje7zxa1w5971b0qwtkyrhb7776051a3frmephv6ck6aracg4vhxxegf9n3f1kytcwnm9q9yxhq1rgzrfy4mez4w6nrawmw32srmrtz8zg0jvaf3429xxnpk94d7y49bz8sap7q64nnbypbvked961z1xg312nqrzgf4d44qq4tdn6k0x34716cftc0kg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8P5aM9i6ZIe_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgAJP0GHWMcR81Ylc3pgp46uQKqTkWb6HhmzxVcxwi6gxI6xlNRcGlUGTr2dkozjEvaItsvNdYCak_ZEJgwR0u20ySDRCX7k813XVI10T2GB8gDjKaNhyiZglCB8c1ihqDpLS6bSQrcaBdV4DGiaz008ZL9_4lH7YIxeZqgqieoP0MuwFv_x9dX_KyfZ9zna5BYB-jAG7UjgCp97MUGuKU1Ppga3immHuI7TzLCGU-QAgMrINhLvFzKNUYYVlS_46XA7m-mqdFjTZYomYCvoiWwRwqMlJ4eh-ZxLaNf5Qn_2alBWcDaHh9It0XNAdFSwMMeGWi6JlI5fkSQSg7XTavVfe4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2YXOyBCuxPX0M8hb04dTiy3pGF_Q%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1f1298767e4be7239cf28bb31eaada9d1750fbf45f29b2294fcfd4add302bdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19331
cf-polished
qual=85, origFmt=jpeg, origSize=24400
alt-svc
h3=":443"; ma=86400
content-length
10938
cf-bgj
imgq:85,h2pri
last-modified
Tue, 20 Jun 2023 13:48:21 GMT
server
cloudflare
etag
"e134bc76c0143a9a962b7159f7d67151"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bseo43azV4WsS8OSVGIWsQqvMGWQj1%2BzzpURyyYDgjZUvfp72qaqVJRJgBV1TZKMOenBVjTMe27Kct%2F91qnrNyKpj29SJL0%2BB0PsLdA3OUY4hpjfKlajnlhRdE8gc4zaRspCThDpMlMNa00y"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ea5bee89dec1e30-FRA
expires
Sat, 22 Jul 2023 19:10:44 GMT
/
partner.blau.de/a/ Frame D3CE
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CLuQo6zAoIADFYDiuwgdgYMDdA;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023072121104487051631061X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netm...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023072121104487051631061X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C117569&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=728&d=90&e=&g=d1d0b3cb090a29805ed3c9b1ca5df8db%2F7193449840633158726&i=20774%2C20773%2C29981&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1689966644160&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jv522n7hz5mt4d4a810qyv41jvw2ddrb2vxyxhjpdhp8vgjs6e1bpm3afp96vn0sgsypmrf7axhvqn86jq7pm4mje7zxa1w5971b0qwtkyrhb7776051a3frmephv6ck6aracg4vhxxegf9n3f1kytcwnm9q9yxhq1rgzrfy4mez4w6nrawmw32srmrtz8zg0jvaf3429xxnpk94d7y49bz8sap7q64nnbypbvked961z1xg312nqrzgf4d44qq4tdn6k0x34716cftc0kg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8P5aM9i6ZIe_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgAJP0GHWMcR81Ylc3pgp46uQKqTkWb6HhmzxVcxwi6gxI6xlNRcGlUGTr2dkozjEvaItsvNdYCak_ZEJgwR0u20ySDRCX7k813XVI10T2GB8gDjKaNhyiZglCB8c1ihqDpLS6bSQrcaBdV4DGiaz008ZL9_4lH7YIxeZqgqieoP0MuwFv_x9dX_KyfZ9zna5BYB-jAG7UjgCp97MUGuKU1Ppga3immHuI7TzLCGU-QAgMrINhLvFzKNUYYVlS_46XA7m-mqdFjTZYomYCvoiWwRwqMlJ4eh-ZxLaNf5Qn_2alBWcDaHh9It0XNAdFSwMMeGWi6JlI5fkSQSg7XTavVfe4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2YXOyBCuxPX0M8hb04dTiy3pGF_Q%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Fri, 21 Jul 2023 19:10:44 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023072121104487051631061X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
date
Fri, 21 Jul 2023 19:10:44 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame D3CE 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C117569&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=728&d=90&e=&g=d1d0b3cb090a29805ed3c9b1ca5df8db%2F7193449840633158726&i=20774%2C20773%2C29981&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1689966644160&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jv522n7hz5mt4d4a810qyv41jvw2ddrb2vxyxhjpdhp8vgjs6e1bpm3afp96vn0sgsypmrf7axhvqn86jq7pm4mje7zxa1w5971b0qwtkyrhb7776051a3frmephv6ck6aracg4vhxxegf9n3f1kytcwnm9q9yxhq1rgzrfy4mez4w6nrawmw32srmrtz8zg0jvaf3429xxnpk94d7y49bz8sap7q64nnbypbvked961z1xg312nqrzgf4d44qq4tdn6k0x34716cftc0kg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8P5aM9i6ZIe_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgAJP0GHWMcR81Ylc3pgp46uQKqTkWb6HhmzxVcxwi6gxI6xlNRcGlUGTr2dkozjEvaItsvNdYCak_ZEJgwR0u20ySDRCX7k813XVI10T2GB8gDjKaNhyiZglCB8c1ihqDpLS6bSQrcaBdV4DGiaz008ZL9_4lH7YIxeZqgqieoP0MuwFv_x9dX_KyfZ9zna5BYB-jAG7UjgCp97MUGuKU1Ppga3immHuI7TzLCGU-QAgMrINhLvFzKNUYYVlS_46XA7m-mqdFjTZYomYCvoiWwRwqMlJ4eh-ZxLaNf5Qn_2alBWcDaHh9It0XNAdFSwMMeGWi6JlI5fkSQSg7XTavVfe4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2YXOyBCuxPX0M8hb04dTiy3pGF_Q%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
858046
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPxE4rysVo5CK8Cmxj9fFQon31ZmYxf96BYufFW%2Byura6x7MDDEK7VxiE1P9%2BOaKfquSZfElvStSsX1RfHEMZeCQ6MGxw89w25a4%2FN7Exx2UKv%2F%2FegwjwjecomxXYx3BAz%2Fgk8Gbf4hQ45Se"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ea5bee89ded1e30-FRA
expires
Sat, 22 Jul 2023 19:10:44 GMT
B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame D3CE 		253 KB
254 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C117569&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=728&d=90&e=&g=d1d0b3cb090a29805ed3c9b1ca5df8db%2F7193449840633158726&i=20774%2C20773%2C29981&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1689966644160&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jv522n7hz5mt4d4a810qyv41jvw2ddrb2vxyxhjpdhp8vgjs6e1bpm3afp96vn0sgsypmrf7axhvqn86jq7pm4mje7zxa1w5971b0qwtkyrhb7776051a3frmephv6ck6aracg4vhxxegf9n3f1kytcwnm9q9yxhq1rgzrfy4mez4w6nrawmw32srmrtz8zg0jvaf3429xxnpk94d7y49bz8sap7q64nnbypbvked961z1xg312nqrzgf4d44qq4tdn6k0x34716cftc0kg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8P5aM9i6ZIe_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgAJP0GHWMcR81Ylc3pgp46uQKqTkWb6HhmzxVcxwi6gxI6xlNRcGlUGTr2dkozjEvaItsvNdYCak_ZEJgwR0u20ySDRCX7k813XVI10T2GB8gDjKaNhyiZglCB8c1ihqDpLS6bSQrcaBdV4DGiaz008ZL9_4lH7YIxeZqgqieoP0MuwFv_x9dX_KyfZ9zna5BYB-jAG7UjgCp97MUGuKU1Ppga3immHuI7TzLCGU-QAgMrINhLvFzKNUYYVlS_46XA7m-mqdFjTZYomYCvoiWwRwqMlJ4eh-ZxLaNf5Qn_2alBWcDaHh9It0XNAdFSwMMeGWi6JlI5fkSQSg7XTavVfe4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2YXOyBCuxPX0M8hb04dTiy3pGF_Q%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2495478
cf-polished
origFmt=png, origSize=431531
alt-svc
h3=":443"; ma=86400
content-length
259252
cf-bgj
imgq:85,h2pri
last-modified
Fri, 16 Jun 2023 10:20:07 GMT
server
cloudflare
etag
"16f7fe8ce7119ba0f513f8179ecb2d3a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKhoXdSbrljA6r7GkSwHCGtgotJEGrcdl85QA6srOLDgqMj6SgCqCa8XRA1kL6MdEeIDApda%2FE32ntlQ5wxfiOSjSZm2%2BpYB%2Fazl2xBamXiZZ2OXNb%2BfGJI7F5DNYBAeJBiuttrHxrRCMOuT"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ea5bee89def1e30-FRA
expires
Sat, 22 Jul 2023 19:10:44 GMT
cshow.php
www.awin1.com/ Frame D3CE 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSWoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C117569&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=728&d=90&e=&g=d1d0b3cb090a29805ed3c9b1ca5df8db%2F7193449840633158726&i=20774%2C20773%2C29981&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1689966644160&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jv522n7hz5mt4d4a810qyv41jvw2ddrb2vxyxhjpdhp8vgjs6e1bpm3afp96vn0sgsypmrf7axhvqn86jq7pm4mje7zxa1w5971b0qwtkyrhb7776051a3frmephv6ck6aracg4vhxxegf9n3f1kytcwnm9q9yxhq1rgzrfy4mez4w6nrawmw32srmrtz8zg0jvaf3429xxnpk94d7y49bz8sap7q64nnbypbvked961z1xg312nqrzgf4d44qq4tdn6k0x34716cftc0kg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8P5aM9i6ZIe_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgAJP0GHWMcR81Ylc3pgp46uQKqTkWb6HhmzxVcxwi6gxI6xlNRcGlUGTr2dkozjEvaItsvNdYCak_ZEJgwR0u20ySDRCX7k813XVI10T2GB8gDjKaNhyiZglCB8c1ihqDpLS6bSQrcaBdV4DGiaz008ZL9_4lH7YIxeZqgqieoP0MuwFv_x9dX_KyfZ9zna5BYB-jAG7UjgCp97MUGuKU1Ppga3immHuI7TzLCGU-QAgMrINhLvFzKNUYYVlS_46XA7m-mqdFjTZYomYCvoiWwRwqMlJ4eh-ZxLaNf5Qn_2alBWcDaHh9It0XNAdFSwMMeGWi6JlI5fkSQSg7XTavVfe4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2YXOyBCuxPX0M8hb04dTiy3pGF_Q%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.77.35.11 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-35-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Jul 2023 19:10:44 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 688A 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1&c=300&d=50&e=&g=553bc22f9e04fe0ee8d6f54e31b87b70%2F3308937503420575864&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1689966644256&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxm7zw2mhzcery9e1jb43n1h3jj4yrtfv3j91smnkm02478zh2m05qz5qzvjkcnnx1hfdgke66ygtcqvmfs9rp4ea67ad7q0gtz7pgmpgk9e5d9jmxfgtxzfkjk1hy6wbtx0awh065ef4xphccm55jfe6jmrm4841q1yhd8fvafwjcsjqvv52xq9shhshw5wme9y11gmqh4g9a00t8wvvyydsaxw91nzwm9gwrd2e82fqzhwx1k6kftztnvs0q4xbw1rhhaw1msxb04ys80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-5VpM9i6ZIq_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoElAJP0BErL4Qz4KYSSOSfO-TxjYSJw6a68vKcJkBTx4F3YkdKi0S94QdX7n1qrcA-myZ0-Fkqb0G4Jzmt_tYMpUs14JBeVbzr7wlmoLzshjQv4n5M5ezMOub12oGMlWD5NcgOi26D0DnZqaImaRu5hSW9zLR9VzK4HP-soRHzziv7UnVbUKqdCMGRqWSkQr2zaUmsBGV-r26bHOJZCwBc3xckK9aimFg5eTyG641KEfcQv2_5P4MlHe54JOrztY7bNiBhmsbIr-nitdyAxca98dyaosJZREDgcwoLReT775VmZ7v5aFi3X4VjTcpBhpm_Vzs8FvbkUeFpYzS5qWvJxpmeOvDemvxMWod1QP6Ad6CSpelEnWngBAGABpbepJTeoYKahgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3mqg9F4Pgi-eWOuF2wC9YBDx76Gw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=14019&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1&c=300&d=50&e=&g=553bc22f9e04fe0ee8d6f54e31b87b70%2F3308937503420575864&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1689966644256&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxm7zw2mhzcery9e1jb43n1h3jj4yrtfv3j91smnkm02478zh2m05qz5qzvjkcnnx1hfdgke66ygtcqvmfs9rp4ea67ad7q0gtz7pgmpgk9e5d9jmxfgtxzfkjk1hy6wbtx0awh065ef4xphccm55jfe6jmrm4841q1yhd8fvafwjcsjqvv52xq9shhshw5wme9y11gmqh4g9a00t8wvvyydsaxw91nzwm9gwrd2e82fqzhwx1k6kftztnvs0q4xbw1rhhaw1msxb04ys80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-5VpM9i6ZIq_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoElAJP0BErL4Qz4KYSSOSfO-TxjYSJw6a68vKcJkBTx4F3YkdKi0S94QdX7n1qrcA-myZ0-Fkqb0G4Jzmt_tYMpUs14JBeVbzr7wlmoLzshjQv4n5M5ezMOub12oGMlWD5NcgOi26D0DnZqaImaRu5hSW9zLR9VzK4HP-soRHzziv7UnVbUKqdCMGRqWSkQr2zaUmsBGV-r26bHOJZCwBc3xckK9aimFg5eTyG641KEfcQv2_5P4MlHe54JOrztY7bNiBhmsbIr-nitdyAxca98dyaosJZREDgcwoLReT775VmZ7v5aFi3X4VjTcpBhpm_Vzs8FvbkUeFpYzS5qWvJxpmeOvDemvxMWod1QP6Ad6CSpelEnWngBAGABpbepJTeoYKahgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3mqg9F4Pgi-eWOuF2wC9YBDx76Gw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
806257
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87%2FJCOAzSwSPekY83HF0dnWeqw7jPzvUeqvMuItvnVv9uXh3d1aKlJwSYIkwgLZ%2BGAg7u55Ea4VOelsdvqCARi5joqTaGdY%2Ffoiw7gJMJYJgjhqXrSjFguzUeuA903n9FrDaV1ZyGW4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7ea5bee8be061e30-FRA
expires
Fri, 21 Jul 2023 20:10:44 GMT
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 688A 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1&c=300&d=50&e=&g=553bc22f9e04fe0ee8d6f54e31b87b70%2F3308937503420575864&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1689966644256&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxm7zw2mhzcery9e1jb43n1h3jj4yrtfv3j91smnkm02478zh2m05qz5qzvjkcnnx1hfdgke66ygtcqvmfs9rp4ea67ad7q0gtz7pgmpgk9e5d9jmxfgtxzfkjk1hy6wbtx0awh065ef4xphccm55jfe6jmrm4841q1yhd8fvafwjcsjqvv52xq9shhshw5wme9y11gmqh4g9a00t8wvvyydsaxw91nzwm9gwrd2e82fqzhwx1k6kftztnvs0q4xbw1rhhaw1msxb04ys80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-5VpM9i6ZIq_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoElAJP0BErL4Qz4KYSSOSfO-TxjYSJw6a68vKcJkBTx4F3YkdKi0S94QdX7n1qrcA-myZ0-Fkqb0G4Jzmt_tYMpUs14JBeVbzr7wlmoLzshjQv4n5M5ezMOub12oGMlWD5NcgOi26D0DnZqaImaRu5hSW9zLR9VzK4HP-soRHzziv7UnVbUKqdCMGRqWSkQr2zaUmsBGV-r26bHOJZCwBc3xckK9aimFg5eTyG641KEfcQv2_5P4MlHe54JOrztY7bNiBhmsbIr-nitdyAxca98dyaosJZREDgcwoLReT775VmZ7v5aFi3X4VjTcpBhpm_Vzs8FvbkUeFpYzS5qWvJxpmeOvDemvxMWod1QP6Ad6CSpelEnWngBAGABpbepJTeoYKahgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3mqg9F4Pgi-eWOuF2wC9YBDx76Gw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
330518
cf-polished
origFmt=png, origSize=65187
alt-svc
h3=":443"; ma=86400
content-length
44710
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 14:45:52 GMT
server
cloudflare
etag
"99941d3864a6d6ef01023c96e0475815"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rGVqXKse1JSaW0T5y8lvoBsrjgYx0YMe3Vl1iTZPw2zcqcmg0pBK%2BRM%2FROny70TwXNxYXhQf2KpC5T7Y7PGyD5ztZrR6UVmi2QgbJoA5QwF%2FJOBGx81dkyQVlXc9J0O9DmRBBLW1PlZhX25o"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ea5bee8be091e30-FRA
expires
Sat, 22 Jul 2023 19:10:44 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 688A 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1&c=300&d=50&e=&g=553bc22f9e04fe0ee8d6f54e31b87b70%2F3308937503420575864&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1689966644256&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxm7zw2mhzcery9e1jb43n1h3jj4yrtfv3j91smnkm02478zh2m05qz5qzvjkcnnx1hfdgke66ygtcqvmfs9rp4ea67ad7q0gtz7pgmpgk9e5d9jmxfgtxzfkjk1hy6wbtx0awh065ef4xphccm55jfe6jmrm4841q1yhd8fvafwjcsjqvv52xq9shhshw5wme9y11gmqh4g9a00t8wvvyydsaxw91nzwm9gwrd2e82fqzhwx1k6kftztnvs0q4xbw1rhhaw1msxb04ys80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-5VpM9i6ZIq_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoElAJP0BErL4Qz4KYSSOSfO-TxjYSJw6a68vKcJkBTx4F3YkdKi0S94QdX7n1qrcA-myZ0-Fkqb0G4Jzmt_tYMpUs14JBeVbzr7wlmoLzshjQv4n5M5ezMOub12oGMlWD5NcgOi26D0DnZqaImaRu5hSW9zLR9VzK4HP-soRHzziv7UnVbUKqdCMGRqWSkQr2zaUmsBGV-r26bHOJZCwBc3xckK9aimFg5eTyG641KEfcQv2_5P4MlHe54JOrztY7bNiBhmsbIr-nitdyAxca98dyaosJZREDgcwoLReT775VmZ7v5aFi3X4VjTcpBhpm_Vzs8FvbkUeFpYzS5qWvJxpmeOvDemvxMWod1QP6Ad6CSpelEnWngBAGABpbepJTeoYKahgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3mqg9F4Pgi-eWOuF2wC9YBDx76Gw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
666339
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400
content-length
226916
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qm2aya7jjxCDMZKKMp0VMTDEpgTmG021%2ByH0e0ag0T%2FfMf7jsIJlRKMe2RKd%2FI5qm5CXth0KEgZyBWcmSB2U9%2FX2pQKhvWSFfK7J22pyK96IwKivYAPfBHC6nUJokQv0PW6hcmuAxI6HG2i"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ea5bee8be141e30-FRA
expires
Sat, 22 Jul 2023 19:10:44 GMT
ztpv.php
www.conrad.de/ Frame 688A
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidJBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1689966644_4ae9fd20-27fa-11ee-87f6-2265f034cf4c&insert=AW&&gdpr=0&gdpr_consent=
0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1689966644_4ae9fd20-27fa-11ee-87f6-2265f034cf4c&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1&c=300&d=50&e=&g=553bc22f9e04fe0ee8d6f54e31b87b70%2F3308937503420575864&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1689966644256&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxm7zw2mhzcery9e1jb43n1h3jj4yrtfv3j91smnkm02478zh2m05qz5qzvjkcnnx1hfdgke66ygtcqvmfs9rp4ea67ad7q0gtz7pgmpgk9e5d9jmxfgtxzfkjk1hy6wbtx0awh065ef4xphccm55jfe6jmrm4841q1yhd8fvafwjcsjqvv52xq9shhshw5wme9y11gmqh4g9a00t8wvvyydsaxw91nzwm9gwrd2e82fqzhwx1k6kftztnvs0q4xbw1rhhaw1msxb04ys80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-5VpM9i6ZIq_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoElAJP0BErL4Qz4KYSSOSfO-TxjYSJw6a68vKcJkBTx4F3YkdKi0S94QdX7n1qrcA-myZ0-Fkqb0G4Jzmt_tYMpUs14JBeVbzr7wlmoLzshjQv4n5M5ezMOub12oGMlWD5NcgOi26D0DnZqaImaRu5hSW9zLR9VzK4HP-soRHzziv7UnVbUKqdCMGRqWSkQr2zaUmsBGV-r26bHOJZCwBc3xckK9aimFg5eTyG641KEfcQv2_5P4MlHe54JOrztY7bNiBhmsbIr-nitdyAxca98dyaosJZREDgcwoLReT775VmZ7v5aFi3X4VjTcpBhpm_Vzs8FvbkUeFpYzS5qWvJxpmeOvDemvxMWod1QP6Ad6CSpelEnWngBAGABpbepJTeoYKahgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3mqg9F4Pgi-eWOuF2wC9YBDx76Gw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
strict-transport-security
max-age=15552000
cf-ccp-worker
HTLPHandler-v1
server
cloudflare
vary
Accept-Encoding
cache-control
no-cache
cf-ray
7ea5beea0e3bbbe3-FRA
content-length
0
expires
-1

Redirect headers

Date
Fri, 21 Jul 2023 19:10:44 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1689966644_4ae9fd20-27fa-11ee-87f6-2265f034cf4c&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 9674 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C34719&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=800&d=250&e=&g=2f88be73158720a9766a3c46f8b3be2e%2F3673517890145743693&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1689966644257&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gp140t5m7y1f7qnq3j3fz6d8php3qxbsf7ts879zjdkjgpp1mmxezaxvgt3gvwqvcbxpkgejwh165dv4e9a7hjcbqccsr7g9bgp7jxg3n6ng832b3khvtd9c9htn8wd614pwy29etzzfdk451krnp8pys6aqzvagra7wk80nd0es7xrt9rfy54ve5mqe3x10sbn7w5qkdjh9rahw2t80djx1phzjcc1xty6sy8bn04d83t7ne5dcjp319jhp8e8jn403t7egfpx5aak4mjy0fmt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiT-SM9i6ZIm_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEigJP0MyASFGl1c5ginUxYDANj1F2ylqaEEg7IT9maQIdqW4bARAt_XtQHBvEJu3MiHw3g7c8tMQhPzFQwIsvzbqIRHp4qAgUt4euCG_x4JfCMwx7_hvy2s4M-q_uxwyM7ICimDCfNPTrVZdDk0WsExIq0n0OWTGwXdst00EDxQwO3aQ_vQOW-2CElQLmc7LbmbKHsZLeZgF5xcMDM1Crw6028WjFE-f2U8h5QMXoIWmNGYeL-dNWwwri4jAC-naGZpIdPVsusT7sL_FOu5Do617PSwAPxqSYIPnoSUGh4sT3NPrqV7MHd2BMkjr_jOGP4h-U860PWrR9TolKNsFUchZqmrzZmkGG_PjRWeAEAYAGkvWh6ZqGvtcWoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0yKEy7pq4STHDcHe-LdYt2quKDFg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=117569%2C23576%2C34719&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=800&d=250&e=&g=2f88be73158720a9766a3c46f8b3be2e%2F3673517890145743693&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1689966644257&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gp140t5m7y1f7qnq3j3fz6d8php3qxbsf7ts879zjdkjgpp1mmxezaxvgt3gvwqvcbxpkgejwh165dv4e9a7hjcbqccsr7g9bgp7jxg3n6ng832b3khvtd9c9htn8wd614pwy29etzzfdk451krnp8pys6aqzvagra7wk80nd0es7xrt9rfy54ve5mqe3x10sbn7w5qkdjh9rahw2t80djx1phzjcc1xty6sy8bn04d83t7ne5dcjp319jhp8e8jn403t7egfpx5aak4mjy0fmt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiT-SM9i6ZIm_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEigJP0MyASFGl1c5ginUxYDANj1F2ylqaEEg7IT9maQIdqW4bARAt_XtQHBvEJu3MiHw3g7c8tMQhPzFQwIsvzbqIRHp4qAgUt4euCG_x4JfCMwx7_hvy2s4M-q_uxwyM7ICimDCfNPTrVZdDk0WsExIq0n0OWTGwXdst00EDxQwO3aQ_vQOW-2CElQLmc7LbmbKHsZLeZgF5xcMDM1Crw6028WjFE-f2U8h5QMXoIWmNGYeL-dNWwwri4jAC-naGZpIdPVsusT7sL_FOu5Do617PSwAPxqSYIPnoSUGh4sT3NPrqV7MHd2BMkjr_jOGP4h-U860PWrR9TolKNsFUchZqmrzZmkGG_PjRWeAEAYAGkvWh6ZqGvtcWoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0yKEy7pq4STHDcHe-LdYt2quKDFg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
806257
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8cSAJCySP%2F36%2Bpo2ilsuOGCdnU5fQnoSokohWPuSNtUaP%2FKfZJh3kIdidp9YveQGgou%2BrriKnkIM3qXhZOWNas4BDIINY2VaOA3%2FBr7mygXFEtamqeSPZfxvNyBLCDCe02h1Ks2mJc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7ea5bee8be0c1e30-FRA
expires
Fri, 21 Jul 2023 20:10:44 GMT
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 9674 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C34719&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=800&d=250&e=&g=2f88be73158720a9766a3c46f8b3be2e%2F3673517890145743693&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1689966644257&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gp140t5m7y1f7qnq3j3fz6d8php3qxbsf7ts879zjdkjgpp1mmxezaxvgt3gvwqvcbxpkgejwh165dv4e9a7hjcbqccsr7g9bgp7jxg3n6ng832b3khvtd9c9htn8wd614pwy29etzzfdk451krnp8pys6aqzvagra7wk80nd0es7xrt9rfy54ve5mqe3x10sbn7w5qkdjh9rahw2t80djx1phzjcc1xty6sy8bn04d83t7ne5dcjp319jhp8e8jn403t7egfpx5aak4mjy0fmt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiT-SM9i6ZIm_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEigJP0MyASFGl1c5ginUxYDANj1F2ylqaEEg7IT9maQIdqW4bARAt_XtQHBvEJu3MiHw3g7c8tMQhPzFQwIsvzbqIRHp4qAgUt4euCG_x4JfCMwx7_hvy2s4M-q_uxwyM7ICimDCfNPTrVZdDk0WsExIq0n0OWTGwXdst00EDxQwO3aQ_vQOW-2CElQLmc7LbmbKHsZLeZgF5xcMDM1Crw6028WjFE-f2U8h5QMXoIWmNGYeL-dNWwwri4jAC-naGZpIdPVsusT7sL_FOu5Do617PSwAPxqSYIPnoSUGh4sT3NPrqV7MHd2BMkjr_jOGP4h-U860PWrR9TolKNsFUchZqmrzZmkGG_PjRWeAEAYAGkvWh6ZqGvtcWoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0yKEy7pq4STHDcHe-LdYt2quKDFg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
858046
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zuTUfscUw%2BWkBnmgi%2BBcL0ZPbF5XWo%2FdwSVDudweToe4UKGYcCzVcMDSglNnAq6at1i%2FriC1ltbzP6N%2Fu1NER3dnG2nbYRk4r4h2SVEhiz7A54UWQNjekAtZ0sq2Jke%2F%2F%2BwKb6FGZIUrH9hg"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ea5bee8be111e30-FRA
expires
Sat, 22 Jul 2023 19:10:44 GMT
B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 9674 		253 KB
254 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C34719&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=800&d=250&e=&g=2f88be73158720a9766a3c46f8b3be2e%2F3673517890145743693&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1689966644257&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gp140t5m7y1f7qnq3j3fz6d8php3qxbsf7ts879zjdkjgpp1mmxezaxvgt3gvwqvcbxpkgejwh165dv4e9a7hjcbqccsr7g9bgp7jxg3n6ng832b3khvtd9c9htn8wd614pwy29etzzfdk451krnp8pys6aqzvagra7wk80nd0es7xrt9rfy54ve5mqe3x10sbn7w5qkdjh9rahw2t80djx1phzjcc1xty6sy8bn04d83t7ne5dcjp319jhp8e8jn403t7egfpx5aak4mjy0fmt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiT-SM9i6ZIm_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEigJP0MyASFGl1c5ginUxYDANj1F2ylqaEEg7IT9maQIdqW4bARAt_XtQHBvEJu3MiHw3g7c8tMQhPzFQwIsvzbqIRHp4qAgUt4euCG_x4JfCMwx7_hvy2s4M-q_uxwyM7ICimDCfNPTrVZdDk0WsExIq0n0OWTGwXdst00EDxQwO3aQ_vQOW-2CElQLmc7LbmbKHsZLeZgF5xcMDM1Crw6028WjFE-f2U8h5QMXoIWmNGYeL-dNWwwri4jAC-naGZpIdPVsusT7sL_FOu5Do617PSwAPxqSYIPnoSUGh4sT3NPrqV7MHd2BMkjr_jOGP4h-U860PWrR9TolKNsFUchZqmrzZmkGG_PjRWeAEAYAGkvWh6ZqGvtcWoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0yKEy7pq4STHDcHe-LdYt2quKDFg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2495478
cf-polished
origFmt=png, origSize=431531
alt-svc
h3=":443"; ma=86400
content-length
259252
cf-bgj
imgq:85,h2pri
last-modified
Fri, 16 Jun 2023 10:20:07 GMT
server
cloudflare
etag
"16f7fe8ce7119ba0f513f8179ecb2d3a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2Bw0OmdUmv6XYjPJazgsTXlTLSGAXaYKjeiXQuYuVn6jbmfp1%2FBzvs190P9jcg6t4XNtv41x6sVh4Pb8XgqBEJptTygOD0DascpEo5iWxSQCXtw2oCgIXfuWkZnYOZ6wmKFosle4v2sfDxqQ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ea5bee8be1e1e30-FRA
expires
Sat, 22 Jul 2023 19:10:44 GMT
cshow.php
www.awin1.com/ Frame 9674 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C34719&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=800&d=250&e=&g=2f88be73158720a9766a3c46f8b3be2e%2F3673517890145743693&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1689966644257&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gp140t5m7y1f7qnq3j3fz6d8php3qxbsf7ts879zjdkjgpp1mmxezaxvgt3gvwqvcbxpkgejwh165dv4e9a7hjcbqccsr7g9bgp7jxg3n6ng832b3khvtd9c9htn8wd614pwy29etzzfdk451krnp8pys6aqzvagra7wk80nd0es7xrt9rfy54ve5mqe3x10sbn7w5qkdjh9rahw2t80djx1phzjcc1xty6sy8bn04d83t7ne5dcjp319jhp8e8jn403t7egfpx5aak4mjy0fmt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiT-SM9i6ZIm_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEigJP0MyASFGl1c5ginUxYDANj1F2ylqaEEg7IT9maQIdqW4bARAt_XtQHBvEJu3MiHw3g7c8tMQhPzFQwIsvzbqIRHp4qAgUt4euCG_x4JfCMwx7_hvy2s4M-q_uxwyM7ICimDCfNPTrVZdDk0WsExIq0n0OWTGwXdst00EDxQwO3aQ_vQOW-2CElQLmc7LbmbKHsZLeZgF5xcMDM1Crw6028WjFE-f2U8h5QMXoIWmNGYeL-dNWwwri4jAC-naGZpIdPVsusT7sL_FOu5Do617PSwAPxqSYIPnoSUGh4sT3NPrqV7MHd2BMkjr_jOGP4h-U860PWrR9TolKNsFUchZqmrzZmkGG_PjRWeAEAYAGkvWh6ZqGvtcWoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0yKEy7pq4STHDcHe-LdYt2quKDFg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.77.35.11 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-35-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Jul 2023 19:10:44 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 9674 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C34719&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=800&d=250&e=&g=2f88be73158720a9766a3c46f8b3be2e%2F3673517890145743693&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1689966644257&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gp140t5m7y1f7qnq3j3fz6d8php3qxbsf7ts879zjdkjgpp1mmxezaxvgt3gvwqvcbxpkgejwh165dv4e9a7hjcbqccsr7g9bgp7jxg3n6ng832b3khvtd9c9htn8wd614pwy29etzzfdk451krnp8pys6aqzvagra7wk80nd0es7xrt9rfy54ve5mqe3x10sbn7w5qkdjh9rahw2t80djx1phzjcc1xty6sy8bn04d83t7ne5dcjp319jhp8e8jn403t7egfpx5aak4mjy0fmt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiT-SM9i6ZIm_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEigJP0MyASFGl1c5ginUxYDANj1F2ylqaEEg7IT9maQIdqW4bARAt_XtQHBvEJu3MiHw3g7c8tMQhPzFQwIsvzbqIRHp4qAgUt4euCG_x4JfCMwx7_hvy2s4M-q_uxwyM7ICimDCfNPTrVZdDk0WsExIq0n0OWTGwXdst00EDxQwO3aQ_vQOW-2CElQLmc7LbmbKHsZLeZgF5xcMDM1Crw6028WjFE-f2U8h5QMXoIWmNGYeL-dNWwwri4jAC-naGZpIdPVsusT7sL_FOu5Do617PSwAPxqSYIPnoSUGh4sT3NPrqV7MHd2BMkjr_jOGP4h-U860PWrR9TolKNsFUchZqmrzZmkGG_PjRWeAEAYAGkvWh6ZqGvtcWoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0yKEy7pq4STHDcHe-LdYt2quKDFg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1638544
cf-polished
origSize=115129, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
75430
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDZWlPqzfl6f0DXaUl26UWSLAnNt4jByxs%2BnXt4CtgcJVKnz3XZzqpX9Iy3n5K8yvUaP9U9mX1lzy8Dp5QV1yg1k3MYjtf1t6JEFRp%2BaAKXJ%2BW%2Fleq0MkaeG7K2cxP9y6fAX2WcUhJLnuwyH"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ea5bee8be231e30-FRA
expires
Sat, 22 Jul 2023 19:10:44 GMT
F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 9674 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C34719&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=800&d=250&e=&g=2f88be73158720a9766a3c46f8b3be2e%2F3673517890145743693&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1689966644257&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gp140t5m7y1f7qnq3j3fz6d8php3qxbsf7ts879zjdkjgpp1mmxezaxvgt3gvwqvcbxpkgejwh165dv4e9a7hjcbqccsr7g9bgp7jxg3n6ng832b3khvtd9c9htn8wd614pwy29etzzfdk451krnp8pys6aqzvagra7wk80nd0es7xrt9rfy54ve5mqe3x10sbn7w5qkdjh9rahw2t80djx1phzjcc1xty6sy8bn04d83t7ne5dcjp319jhp8e8jn403t7egfpx5aak4mjy0fmt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiT-SM9i6ZIm_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEigJP0MyASFGl1c5ginUxYDANj1F2ylqaEEg7IT9maQIdqW4bARAt_XtQHBvEJu3MiHw3g7c8tMQhPzFQwIsvzbqIRHp4qAgUt4euCG_x4JfCMwx7_hvy2s4M-q_uxwyM7ICimDCfNPTrVZdDk0WsExIq0n0OWTGwXdst00EDxQwO3aQ_vQOW-2CElQLmc7LbmbKHsZLeZgF5xcMDM1Crw6028WjFE-f2U8h5QMXoIWmNGYeL-dNWwwri4jAC-naGZpIdPVsusT7sL_FOu5Do617PSwAPxqSYIPnoSUGh4sT3NPrqV7MHd2BMkjr_jOGP4h-U860PWrR9TolKNsFUchZqmrzZmkGG_PjRWeAEAYAGkvWh6ZqGvtcWoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0yKEy7pq4STHDcHe-LdYt2quKDFg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e031ee2b6307161e852ef731954de0f13930fb0c43596f11ce825aa6a0019a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2083999
cf-polished
degrade=85, origSize=132437, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
31747
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Dec 2021 17:51:23 GMT
server
cloudflare
etag
"c348b177953ac5720836c04e1a21673d"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RjV%2FBkokgg71NK4MZpFPywQF5QZVf8np8mrjmyGiJLa35kRAEZlhKukYClHiGMXdYyz43LzFcigdM50G3AV81f%2FAKvQS7q7G7RDgDfgFtKGtbusmM0zwrikWx0oDj2hy0FtdQOYpmhQqV8Ed"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ea5bee8be251e30-FRA
expires
Sat, 22 Jul 2023 19:10:44 GMT
/
partner.o2online.de/a/ Frame 9674
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNrPo6zAoIADFRqQ_Qcd4qABLg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023072121104487051631067X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023072121104487051631067X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023072121104487051631067X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C34719&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=800&d=250&e=&g=2f88be73158720a9766a3c46f8b3be2e%2F3673517890145743693&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1689966644257&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gp140t5m7y1f7qnq3j3fz6d8php3qxbsf7ts879zjdkjgpp1mmxezaxvgt3gvwqvcbxpkgejwh165dv4e9a7hjcbqccsr7g9bgp7jxg3n6ng832b3khvtd9c9htn8wd614pwy29etzzfdk451krnp8pys6aqzvagra7wk80nd0es7xrt9rfy54ve5mqe3x10sbn7w5qkdjh9rahw2t80djx1phzjcc1xty6sy8bn04d83t7ne5dcjp319jhp8e8jn403t7egfpx5aak4mjy0fmt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiT-SM9i6ZIm_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEigJP0MyASFGl1c5ginUxYDANj1F2ylqaEEg7IT9maQIdqW4bARAt_XtQHBvEJu3MiHw3g7c8tMQhPzFQwIsvzbqIRHp4qAgUt4euCG_x4JfCMwx7_hvy2s4M-q_uxwyM7ICimDCfNPTrVZdDk0WsExIq0n0OWTGwXdst00EDxQwO3aQ_vQOW-2CElQLmc7LbmbKHsZLeZgF5xcMDM1Crw6028WjFE-f2U8h5QMXoIWmNGYeL-dNWwwri4jAC-naGZpIdPVsusT7sL_FOu5Do617PSwAPxqSYIPnoSUGh4sT3NPrqV7MHd2BMkjr_jOGP4h-U860PWrR9TolKNsFUchZqmrzZmkGG_PjRWeAEAYAGkvWh6ZqGvtcWoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0yKEy7pq4STHDcHe-LdYt2quKDFg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Fri, 21 Jul 2023 19:10:44 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023072121104487051631067X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023072121104487051631067X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&partnerid=12218
date
Fri, 21 Jul 2023 19:10:44 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 9674 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C34719&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=800&d=250&e=&g=2f88be73158720a9766a3c46f8b3be2e%2F3673517890145743693&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1689966644257&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gp140t5m7y1f7qnq3j3fz6d8php3qxbsf7ts879zjdkjgpp1mmxezaxvgt3gvwqvcbxpkgejwh165dv4e9a7hjcbqccsr7g9bgp7jxg3n6ng832b3khvtd9c9htn8wd614pwy29etzzfdk451krnp8pys6aqzvagra7wk80nd0es7xrt9rfy54ve5mqe3x10sbn7w5qkdjh9rahw2t80djx1phzjcc1xty6sy8bn04d83t7ne5dcjp319jhp8e8jn403t7egfpx5aak4mjy0fmt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiT-SM9i6ZIm_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEigJP0MyASFGl1c5ginUxYDANj1F2ylqaEEg7IT9maQIdqW4bARAt_XtQHBvEJu3MiHw3g7c8tMQhPzFQwIsvzbqIRHp4qAgUt4euCG_x4JfCMwx7_hvy2s4M-q_uxwyM7ICimDCfNPTrVZdDk0WsExIq0n0OWTGwXdst00EDxQwO3aQ_vQOW-2CElQLmc7LbmbKHsZLeZgF5xcMDM1Crw6028WjFE-f2U8h5QMXoIWmNGYeL-dNWwwri4jAC-naGZpIdPVsusT7sL_FOu5Do617PSwAPxqSYIPnoSUGh4sT3NPrqV7MHd2BMkjr_jOGP4h-U860PWrR9TolKNsFUchZqmrzZmkGG_PjRWeAEAYAGkvWh6ZqGvtcWoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0yKEy7pq4STHDcHe-LdYt2quKDFg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1640719
cf-polished
qual=85, origFmt=jpeg, origSize=58124
alt-svc
h3=":443"; ma=86400
content-length
9782
cf-bgj
imgq:85,h2pri
last-modified
Fri, 08 Jul 2022 10:19:52 GMT
server
cloudflare
etag
"b4342e277c43aad9c5020a04564bfd1e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOLc5rwSD4s9kPIiya10l28ul4liXPCQP8DkbK0MShd4Pb3skY2mIWtFBKGdr%2F39VZ7l05eXT%2FpE0RcO3x51Wm2QQoecTxCcOr2h2XBEYB02zCcnPnXayAuccsyT6QAk2UAjdIRtPoPtPWBl"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ea5bee8be271e30-FRA
expires
Sat, 22 Jul 2023 19:10:44 GMT
2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
assets.ad4m.at/ Frame 9674 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C34719&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=800&d=250&e=&g=2f88be73158720a9766a3c46f8b3be2e%2F3673517890145743693&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1689966644257&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gp140t5m7y1f7qnq3j3fz6d8php3qxbsf7ts879zjdkjgpp1mmxezaxvgt3gvwqvcbxpkgejwh165dv4e9a7hjcbqccsr7g9bgp7jxg3n6ng832b3khvtd9c9htn8wd614pwy29etzzfdk451krnp8pys6aqzvagra7wk80nd0es7xrt9rfy54ve5mqe3x10sbn7w5qkdjh9rahw2t80djx1phzjcc1xty6sy8bn04d83t7ne5dcjp319jhp8e8jn403t7egfpx5aak4mjy0fmt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiT-SM9i6ZIm_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEigJP0MyASFGl1c5ginUxYDANj1F2ylqaEEg7IT9maQIdqW4bARAt_XtQHBvEJu3MiHw3g7c8tMQhPzFQwIsvzbqIRHp4qAgUt4euCG_x4JfCMwx7_hvy2s4M-q_uxwyM7ICimDCfNPTrVZdDk0WsExIq0n0OWTGwXdst00EDxQwO3aQ_vQOW-2CElQLmc7LbmbKHsZLeZgF5xcMDM1Crw6028WjFE-f2U8h5QMXoIWmNGYeL-dNWwwri4jAC-naGZpIdPVsusT7sL_FOu5Do617PSwAPxqSYIPnoSUGh4sT3NPrqV7MHd2BMkjr_jOGP4h-U860PWrR9TolKNsFUchZqmrzZmkGG_PjRWeAEAYAGkvWh6ZqGvtcWoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0yKEy7pq4STHDcHe-LdYt2quKDFg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7992882aa0838cd9d41c9e9bcef9e10576c790b9a325c060e2a8ab00922876

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1809614
cf-polished
degrade=85, origSize=176144, status=webp_bigger
alt-svc
h3=":443"; ma=86400
content-length
85317
cf-bgj
imgq:85,h2pri
last-modified
Wed, 26 Apr 2023 15:13:36 GMT
server
cloudflare
etag
"de500d9f72516b39943c63adb21d5ebe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6RrR%2B29jIgjXkgUBAw6J5yiRDBiU1lJ6uMCzYnG6KZ9dB%2B59Mn4rJxCW%2FoCgJ8UakBvECPfEWz7pE%2FEm3IaXpE62W%2BfgjFYSBAz%2BCiu5X6DqjVBeuPKkafzuGn1G0OXehGkAyc0O1Lgk3MU"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ea5bee8be291e30-FRA
expires
Sat, 22 Jul 2023 19:10:44 GMT
2aed39855b5f46b7651ba591340f258c
pv.medialead.de/trck/epv/ Frame 9674 		0
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/epv/2aed39855b5f46b7651ba591340f258c?t=htlp&subid=wkzMotivBoneidKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25boneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C34719&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=800&d=250&e=&g=2f88be73158720a9766a3c46f8b3be2e%2F3673517890145743693&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1689966644257&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gp140t5m7y1f7qnq3j3fz6d8php3qxbsf7ts879zjdkjgpp1mmxezaxvgt3gvwqvcbxpkgejwh165dv4e9a7hjcbqccsr7g9bgp7jxg3n6ng832b3khvtd9c9htn8wd614pwy29etzzfdk451krnp8pys6aqzvagra7wk80nd0es7xrt9rfy54ve5mqe3x10sbn7w5qkdjh9rahw2t80djx1phzjcc1xty6sy8bn04d83t7ne5dcjp319jhp8e8jn403t7egfpx5aak4mjy0fmt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiT-SM9i6ZIm_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEigJP0MyASFGl1c5ginUxYDANj1F2ylqaEEg7IT9maQIdqW4bARAt_XtQHBvEJu3MiHw3g7c8tMQhPzFQwIsvzbqIRHp4qAgUt4euCG_x4JfCMwx7_hvy2s4M-q_uxwyM7ICimDCfNPTrVZdDk0WsExIq0n0OWTGwXdst00EDxQwO3aQ_vQOW-2CElQLmc7LbmbKHsZLeZgF5xcMDM1Crw6028WjFE-f2U8h5QMXoIWmNGYeL-dNWwwri4jAC-naGZpIdPVsusT7sL_FOu5Do617PSwAPxqSYIPnoSUGh4sT3NPrqV7MHd2BMkjr_jOGP4h-U860PWrR9TolKNsFUchZqmrzZmkGG_PjRWeAEAYAGkvWh6ZqGvtcWoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0yKEy7pq4STHDcHe-LdYt2quKDFg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.130 Valence, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Fri, 21 Jul 2023 19:10:44 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
253A3AF6:8206_91EFC182:01BB_64BAD834_FB55F08:1ECFE
X-IPLB-Instance
40028
Vary
Origin
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Request-ID
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame E970 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C183975%2C34719&b=YxGfrf3f9RxFVH9HetQtRR8ckS1T4pJcJQ%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=q4VSmfWfbPBuZHgHDtRCXXxaeSgTA2japQ%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=728&d=90&e=&g=4c6712363cc1126424080b1ca6a45b04%2F1009454974025483350&i=20774%2C20597%2C26474&j=14%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1689966644256&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g06wskc7mphr6eketntsjk2mk7b6w5w7rw4mqhzqbsedgceh1qzj01xvxxmm12j2jm12vje1xzvbq25hzs6tfc11x2bejcjktqhkp1tnbfvam6gyp0nfvc2dfq278bgzx3we3dwjzjb7dgtzsxg03czegh32z5s54wb73stdnw6bhr19qba3b591s586ws18ttet3jznv9px852tjnjpyradz9swmfvr426gkh90sas5p2w49rwaqn8y9mndzsndp2tz2v0n272k8e6g93g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvevWM9i6ZIi_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgQJP0F1pO3yX67ZzeK1a9e8mcP7zqajDgx-vVyjCHkUr2fBiDi1fWwR1Q9Z9FymkY3BlVDAAikbKp1gkb6bse2j9kLbI5vcHSYG0NVpTHy8pqn34nb7fcQgCrGFa8RtQtE6yhLp0ccXYR4F40XaC6eLeMVD9UcmRSrZz773Wp7ob0ybSCdywsKlRQ2GLel2IN5Nhv-ypp9zjAzJ0kyL5jY9wG-NSi_KUikurnIMMttHBSpxFWUJAxK8K8T_HcrpCO-I4ENnOJLoBJXb-AfOAYc0MlD2ArxifhvDeDqS7p1UAAu2rTtlzjEWMhDi3DbT2kjMPtNJvcm7vmM2z2ViYVWUDV-AEAYAGhpG7mv_1zaN4oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1Vle0Y0JIAlvdm_9HUfcsqcQBCgA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=13957%2C183975%2C34719&b=YxGfrf3f9RxFVH9HetQtRR8ckS1T4pJcJQ%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=q4VSmfWfbPBuZHgHDtRCXXxaeSgTA2japQ%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=728&d=90&e=&g=4c6712363cc1126424080b1ca6a45b04%2F1009454974025483350&i=20774%2C20597%2C26474&j=14%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1689966644256&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g06wskc7mphr6eketntsjk2mk7b6w5w7rw4mqhzqbsedgceh1qzj01xvxxmm12j2jm12vje1xzvbq25hzs6tfc11x2bejcjktqhkp1tnbfvam6gyp0nfvc2dfq278bgzx3we3dwjzjb7dgtzsxg03czegh32z5s54wb73stdnw6bhr19qba3b591s586ws18ttet3jznv9px852tjnjpyradz9swmfvr426gkh90sas5p2w49rwaqn8y9mndzsndp2tz2v0n272k8e6g93g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvevWM9i6ZIi_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgQJP0F1pO3yX67ZzeK1a9e8mcP7zqajDgx-vVyjCHkUr2fBiDi1fWwR1Q9Z9FymkY3BlVDAAikbKp1gkb6bse2j9kLbI5vcHSYG0NVpTHy8pqn34nb7fcQgCrGFa8RtQtE6yhLp0ccXYR4F40XaC6eLeMVD9UcmRSrZz773Wp7ob0ybSCdywsKlRQ2GLel2IN5Nhv-ypp9zjAzJ0kyL5jY9wG-NSi_KUikurnIMMttHBSpxFWUJAxK8K8T_HcrpCO-I4ENnOJLoBJXb-AfOAYc0MlD2ArxifhvDeDqS7p1UAAu2rTtlzjEWMhDi3DbT2kjMPtNJvcm7vmM2z2ViYVWUDV-AEAYAGhpG7mv_1zaN4oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1Vle0Y0JIAlvdm_9HUfcsqcQBCgA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
806257
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FoJraLCS%2BvsUl1rJnHUlIZuXuzfu2qvFs8K5kI1wP3RM5Te4z0RuDnbgUSF8Uw3Ah9oLG1ybaKfHdFfL4pLcyO0iparb9mB4nW1Gh2XeG%2Fh4Vvo37yaTmkoFmPKQb5EGNeeo5v%2FdHMo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7ea5bee8be161e30-FRA
expires
Fri, 21 Jul 2023 20:10:44 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame E970 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C183975%2C34719&b=YxGfrf3f9RxFVH9HetQtRR8ckS1T4pJcJQ%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=q4VSmfWfbPBuZHgHDtRCXXxaeSgTA2japQ%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=728&d=90&e=&g=4c6712363cc1126424080b1ca6a45b04%2F1009454974025483350&i=20774%2C20597%2C26474&j=14%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1689966644256&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g06wskc7mphr6eketntsjk2mk7b6w5w7rw4mqhzqbsedgceh1qzj01xvxxmm12j2jm12vje1xzvbq25hzs6tfc11x2bejcjktqhkp1tnbfvam6gyp0nfvc2dfq278bgzx3we3dwjzjb7dgtzsxg03czegh32z5s54wb73stdnw6bhr19qba3b591s586ws18ttet3jznv9px852tjnjpyradz9swmfvr426gkh90sas5p2w49rwaqn8y9mndzsndp2tz2v0n272k8e6g93g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvevWM9i6ZIi_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgQJP0F1pO3yX67ZzeK1a9e8mcP7zqajDgx-vVyjCHkUr2fBiDi1fWwR1Q9Z9FymkY3BlVDAAikbKp1gkb6bse2j9kLbI5vcHSYG0NVpTHy8pqn34nb7fcQgCrGFa8RtQtE6yhLp0ccXYR4F40XaC6eLeMVD9UcmRSrZz773Wp7ob0ybSCdywsKlRQ2GLel2IN5Nhv-ypp9zjAzJ0kyL5jY9wG-NSi_KUikurnIMMttHBSpxFWUJAxK8K8T_HcrpCO-I4ENnOJLoBJXb-AfOAYc0MlD2ArxifhvDeDqS7p1UAAu2rTtlzjEWMhDi3DbT2kjMPtNJvcm7vmM2z2ViYVWUDV-AEAYAGhpG7mv_1zaN4oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1Vle0Y0JIAlvdm_9HUfcsqcQBCgA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1638544
cf-polished
origSize=115129, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
75430
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XWK1z65zqhztHlCYYwJnr8ZwT20WvQwO%2FzEwSkvAiLkcOJ2y8WNmG9FWZA%2BY6NMycNsAuZkmdiJ9pwqDNwF6OHuBKwmUqCL8lQT6HupE7b7hmCeFmvyndNn%2BsCTT1i%2FqhrCqsesn3i5PUIp"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ea5bee8be191e30-FRA
expires
Sat, 22 Jul 2023 19:10:44 GMT
AC141A5CBB54977B2534F8C53AC3663BEDFA436FAE3ACD4988B6899C9BB97ACFAD4B76B4BA1B0B0E1691596C153E31B849811DF48CAC56F53701C63564F90B6A
assets.ad4m.at/product_image/ Frame E970 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/AC141A5CBB54977B2534F8C53AC3663BEDFA436FAE3ACD4988B6899C9BB97ACFAD4B76B4BA1B0B0E1691596C153E31B849811DF48CAC56F53701C63564F90B6A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C183975%2C34719&b=YxGfrf3f9RxFVH9HetQtRR8ckS1T4pJcJQ%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=q4VSmfWfbPBuZHgHDtRCXXxaeSgTA2japQ%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=728&d=90&e=&g=4c6712363cc1126424080b1ca6a45b04%2F1009454974025483350&i=20774%2C20597%2C26474&j=14%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1689966644256&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g06wskc7mphr6eketntsjk2mk7b6w5w7rw4mqhzqbsedgceh1qzj01xvxxmm12j2jm12vje1xzvbq25hzs6tfc11x2bejcjktqhkp1tnbfvam6gyp0nfvc2dfq278bgzx3we3dwjzjb7dgtzsxg03czegh32z5s54wb73stdnw6bhr19qba3b591s586ws18ttet3jznv9px852tjnjpyradz9swmfvr426gkh90sas5p2w49rwaqn8y9mndzsndp2tz2v0n272k8e6g93g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvevWM9i6ZIi_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgQJP0F1pO3yX67ZzeK1a9e8mcP7zqajDgx-vVyjCHkUr2fBiDi1fWwR1Q9Z9FymkY3BlVDAAikbKp1gkb6bse2j9kLbI5vcHSYG0NVpTHy8pqn34nb7fcQgCrGFa8RtQtE6yhLp0ccXYR4F40XaC6eLeMVD9UcmRSrZz773Wp7ob0ybSCdywsKlRQ2GLel2IN5Nhv-ypp9zjAzJ0kyL5jY9wG-NSi_KUikurnIMMttHBSpxFWUJAxK8K8T_HcrpCO-I4ENnOJLoBJXb-AfOAYc0MlD2ArxifhvDeDqS7p1UAAu2rTtlzjEWMhDi3DbT2kjMPtNJvcm7vmM2z2ViYVWUDV-AEAYAGhpG7mv_1zaN4oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1Vle0Y0JIAlvdm_9HUfcsqcQBCgA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e71afd53d34b1a32c15ee776f34aa51869e45820afcc130ee01477b7e9e275e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1741370
cf-polished
qual=85, origFmt=jpeg, origSize=156576
alt-svc
h3=":443"; ma=86400
content-length
34068
cf-bgj
imgq:85,h2pri
last-modified
Tue, 19 Oct 2021 12:48:35 GMT
server
cloudflare
etag
"451fa9b02ae7953b9311aefac697be7e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=huzx0bCVGbFfOnNmd4gZH6lK3MjaOLryNcsL0QKFd5IkAfjxCJq%2BhzIQ5O5uUZkwIPJlxQiCEDW%2BOqwTT%2FLn0HFzWgsOR8h5dmWW3U5l6Nh3GfBhNXr66SCmd6c9vHPfr6zdMCwM5lglr4Q8"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ea5bee8ce2c1e30-FRA
expires
Sat, 22 Jul 2023 19:10:44 GMT
/
partner.o2online.de/a/ Frame E970
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CI-Uo6zAoIADFePzEQgdYFsEhQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117683V1226132702M&subid=viewoneidYxGfrf3f9RxFVH9HetQtRR8ckS1T4pJcJQoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117683V1226132702M&subid=viewoneidYxGfrf3f9RxFVH9HetQtRR8ckS1T4pJcJQoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023072121104487051631065X117683V1226132702MSviewoneidYxGfrf3f9RxFVH9HetQtRR8ckS1T4pJcJQoneid__suite_N...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023072121104487051631065X117683V1226132702MSviewoneidYxGfrf3f9RxFVH9HetQtRR8ckS1T4pJcJQoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&cons=0&spid=2023072121104487051631065X117683V1226132702MSviewoneidYxGfrf3f9RxFVH9HetQtRR8ckS1T4pJcJQoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&wfid=117683&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C183975%2C34719&b=YxGfrf3f9RxFVH9HetQtRR8ckS1T4pJcJQ%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=q4VSmfWfbPBuZHgHDtRCXXxaeSgTA2japQ%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=728&d=90&e=&g=4c6712363cc1126424080b1ca6a45b04%2F1009454974025483350&i=20774%2C20597%2C26474&j=14%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1689966644256&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g06wskc7mphr6eketntsjk2mk7b6w5w7rw4mqhzqbsedgceh1qzj01xvxxmm12j2jm12vje1xzvbq25hzs6tfc11x2bejcjktqhkp1tnbfvam6gyp0nfvc2dfq278bgzx3we3dwjzjb7dgtzsxg03czegh32z5s54wb73stdnw6bhr19qba3b591s586ws18ttet3jznv9px852tjnjpyradz9swmfvr426gkh90sas5p2w49rwaqn8y9mndzsndp2tz2v0n272k8e6g93g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvevWM9i6ZIi_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgQJP0F1pO3yX67ZzeK1a9e8mcP7zqajDgx-vVyjCHkUr2fBiDi1fWwR1Q9Z9FymkY3BlVDAAikbKp1gkb6bse2j9kLbI5vcHSYG0NVpTHy8pqn34nb7fcQgCrGFa8RtQtE6yhLp0ccXYR4F40XaC6eLeMVD9UcmRSrZz773Wp7ob0ybSCdywsKlRQ2GLel2IN5Nhv-ypp9zjAzJ0kyL5jY9wG-NSi_KUikurnIMMttHBSpxFWUJAxK8K8T_HcrpCO-I4ENnOJLoBJXb-AfOAYc0MlD2ArxifhvDeDqS7p1UAAu2rTtlzjEWMhDi3DbT2kjMPtNJvcm7vmM2z2ViYVWUDV-AEAYAGhpG7mv_1zaN4oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1Vle0Y0JIAlvdm_9HUfcsqcQBCgA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Fri, 21 Jul 2023 19:10:44 GMT
X-NODEIP
46.4.62.19
Server
nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023072121104487051631065X117683V1226132702MSviewoneidYxGfrf3f9RxFVH9HetQtRR8ckS1T4pJcJQoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&cons=0&spid=2023072121104487051631065X117683V1226132702MSviewoneidYxGfrf3f9RxFVH9HetQtRR8ckS1T4pJcJQoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&wfid=117683&partnerid=12218
date
Fri, 21 Jul 2023 19:10:44 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame E970 		219 KB
220 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C183975%2C34719&b=YxGfrf3f9RxFVH9HetQtRR8ckS1T4pJcJQ%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=q4VSmfWfbPBuZHgHDtRCXXxaeSgTA2japQ%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=728&d=90&e=&g=4c6712363cc1126424080b1ca6a45b04%2F1009454974025483350&i=20774%2C20597%2C26474&j=14%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1689966644256&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g06wskc7mphr6eketntsjk2mk7b6w5w7rw4mqhzqbsedgceh1qzj01xvxxmm12j2jm12vje1xzvbq25hzs6tfc11x2bejcjktqhkp1tnbfvam6gyp0nfvc2dfq278bgzx3we3dwjzjb7dgtzsxg03czegh32z5s54wb73stdnw6bhr19qba3b591s586ws18ttet3jznv9px852tjnjpyradz9swmfvr426gkh90sas5p2w49rwaqn8y9mndzsndp2tz2v0n272k8e6g93g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvevWM9i6ZIi_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgQJP0F1pO3yX67ZzeK1a9e8mcP7zqajDgx-vVyjCHkUr2fBiDi1fWwR1Q9Z9FymkY3BlVDAAikbKp1gkb6bse2j9kLbI5vcHSYG0NVpTHy8pqn34nb7fcQgCrGFa8RtQtE6yhLp0ccXYR4F40XaC6eLeMVD9UcmRSrZz773Wp7ob0ybSCdywsKlRQ2GLel2IN5Nhv-ypp9zjAzJ0kyL5jY9wG-NSi_KUikurnIMMttHBSpxFWUJAxK8K8T_HcrpCO-I4ENnOJLoBJXb-AfOAYc0MlD2ArxifhvDeDqS7p1UAAu2rTtlzjEWMhDi3DbT2kjMPtNJvcm7vmM2z2ViYVWUDV-AEAYAGhpG7mv_1zaN4oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1Vle0Y0JIAlvdm_9HUfcsqcQBCgA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ae6a18b973d0fbd53cd575408e3720cec1b94418b180ab6b83a82611eb1906

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1639217
cf-polished
origSize=233620, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
224653
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:10:51 GMT
server
cloudflare
etag
"d1d171dd651522f41a2fc0dba256a546"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XtPm5oiTgmrKsqE9c4JflZAAoLIku7lJrYBd%2BPJcx7a7f5%2BPoRbRnwi8k9GtEOrlzCTlkAbS4%2FCaTUelYWmJH8%2FalCoACZOgrXJGr7l%2FOdp5TSbE2E3EXsjWkTVQq3z7SrevIacseFiztTgW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ea5bee8ce321e30-FRA
expires
Sat, 22 Jul 2023 19:10:44 GMT
1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame E970 		637 KB
637 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C183975%2C34719&b=YxGfrf3f9RxFVH9HetQtRR8ckS1T4pJcJQ%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=q4VSmfWfbPBuZHgHDtRCXXxaeSgTA2japQ%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=728&d=90&e=&g=4c6712363cc1126424080b1ca6a45b04%2F1009454974025483350&i=20774%2C20597%2C26474&j=14%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1689966644256&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g06wskc7mphr6eketntsjk2mk7b6w5w7rw4mqhzqbsedgceh1qzj01xvxxmm12j2jm12vje1xzvbq25hzs6tfc11x2bejcjktqhkp1tnbfvam6gyp0nfvc2dfq278bgzx3we3dwjzjb7dgtzsxg03czegh32z5s54wb73stdnw6bhr19qba3b591s586ws18ttet3jznv9px852tjnjpyradz9swmfvr426gkh90sas5p2w49rwaqn8y9mndzsndp2tz2v0n272k8e6g93g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvevWM9i6ZIi_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgQJP0F1pO3yX67ZzeK1a9e8mcP7zqajDgx-vVyjCHkUr2fBiDi1fWwR1Q9Z9FymkY3BlVDAAikbKp1gkb6bse2j9kLbI5vcHSYG0NVpTHy8pqn34nb7fcQgCrGFa8RtQtE6yhLp0ccXYR4F40XaC6eLeMVD9UcmRSrZz773Wp7ob0ybSCdywsKlRQ2GLel2IN5Nhv-ypp9zjAzJ0kyL5jY9wG-NSi_KUikurnIMMttHBSpxFWUJAxK8K8T_HcrpCO-I4ENnOJLoBJXb-AfOAYc0MlD2ArxifhvDeDqS7p1UAAu2rTtlzjEWMhDi3DbT2kjMPtNJvcm7vmM2z2ViYVWUDV-AEAYAGhpG7mv_1zaN4oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1Vle0Y0JIAlvdm_9HUfcsqcQBCgA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48544d39ceaebb01d8e31886a19c82330f02125740397558bb0baa16b81b8c6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1994429
cf-polished
origSize=731561, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
651990
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:03:31 GMT
server
cloudflare
etag
"1b69278243c107df5b11186b1f6ca585"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zUSz9xu2BPjhiI5Z1pwzZ%2FSiyFKixgh9zvRFf5nw4GO3zJLypl5LIPZO7TZu6MbixDpnA0pfgrPLhDdEnDJPzYovbyxKoLwKA3P2fG6vOCR2PjLVbsowjeFqD5SPIZx4854AojNk5YfTnaIM"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ea5bee8ce331e30-FRA
expires
Sat, 22 Jul 2023 19:10:44 GMT
E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame E970 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C183975%2C34719&b=YxGfrf3f9RxFVH9HetQtRR8ckS1T4pJcJQ%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=q4VSmfWfbPBuZHgHDtRCXXxaeSgTA2japQ%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=728&d=90&e=&g=4c6712363cc1126424080b1ca6a45b04%2F1009454974025483350&i=20774%2C20597%2C26474&j=14%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1689966644256&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g06wskc7mphr6eketntsjk2mk7b6w5w7rw4mqhzqbsedgceh1qzj01xvxxmm12j2jm12vje1xzvbq25hzs6tfc11x2bejcjktqhkp1tnbfvam6gyp0nfvc2dfq278bgzx3we3dwjzjb7dgtzsxg03czegh32z5s54wb73stdnw6bhr19qba3b591s586ws18ttet3jznv9px852tjnjpyradz9swmfvr426gkh90sas5p2w49rwaqn8y9mndzsndp2tz2v0n272k8e6g93g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvevWM9i6ZIi_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgQJP0F1pO3yX67ZzeK1a9e8mcP7zqajDgx-vVyjCHkUr2fBiDi1fWwR1Q9Z9FymkY3BlVDAAikbKp1gkb6bse2j9kLbI5vcHSYG0NVpTHy8pqn34nb7fcQgCrGFa8RtQtE6yhLp0ccXYR4F40XaC6eLeMVD9UcmRSrZz773Wp7ob0ybSCdywsKlRQ2GLel2IN5Nhv-ypp9zjAzJ0kyL5jY9wG-NSi_KUikurnIMMttHBSpxFWUJAxK8K8T_HcrpCO-I4ENnOJLoBJXb-AfOAYc0MlD2ArxifhvDeDqS7p1UAAu2rTtlzjEWMhDi3DbT2kjMPtNJvcm7vmM2z2ViYVWUDV-AEAYAGhpG7mv_1zaN4oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1Vle0Y0JIAlvdm_9HUfcsqcQBCgA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1640719
cf-polished
qual=85, origFmt=jpeg, origSize=58124
alt-svc
h3=":443"; ma=86400
content-length
9782
cf-bgj
imgq:85,h2pri
last-modified
Fri, 08 Jul 2022 10:19:52 GMT
server
cloudflare
etag
"b4342e277c43aad9c5020a04564bfd1e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omoFr58erZRIbKyZwd5kUkgwFyFwqRDTBr%2F0FC1vefpKxXk7cp1M9Ul7JRCAcRE47ZduRqaSRbL0MDbBJT6pmhQW0rQKK2%2FGhtd%2FkAZGlNIYQM%2FYQdY3tLA9EQo8Rw9byM7KGfNTbJ3ue3Ci"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ea5bee8ce351e30-FRA
expires
Sat, 22 Jul 2023 19:10:44 GMT
2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
assets.ad4m.at/ Frame E970 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C183975%2C34719&b=YxGfrf3f9RxFVH9HetQtRR8ckS1T4pJcJQ%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=q4VSmfWfbPBuZHgHDtRCXXxaeSgTA2japQ%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=728&d=90&e=&g=4c6712363cc1126424080b1ca6a45b04%2F1009454974025483350&i=20774%2C20597%2C26474&j=14%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1689966644256&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g06wskc7mphr6eketntsjk2mk7b6w5w7rw4mqhzqbsedgceh1qzj01xvxxmm12j2jm12vje1xzvbq25hzs6tfc11x2bejcjktqhkp1tnbfvam6gyp0nfvc2dfq278bgzx3we3dwjzjb7dgtzsxg03czegh32z5s54wb73stdnw6bhr19qba3b591s586ws18ttet3jznv9px852tjnjpyradz9swmfvr426gkh90sas5p2w49rwaqn8y9mndzsndp2tz2v0n272k8e6g93g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvevWM9i6ZIi_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgQJP0F1pO3yX67ZzeK1a9e8mcP7zqajDgx-vVyjCHkUr2fBiDi1fWwR1Q9Z9FymkY3BlVDAAikbKp1gkb6bse2j9kLbI5vcHSYG0NVpTHy8pqn34nb7fcQgCrGFa8RtQtE6yhLp0ccXYR4F40XaC6eLeMVD9UcmRSrZz773Wp7ob0ybSCdywsKlRQ2GLel2IN5Nhv-ypp9zjAzJ0kyL5jY9wG-NSi_KUikurnIMMttHBSpxFWUJAxK8K8T_HcrpCO-I4ENnOJLoBJXb-AfOAYc0MlD2ArxifhvDeDqS7p1UAAu2rTtlzjEWMhDi3DbT2kjMPtNJvcm7vmM2z2ViYVWUDV-AEAYAGhpG7mv_1zaN4oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1Vle0Y0JIAlvdm_9HUfcsqcQBCgA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7992882aa0838cd9d41c9e9bcef9e10576c790b9a325c060e2a8ab00922876

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1809614
cf-polished
degrade=85, origSize=176144, status=webp_bigger
alt-svc
h3=":443"; ma=86400
content-length
85317
cf-bgj
imgq:85,h2pri
last-modified
Wed, 26 Apr 2023 15:13:36 GMT
server
cloudflare
etag
"de500d9f72516b39943c63adb21d5ebe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r4vVJytaQE7a%2FCT0BNj0NEBLqLM%2Bk7HZj1GSzIT3bdBuT3Q4Jzpl8%2F4uRKk%2FQKDZ7dbeMbGNAOu11zX11eOvNJuo5XJmUkyF43aRkHfOvhfJpElb5G6sQ%2FGKlDbpjkRqRzabU%2F1ACFe%2FS2aN"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ea5bee8ce361e30-FRA
expires
Sat, 22 Jul 2023 19:10:44 GMT
2aed39855b5f46b7651ba591340f258c
pv.medialead.de/trck/epv/ Frame E970 		0
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/epv/2aed39855b5f46b7651ba591340f258c?t=htlp&subid=wkzMotivBoneidZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C183975%2C34719&b=YxGfrf3f9RxFVH9HetQtRR8ckS1T4pJcJQ%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=q4VSmfWfbPBuZHgHDtRCXXxaeSgTA2japQ%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=728&d=90&e=&g=4c6712363cc1126424080b1ca6a45b04%2F1009454974025483350&i=20774%2C20597%2C26474&j=14%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1689966644256&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g06wskc7mphr6eketntsjk2mk7b6w5w7rw4mqhzqbsedgceh1qzj01xvxxmm12j2jm12vje1xzvbq25hzs6tfc11x2bejcjktqhkp1tnbfvam6gyp0nfvc2dfq278bgzx3we3dwjzjb7dgtzsxg03czegh32z5s54wb73stdnw6bhr19qba3b591s586ws18ttet3jznv9px852tjnjpyradz9swmfvr426gkh90sas5p2w49rwaqn8y9mndzsndp2tz2v0n272k8e6g93g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvevWM9i6ZIi_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgQJP0F1pO3yX67ZzeK1a9e8mcP7zqajDgx-vVyjCHkUr2fBiDi1fWwR1Q9Z9FymkY3BlVDAAikbKp1gkb6bse2j9kLbI5vcHSYG0NVpTHy8pqn34nb7fcQgCrGFa8RtQtE6yhLp0ccXYR4F40XaC6eLeMVD9UcmRSrZz773Wp7ob0ybSCdywsKlRQ2GLel2IN5Nhv-ypp9zjAzJ0kyL5jY9wG-NSi_KUikurnIMMttHBSpxFWUJAxK8K8T_HcrpCO-I4ENnOJLoBJXb-AfOAYc0MlD2ArxifhvDeDqS7p1UAAu2rTtlzjEWMhDi3DbT2kjMPtNJvcm7vmM2z2ViYVWUDV-AEAYAGhpG7mv_1zaN4oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1Vle0Y0JIAlvdm_9HUfcsqcQBCgA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.130 Valence, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Fri, 21 Jul 2023 19:10:44 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
253A3AF6:8208_91EFC182:01BB_64BAD834_FB3627E:1ECFC
X-IPLB-Instance
40028
Vary
Origin
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Request-ID
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Jul 2023 19:10:44 GMT
link.html
track.webgains.com/ Frame E970 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hbmye29a3dvbq2v0phaymk1krps2s0f6s740mky7jrfw9m0s86amhkvymgw5fw5vcj1fwk8bxw4nr769hcd2dxzqn4n36sxjdkpqt12fcwt643f97342ya7d4tktwbakn9x624qq4fpqszh4j4nb80m55qw1vs5jkwkz8mzz0htq4sn44cwcy28wxm4gczvq07wwwt8tkqvrkgj7aqd73cy7kqmarkaz8cathgpjfpkp6ee3z58ppepn0akfpkyczr0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g06wskc7mphr6eketntsjk2mk7b6w5w7rw4mqhzqbsedgceh1qzj01xvxxmm12j2jm12vje1xzvbq25hzs6tfc11x2bejcjktqhkp1tnbfvam6gyp0nfvc2dfq278bgzx3we3dwjzjb7dgtzsxg03czegh32z5s54wb73stdnw6bhr19qba3b591s586ws18ttet3jznv9px852tjnjpyradz9swmfvr426gkh90sas5p2w49rwaqn8y9mndzsndp2tz2v0n272k8e6g93g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCvevWM9i6ZIi_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgQJP0F1pO3yX67ZzeK1a9e8mcP7zqajDgx-vVyjCHkUr2fBiDi1fWwR1Q9Z9FymkY3BlVDAAikbKp1gkb6bse2j9kLbI5vcHSYG0NVpTHy8pqn34nb7fcQgCrGFa8RtQtE6yhLp0ccXYR4F40XaC6eLeMVD9UcmRSrZz773Wp7ob0ybSCdywsKlRQ2GLel2IN5Nhv-ypp9zjAzJ0kyL5jY9wG-NSi_KUikurnIMMttHBSpxFWUJAxK8K8T_HcrpCO-I4ENnOJLoBJXb-AfOAYc0MlD2ArxifhvDeDqS7p1UAAu2rTtlzjEWMhDi3DbT2kjMPtNJvcm7vmM2z2ViYVWUDV-AEAYAGhpG7mv_1zaN4oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1Vle0Y0JIAlvdm_9HUfcsqcQBCgA%252526client%25253Dca-pub-5144389657785565%252526adurl%25253D&clickref=oneidBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&viewref=oneidgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMPoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C183975%2C34719&b=YxGfrf3f9RxFVH9HetQtRR8ckS1T4pJcJQ%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=q4VSmfWfbPBuZHgHDtRCXXxaeSgTA2japQ%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=728&d=90&e=&g=4c6712363cc1126424080b1ca6a45b04%2F1009454974025483350&i=20774%2C20597%2C26474&j=14%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1689966644256&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g06wskc7mphr6eketntsjk2mk7b6w5w7rw4mqhzqbsedgceh1qzj01xvxxmm12j2jm12vje1xzvbq25hzs6tfc11x2bejcjktqhkp1tnbfvam6gyp0nfvc2dfq278bgzx3we3dwjzjb7dgtzsxg03czegh32z5s54wb73stdnw6bhr19qba3b591s586ws18ttet3jznv9px852tjnjpyradz9swmfvr426gkh90sas5p2w49rwaqn8y9mndzsndp2tz2v0n272k8e6g93g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvevWM9i6ZIi_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgQJP0F1pO3yX67ZzeK1a9e8mcP7zqajDgx-vVyjCHkUr2fBiDi1fWwR1Q9Z9FymkY3BlVDAAikbKp1gkb6bse2j9kLbI5vcHSYG0NVpTHy8pqn34nb7fcQgCrGFa8RtQtE6yhLp0ccXYR4F40XaC6eLeMVD9UcmRSrZz773Wp7ob0ybSCdywsKlRQ2GLel2IN5Nhv-ypp9zjAzJ0kyL5jY9wG-NSi_KUikurnIMMttHBSpxFWUJAxK8K8T_HcrpCO-I4ENnOJLoBJXb-AfOAYc0MlD2ArxifhvDeDqS7p1UAAu2rTtlzjEWMhDi3DbT2kjMPtNJvcm7vmM2z2ViYVWUDV-AEAYAGhpG7mv_1zaN4oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1Vle0Y0JIAlvdm_9HUfcsqcQBCgA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.134.113.28 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-134-113-28.eu-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
server
awselb/2.0
content-length
45
content-type
text/html
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 483E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.paleohacks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1276
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Jul 2023 18:49:28 GMT
expires
Sat, 20 Jul 2024 18:49:28 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1FFC 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d5b4220c763cf3969a312deb7c95adeee817351a6c1b5485cf7c607199a496b6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JEnrHhIN42KLs7rbPk9UMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blog.paleohacks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-JEnrHhIN42KLs7rbPk9UMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 21 Jul 2023 19:10:44 GMT
expires
Fri, 21 Jul 2023 19:10:44 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js
pagead2.googlesyndication.com/bg/ Frame 483E 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 06:37:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
45185
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14598
x-xss-protection
0
last-modified
Tue, 18 Jul 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Jul 2024 06:37:39 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1FFC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307110101&jk=1445756710213098&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 483E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?GvlUYg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 19:10:44 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 3342 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8WSANWZPs3VuU6RRBQeRgA4sa2KC-KvLureznFs_b5z11sosaMMaxwFTQvHZhOYhto2iwt8sjHs30vYCp3hKXeHD1&sig=Cg0ArKJSzFLwDX1vSi3dEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3129430941&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689966643905&rpt=145&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 02DE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssAZ8ZR9N7ddjXsqZ4yKvWWbB5TJLLOylZoa48CifkyUQROhck4Vru9fnUsljNVHJgbPrXzK-6T9Yfe81FqyWiQfcr1&sig=Cg0ArKJSzOrgyZ_VN6uVEAE&id=lidar2&mcvt=1002&p=1110,436,1200,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2912191614&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689966643846&rpt=177&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 19:10:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307110101&jk=1445756710213098&bg=!r6ylrPjNAAZsPphkTD47ADkAdvg8WvotODfXzV47DyaFyxrZtVfUnYstV1BbK4GJirzQ6CVzPoO0SI-TRc4SmjgHe5vXFjN3wngCAAAAS1IAAAAFaAEHmQLzOpAZbIRhcstqVQTe1Om1KO6uNsUtAXgytBCpfn2TBOWG_dCU6f_AJ5mSXpSC5j7nzkLLQ1trlB2TbUsrGDyNEA18BO4fA4j1e0Pi5lY5MOHrxkpNpZ4MEeUWBlyqNq-SNT9gtpXbL2Q8g6KWI6wl9yZKBTRrnUg5PYyK_lGYhx9qY55-e7Lc8NteqBE9Acuni87mVgbyld223TZ2536Ktix7in0hckhoAsoQSEhFOUZFFtMRrKBzgWNiAII-RN03G1iKa7SDUM_LMx_UUNiKPyuhk_H0R1YNF7gozfk_phZ5FU4CbodWiws-0EiMIQbA9aG4KNjjE74ZtgTHTNvHIaji45DLW7crBwGB5z-jjgfA2LnYZZrYszO6cyCicTu6OW9_gUMtpbPbkGzKOjP-msdXpGkXhfIxwiS-jxXN9aEhAH9QNJwX6DUyF3BMVBTva05X7hF-XzjubdTU6AbGWHvaOljr5GRceaqc0mcEveOgCNewt1R3Ej5Ffwx2a9gRYCwKNExIh3WdefpiPMLn1eucvvtDf08G89mK1nYVsNz0hOWdpIpadIPBWBigHKl1spiSMK6tMbLZiwt6hVqq2ZUsvJbhPmcXup4nImMiXLZDO3wn1kdBMLU3opZF5opk_ZtiJHnmUe1jycuG5wF9l4fb0bxMpXLfJNCjl1g2CwERWqA-ZkP1RCfqmzXQ5sF0Dz-23s1aUGkrxAjRxxUWWpfZfuPYWLjUMjSRhNLdyVyLboB9B3J6vBHOtUkfKunCMAieQ34f2dsxRzhyIQksd1dODIC4ChiOihcEoLUGNKReb8tKg1MGpjsWbl13WaC875OGK8yRXHq5GAvfTaUph7_4B7oSFzy6KwYpUIbyyFRsPTT19vw05mJxrTxmE_smk5GJBFiCOyxjwZIWoJwtUyQHnNwSRb7hO7IJi8SHDosAfWI2CASCKupPcVNKKgoIGIyRHFa0vDYyBGlOzCy4kEj3OWaBUQi559A4bd27dgm7sIU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.paleohacks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers
/
api-js.mixpanel.com/track/ 		25 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1689966646090
Requested by
Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.241.186.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://blog.paleohacks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Fri, 21 Jul 2023 19:10:46 GMT
via
1.1 google
server
envoy
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://blog.paleohacks.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
23
access-control-allow-headers
X-Requested-With
content-length
25
alt-svc
clear

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.ipify.org
URL
https://api.ipify.org/?format=json
Domain
api.ipify.org
URL
https://api.ipify.org/?format=json
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEISZ634hCRZMlqGr-z51PFo&google_cver=1&google_push=AaAOQGFWex_e6Cz3JSWomsedl6dh2pH0Gqa3MF-x2w6SoQ81s6qP9i2JUCCu-IznW5v4RAUbkOaoXun_W_JG9hT4tDbboB1xTi9SZ88

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| gform string| gtm4wp_datalayer_name object| dataLayer function| advanced_ads_ready function| $ function| jQuery object| advads_options object| advads object| ct_ultimate_gdpr_cookie_list object| advanced_ads_pro_ajax_object object| advanced_ads_pro object| advads_pro_utils object| Advads_passive_cb_Conditions object| advanced_ads_group_refresh function| Advads_passive_cb_Placement function| Advads_passive_cb_Ad function| Advads_passive_cb_Group function| advads_postscribe object| head object| script function| powerpress_pinw object| dataLayer_content object| advadsCfpQueue function| advadsCfpAd object| googletag object| _mNHandle string| medianet_versionId object| FB object| __buffer object| _mN object| _mNSrv function| setup undefined| _mN_ctr string| _mN_Idf string| _mN_ctrM function| _lr function| _ld object| _mNDetails undefined| _mNE object| google_tag_manager object| google_tag_data object| GooglebQhCsO string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| _fbq_gtm_ids function| pintrk object| mixpanel object| ggeac object| google_js_reporting_queue object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady undefined| google_measure_js_timing function| processGoogleToken object| googleToken object| googleIMState number| google_unique_id boolean| safetyCheck function| showFancyLeadboxes object| LEADBOX function| checkGeolocation function| hideCookiePopupUSA object| ct_ultimate_gdpr_cookie object| shared_counts number| PIN_19559 object| paleo_popup function| show_optin function| setCookie function| getCookie object| advanced_ads_sticky_settings function| advanced_ads_sticky_check_position_fixed object| addComment function| ga_skiplinks object| maiVars function| _maiGetHashElement function| _maiGlobalFunctions object| bodyScrollLock object| jQuery1124041145070102324 object| basicScroll object| maiScroll object| sso_js_array function| SSPOPopenDialog function| sspop_PinterestCloseCallback function| sspop_FacebookCloseCallback function| sspop_TwitterCloseCallback function| sspop_OtherMediaCloseCallback function| sspop_createCookie function| sspop_readCookie function| sspop_eraseCookie function| sspop_show_after_fblikepop function| sspop_show_after_follow_pin object| advads_ajax_queries object| advads_has_ads object| advads_ajax_queries_args object| PIN_1689966641434 string| value object| key object| PinUtils boolean| __attnLoaded object| attn_d0x0b_evt object| attentive string| __attentive_domain object| __attentive object| __attentive_cfg boolean| __poll_for_path_change string| attn_d0x0b_cfg object| advads_passive_ads object| advads_passive_groups object| advads_passive_placements object| advads_placement_tests object| advads_js_items object| advadsProCfp function| formFrameClosed object| ae417310535411e38f960800200c9a66 string| apiURL function| getUrlParameter function| getTheCookie string| sPageURL object| sURLVariables string| activity_id undefined| client_ip_address object| sParameterName object| advanced_ads_sticky_items object| GoogleGcLKhOms object| google_image_requests

58 Cookies

Domain/Path Name / Value
blog.paleohacks.com/protein-smoothies Name: phvid
Value: 155746179
links.paleohacks-mailing.com/ Name: _session_id
Value: ea4304d73b38961c2c58830394a604e7
.paleohacks.com/ Name: _gid
Value: GA1.2.906201907.1689966641
.paleohacks.com/ Name: _gat_UA-42752472-1
Value: 1
.paleohacks.com/ Name: mp_094f94d6c32bfa82583bca2dbfc9eb1a_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%24device%3A18979dc7fc5e29-0526e7b4bc8575-693c5154-1d4c00-18979dc7fc5e29%22%2C%22%24device_id%22%3A%20%2218979dc7fc5e29-0526e7b4bc8575-693c5154-1d4c00-18979dc7fc5e29%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.paleohacks.com/ Name: _ga_QMKQQWEFHC
Value: GS1.1.1689966641.1.0.1689966641.60.0.0
.paleohacks.com/ Name: _fbp
Value: fb.1.1689966641185.7796007
.paleohacks.com/ Name: _dc_gtm_UA-81910700-1
Value: 1
.blog.paleohacks.com/ Name: _pin_unauth
Value: dWlkPVpqUTRPRFZtWm1JdE5tTm1ZeTAwTnpBNUxXSXhOMll0T1dKa1pXUm1abVF3TkRVNA
blog.paleohacks.com/ Name: session_depth
Value: blog.paleohacks.com%3D1%7C726657258%3D1
.doubleclick.net/ Name: IDE
Value: AHWqTUl3MTpnBEOpAO30Wu8D-kQ9DCuUIwOap8obGxFeXn7y8rCcDkstVNlF_8YkmM8
.paleohacks.com/ Name: _ga
Value: GA1.2.1509868738.1689966641
.paleohacks.com/ Name: __gads
Value: ID=5e31b3aa8e0a61a9:T=1689966641:RT=1689966641:S=ALNI_MZKnnmKN3BnHMRwTnwqnbZioeJAEQ
.paleohacks.com/ Name: __gpi
Value: UID=00000c426ed18a24:T=1689966641:RT=1689966641:S=ALNI_MZg3PY6I9PPaKYXcAN8ZjIOcNhlgg
.w55c.net/ Name: wfivefivec
Value: VJAeKfh71QmVwt5
.adfarm1.adition.com/ Name: UserID1
Value: 7258351454442223759
.w55c.net/ Name: matchgoogle
Value: 5
.turn.com/ Name: uid
Value: 8522467970914790879
.innovid.com/ Name: uuid
Value: 34ed52d9-b935-4912-958e-64b8bd54e6bc-20230721 15:10:41
.paleohacks.com/ Name: __attentive_id
Value: 09fc05f232004f9084a2136c7f08f3ea
.paleohacks.com/ Name: _attn_
Value: eyJ1Ijoie1wiY29cIjoxNjg5OTY2NjQyMjQ0LFwidW9cIjoxNjg5OTY2NjQyMjQ0LFwibWFcIjoyMTkwMCxcImluXCI6ZmFsc2UsXCJ2YWxcIjpcIjA5ZmMwNWYyMzIwMDRmOTA4NGEyMTM2YzdmMDhmM2VhXCJ9In0=
blog.paleohacks.com/ Name: __attentive_cco
Value: 1689966642245
.paleohacks.com/ Name: __attentive_pv
Value: 1
.paleohacks.com/ Name: __attentive_ss_referrer
Value: ORGANIC
.paleohacks.com/ Name: __attentive_dv
Value: 1
blog.paleohacks.com/ Name: ph-popup
Value: shown
blog.paleohacks.com/ Name: advanced_ads_pro_server_info
Value: %7B%22vc_cache_reset%22%3A0%7D
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%225176F4F7-6956-4826-8BAC-E27AC29BA32A%22%7D
.quantserve.com/ Name: d
Value: EHMBCQHCKYEA
.quantserve.com/ Name: mc
Value: 64bad834-05245-7d0f1-4e280
.mathtag.com/ Name: mt_mop
Value: 4:1689966644
.blismedia.com/ Name: b
Value: 64BAD834B271BABFBF27B9DEBLIS
.ctnsnet.com/ Name: cid_0f8153dc3216470a8474fe519448c857
Value: 1
.ctnsnet.com/ Name: gid_CAESELwki-cOh_Saef214yyFVs0
Value: 1
.ctnsnet.com/ Name: cid_88e0bafad4f24602b7f597e2e491bf8b
Value: 1
.simpli.fi/ Name: suid
Value: F71BD05E10CB4F6CA1DE932D4CA8FDBA
.yahoo.com/ Name: A3
Value: d=AQABBDTYumQCEFgYRpArcxqE6xIoDOF8ztIFEgEBAQEpvGTEZAAAAAAA_eMAAA&S=AQAAAgwTLj18IAJdFRtphTVrUrA
.adform.net/ Name: C
Value: 1
.tribalfusion.com/ Name: ANON_ID
Value: adntuJuyTYEBErv6Y7og74FGrHIxxZbJbe6NaxcHF9Lbjfx0G2j8EQ0vKliZbeGZdNiO45QEaxIi1xEAmpSlPBk2Bn8
.bidswitch.net/ Name: c
Value: 1689966644
.bidswitch.net/ Name: tuuid_lu
Value: 1689966644
.adform.net/ Name: uid
Value: 4185617582247235919
.bidswitch.net/ Name: tuuid
Value: 1240fe8b-922d-477d-81c5-32d4a48b727a
.bidswitch.net/ Name: google_push
Value: AaAOQGHZ-YOImzs5P_y9SOv55MrDJbTEDw8lxbRpNHnqt_0zERXG60KE0DoRWcYb8zAbCRhxroi06WMZWNoK3LAx5ayTZpa4EkPXNkQE
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZLrYNAACjqOtZQA_
.doubleclick.net/ Name: APC
Value: Aa3gxNpIdGadKNQARzEuZ-Ws07zNrpuq6qdvNlrJ1lrgZDqbqiOkKg
.awin1.com/ Name: awpv20044
Value: 412871|1689966644|4ae8c4a0-27fa-11ee-9f97-223306a13768
.awin1.com/ Name: awpv11354
Value: 412871|1689966644|4ae9fd20-27fa-11ee-87f6-2265f034cf4c
.awin1.com/ Name: AWSESS
Value: 377129:2470185
www.conrad.de/ Name: HTLP_timestamp
Value: 1689966644828
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: YWtDpMdTkw0HpwzL2ZQ7osYRxBEuAU5xb4f9pehgU.s-1689966644-0-AXys2vdlC2MQP4zC29ApVYXcEQtafrGFpPQW9lF5QetI7gVXupeR9kb9qcJV1iyRZwHNPWq+gWzehJ/zrADGsMg=
.blau.de/ Name: nscT486
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTI3MDAwMDAwMDA2MTY4OTk2NjY0NHZsZWExZGUyMDIzMDcyMTIxMTA0NDg3MDUxNjMxMDYxWDExMzc1MlYxMjI1MTMxMTA2TVN2aWV3b25laWRSNVhmZ2Y2UUZYMjdUa0h3SDN0UXRkZEFGd1R6VDdnczdvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoNDNfVG9wUm90YU1vbnRoMTEzNzUy
.blau.de/ Name: nscQ486
Value: V
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2023072121104487051631061X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTI3MDAwMDAwMDA2MTY4OTk2NjY0NHZsZWExZGUyMDIzMDcyMTIxMTA0NDg3MDUxNjMxMDYxWDExMzc1MlYxMjI1MTMxMTA2T
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTI4MDAwMDAwMDA2MTY4OTk2NjY0NHZsZWExZGUyMDIzMDcyMTIxMTA0NDg3MDUxNjMxMDY5WDExNzcwM1YxMjI2MTMyNzAyTVN2aWV3b25laWQ3MnhjcWZnekhqWG1ydXJIWEhndEF0VlZlZkdUMVRNSkNNb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDQzX1RvcFJvdGFNb250aDExNzcwMw
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023072121104487051631069X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTI4MDAwMDAwMDA2MTY4OTk2NjY0NHZsZWExZGUyMDIzMDcyMTIxMTA0NDg3MDUxNjMxMDY5WDExNzcwM1YxMjI2MTMyNzAyT

32 Console Messages

Source Level URL
Text
security error URL: https://as.ad4m.at/ad/dr?ed=1httgmjmr6vqywqsb2v6k0bmdxgphhbveewss28mr1bhsr8tj0kapj9bmegjmqpf7vrd2a0wjrsbakrhkefz7n1a6ctc8p76sb0fxx0nc154m3kyawvh0y3k2x8ck0eqzdpvtfr525pnr99f29yjxjyhbttmznb0brfhbjv5gweam1zapq8w4a9v76nc1fp37gx8capsyz6zg9zrab6as1sa2b4nxs59q8g380ehz0hw19cnq5bb7f72ghhn95s0eqxg8k289fx4fe01acj5at1nt725j0mrwmbm5w9gemxg25vev0813j4vv0tndyhcrvqzpqcdxwjeaq1ck73eczewhy9ftfrb6ccc8bvhtf14n37dvdhj5603f5fqhj0vw3k74vwxr1146mt69bwe4ypxj2w9qx5r7sphndf2efwjzb5p32q0001w9zbkhdnf3hb7s2pa&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCn8SPMdi6ZPWnDYvygAf5p5rAA5DhgYRctqjCivACwI23ARABIABglYKAgLQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnlbeIAqqLI-4AIAqAMByAMCqgSKAk_QqJI-ptbxgyp-4NNH-I4QOJi37aZsbupnaLO-dtLrE_djFhYsZix2uVyXjA9kISs_mItqlr0k5mfkDEE1NJWlITRuIzE_QnXD8pW0GD7e_HL9OV4C19NcZU_HGEk749q8VeJt0j4PmcXsnPMcU4F8fzomeIdaDAni8-7AT2xppiAF9O-CiEYEdai91fhGm5letZXdHScq9F5-aQbgPHNWyzJ3h3qHCPmn0YxM0Jwv0uaXiXMLd84-5RcVPYXFEqShCrBum8nJloO2hfT5L9InAx1dxp_LMAK7a8aH_K_NsV3jBMosL0IKDVw8qXrxtS-ghX6jyYUx8WcfKzL8xY5txMlco02IiuBw4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0K5pXqbtJxp_ExzJAWbt7vL3QJDw%26client%3Dca-pub-5144389657785565%26adurl%3D
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
network error URL: https://api.ipify.org/?format=json
Message:
Failed to load resource: net::ERR_EMPTY_RESPONSE
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=50&e=&g=392ec81b69420783db767c07ffdbfebe%2F6022338115397866070&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1689966641726&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxdwfq6h178364rk071zyp7ws379rd1v8nnfq78tk99c0pcvf4bvvm489xk7fbnt3vb1fxcajeya0y1z603h9f840jfwrgapajrh6j8v68gs3rc1fz1z42p394dhm9atsc9rvksqf7rjt8hp4t92ppjpb90aqh0yhrjav2xtv8rdk0fq1791vy93e0sbws61dpc620czktqbbtn04kq03rvmvrfpjg7a91wzv7ptfyge8ynmeh1jdymwdg5edrw78nwc8b9mvegd7jp99jxagm4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCn8SPMdi6ZPWnDYvygAf5p5rAA5DhgYRctqjCivACwI23ARABIABglYKAgLQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnlbeIAqqLI-4AIAqAMByAMCqgSKAk_QqJI-ptbxgyp-4NNH-I4QOJi37aZsbupnaLO-dtLrE_djFhYsZix2uVyXjA9kISs_mItqlr0k5mfkDEE1NJWlITRuIzE_QnXD8pW0GD7e_HL9OV4C19NcZU_HGEk749q8VeJt0j4PmcXsnPMcU4F8fzomeIdaDAni8-7AT2xppiAF9O-CiEYEdai91fhGm5letZXdHScq9F5-aQbgPHNWyzJ3h3qHCPmn0YxM0Jwv0uaXiXMLd84-5RcVPYXFEqShCrBum8nJloO2hfT5L9InAx1dxp_LMAK7a8aH_K_NsV3jBMosL0IKDVw8qXrxtS-ghX6jyYUx8WcfKzL8xY5txMlco02IiuBw4AQBgAa30KrL2bTPoU2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0K5pXqbtJxp_ExzJAWbt7vL3QJDw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
network error URL: https://paleohacks.lpages.co/leadbox/1434c2873f72a2%3A13300845e746dc/5697423099822080/?lp-in-iframe=1&mpcampaignid=10048221&__fromjs=1
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://paleohacks.lpages.co/leadbox/1434c2873f72a2%3A13300845e746dc/5697423099822080/?lp-in-iframe=1&mpcampaignid=10048221&__fromjs=1
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://as.ad4m.at/ad/dr?ed=1jfzq3n978rqhz86vaq04bv946wt4kakznvhrfj58mxfwnqdzw8pcbxecn68ajbh1khfaszv6zwbebj4jew7699gp0spr63z3fmty5zxsy8qejv45aar81wd8e1mt65vfxg7zwephjh8qjc54c8z2dk1eat7yshnxp1n8f0xdjnzjynh952cwpbe0ehq8m0qj7gh0mfrs682ev1vjt1zz4sxmdzzcr5d3fdr6wfzxea36fxzaj9djtqzvkkdf4kt59wj1bj5k39p5gm9gsk29whw3pxy779wg8nkr6597c9wj2qw7nvh4ke3x7zqxgbpeqwq23y0er17qccv7t3aq94g477qbgwfw4xhg5z453xk02tck7m0ka5qp2rkym990ewna1mf74yf623pf5my8dh1e4q5tserbjyn5z52tgm1saq3fd80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8P5aM9i6ZIe_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgAJP0GHWMcR81Ylc3pgp46uQKqTkWb6HhmzxVcxwi6gxI6xlNRcGlUGTr2dkozjEvaItsvNdYCak_ZEJgwR0u20ySDRCX7k813XVI10T2GB8gDjKaNhyiZglCB8c1ihqDpLS6bSQrcaBdV4DGiaz008ZL9_4lH7YIxeZqgqieoP0MuwFv_x9dX_KyfZ9zna5BYB-jAG7UjgCp97MUGuKU1Ppga3immHuI7TzLCGU-QAgMrINhLvFzKNUYYVlS_46XA7m-mqdFjTZYomYCvoiWwRwqMlJ4eh-ZxLaNf5Qn_2alBWcDaHh9It0XNAdFSwMMeGWi6JlI5fkSQSg7XTavVfe4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2YXOyBCuxPX0M8hb04dTiy3pGF_Q%26client%3Dca-pub-5144389657785565%26adurl%3D
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://as.ad4m.at/ad/dr?ed=1ke5scfjqadcvm9g58s9zas2wddcprec5tzrcawqmvp9wt53jf6axed26mw81d11791vbe09nyapc93qgcdwsctk5dac8gc37h4qjaj0yjpfdrv7qam84s41akw7dmqk2d1pbkybn79w6apzx224cc7m6ba6ykwbxes8v9d9fdzs9gjpqcqyw41xed6ht0bhvgcdvecpw6hh7jxgnre7b6j1jjwygyjmav857tn26ey7wzejddy0yeydrx993ea7wec75w9e2y6ta9a1txp6z386mwf3kmpgcs1qy8avs8evh18nhn1w9ta8yb8r037vszqahza4r5m8cstjmx55k9a4gdbjt1rp28qrkfgc4ssq534qvm0qfd07hrqnkpwf90swg4w2grg2v86mdgbd9kmzqys6mw54068x8yrmxj3m4y65&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvevWM9i6ZIi_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgQJP0F1pO3yX67ZzeK1a9e8mcP7zqajDgx-vVyjCHkUr2fBiDi1fWwR1Q9Z9FymkY3BlVDAAikbKp1gkb6bse2j9kLbI5vcHSYG0NVpTHy8pqn34nb7fcQgCrGFa8RtQtE6yhLp0ccXYR4F40XaC6eLeMVD9UcmRSrZz773Wp7ob0ybSCdywsKlRQ2GLel2IN5Nhv-ypp9zjAzJ0kyL5jY9wG-NSi_KUikurnIMMttHBSpxFWUJAxK8K8T_HcrpCO-I4ENnOJLoBJXb-AfOAYc0MlD2ArxifhvDeDqS7p1UAAu2rTtlzjEWMhDi3DbT2kjMPtNJvcm7vmM2z2ViYVWUDV-AEAYAGhpG7mv_1zaN4oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Vle0Y0JIAlvdm_9HUfcsqcQBCgA%26client%3Dca-pub-5144389657785565%26adurl%3D
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://as.ad4m.at/ad/dr?ed=1hnb3jc6p52zbbncd6w6rjf9k1870qedcjh22p1j70jzxfc17xw82x9ad2adyss98f125h2b4pjp4yvmx60y0dpqwgpsbxabbzcb1xs0nbvr3w8k7ebtag5nsr9mecqxpvx8c2am39f5fza9d41d98fd8299kprm3nn4ysa0c98awpen24w5cw6excry7gbyv0vjx3w3q4bjpgmza02zd1tkwpygks6pprn1669s1yzdegm4p2kdc21722t8c7p4d6732gsfpwgrcf0s61nzsz3k44v01f1w5sv0c76nesxgqyjn4q84qae9pcn91g0x9v3tv1mpep2ek7v79jawx4dqn0pgyyvs6kma9s9zc48d8xd0g502x833dc4w9gq2t2z862cd0wmnybcnzc8gj8ydwzrw7rdf693exrxf474cs85eryjhx15726aymajh4gzkd605k4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiT-SM9i6ZIm_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEigJP0MyASFGl1c5ginUxYDANj1F2ylqaEEg7IT9maQIdqW4bARAt_XtQHBvEJu3MiHw3g7c8tMQhPzFQwIsvzbqIRHp4qAgUt4euCG_x4JfCMwx7_hvy2s4M-q_uxwyM7ICimDCfNPTrVZdDk0WsExIq0n0OWTGwXdst00EDxQwO3aQ_vQOW-2CElQLmc7LbmbKHsZLeZgF5xcMDM1Crw6028WjFE-f2U8h5QMXoIWmNGYeL-dNWwwri4jAC-naGZpIdPVsusT7sL_FOu5Do617PSwAPxqSYIPnoSUGh4sT3NPrqV7MHd2BMkjr_jOGP4h-U860PWrR9TolKNsFUchZqmrzZmkGG_PjRWeAEAYAGkvWh6ZqGvtcWoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0yKEy7pq4STHDcHe-LdYt2quKDFg%26client%3Dca-pub-5144389657785565%26adurl%3D
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://as.ad4m.at/ad/dr?ed=1kn6tt5qnee1w41yyj2y27wx8yqfecjvn0h5cs1a83b425temq8tpq399qr0vsr979xy7zzf5ajpxmw2s01x2z502f90j2ffahhexkhf3t0at797ben0b9xhyx3n3skfbj8t2keaw7q5ffqx57btkfznssjxt4mgk6amfcnymf2knwsy5hz4jc9epbv5r0nehhs4m6s8ckphgbptk9ed3hdvgytap10mqxa79av3vxysys03hjpvhtbacjs83h3qwjybhanca0etswy4zs8knbjavp0rrwzwtdsnvg20hfcb4kspt9hb100awyap91tcc1p4rb41ry604n5gns90qwv3sbks1srnnrdz9rvgg2xwng7k0pqddn237eg6s0m8sgf2dr3m4v5bdpstafnfn7a14zacjf4dj21waannen6va12k&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-5VpM9i6ZIq_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoElAJP0BErL4Qz4KYSSOSfO-TxjYSJw6a68vKcJkBTx4F3YkdKi0S94QdX7n1qrcA-myZ0-Fkqb0G4Jzmt_tYMpUs14JBeVbzr7wlmoLzshjQv4n5M5ezMOub12oGMlWD5NcgOi26D0DnZqaImaRu5hSW9zLR9VzK4HP-soRHzziv7UnVbUKqdCMGRqWSkQr2zaUmsBGV-r26bHOJZCwBc3xckK9aimFg5eTyG641KEfcQv2_5P4MlHe54JOrztY7bNiBhmsbIr-nitdyAxca98dyaosJZREDgcwoLReT775VmZ7v5aFi3X4VjTcpBhpm_Vzs8FvbkUeFpYzS5qWvJxpmeOvDemvxMWod1QP6Ad6CSpelEnWngBAGABpbepJTeoYKahgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3mqg9F4Pgi-eWOuF2wC9YBDx76Gw%26client%3Dca-pub-5144389657785565%26adurl%3D
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C117569&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=728&d=90&e=&g=d1d0b3cb090a29805ed3c9b1ca5df8db%2F7193449840633158726&i=20774%2C20773%2C29981&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1689966644160&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jv522n7hz5mt4d4a810qyv41jvw2ddrb2vxyxhjpdhp8vgjs6e1bpm3afp96vn0sgsypmrf7axhvqn86jq7pm4mje7zxa1w5971b0qwtkyrhb7776051a3frmephv6ck6aracg4vhxxegf9n3f1kytcwnm9q9yxhq1rgzrfy4mez4w6nrawmw32srmrtz8zg0jvaf3429xxnpk94d7y49bz8sap7q64nnbypbvked961z1xg312nqrzgf4d44qq4tdn6k0x34716cftc0kg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8P5aM9i6ZIe_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgAJP0GHWMcR81Ylc3pgp46uQKqTkWb6HhmzxVcxwi6gxI6xlNRcGlUGTr2dkozjEvaItsvNdYCak_ZEJgwR0u20ySDRCX7k813XVI10T2GB8gDjKaNhyiZglCB8c1ihqDpLS6bSQrcaBdV4DGiaz008ZL9_4lH7YIxeZqgqieoP0MuwFv_x9dX_KyfZ9zna5BYB-jAG7UjgCp97MUGuKU1Ppga3immHuI7TzLCGU-QAgMrINhLvFzKNUYYVlS_46XA7m-mqdFjTZYomYCvoiWwRwqMlJ4eh-ZxLaNf5Qn_2alBWcDaHh9It0XNAdFSwMMeGWi6JlI5fkSQSg7XTavVfe4AQBgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2YXOyBCuxPX0M8hb04dTiy3pGF_Q%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://as.ad4m.at/ad/rar?a=14019&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1&c=300&d=50&e=&g=553bc22f9e04fe0ee8d6f54e31b87b70%2F3308937503420575864&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1689966644256&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hxm7zw2mhzcery9e1jb43n1h3jj4yrtfv3j91smnkm02478zh2m05qz5qzvjkcnnx1hfdgke66ygtcqvmfs9rp4ea67ad7q0gtz7pgmpgk9e5d9jmxfgtxzfkjk1hy6wbtx0awh065ef4xphccm55jfe6jmrm4841q1yhd8fvafwjcsjqvv52xq9shhshw5wme9y11gmqh4g9a00t8wvvyydsaxw91nzwm9gwrd2e82fqzhwx1k6kftztnvs0q4xbw1rhhaw1msxb04ys80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-5VpM9i6ZIq_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoElAJP0BErL4Qz4KYSSOSfO-TxjYSJw6a68vKcJkBTx4F3YkdKi0S94QdX7n1qrcA-myZ0-Fkqb0G4Jzmt_tYMpUs14JBeVbzr7wlmoLzshjQv4n5M5ezMOub12oGMlWD5NcgOi26D0DnZqaImaRu5hSW9zLR9VzK4HP-soRHzziv7UnVbUKqdCMGRqWSkQr2zaUmsBGV-r26bHOJZCwBc3xckK9aimFg5eTyG641KEfcQv2_5P4MlHe54JOrztY7bNiBhmsbIr-nitdyAxca98dyaosJZREDgcwoLReT775VmZ7v5aFi3X4VjTcpBhpm_Vzs8FvbkUeFpYzS5qWvJxpmeOvDemvxMWod1QP6Ad6CSpelEnWngBAGABpbepJTeoYKahgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3mqg9F4Pgi-eWOuF2wC9YBDx76Gw%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://as.ad4m.at/ad/rar?a=117569%2C23576%2C34719&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2CKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CkkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=800&d=250&e=&g=2f88be73158720a9766a3c46f8b3be2e%2F3673517890145743693&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1689966644257&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gp140t5m7y1f7qnq3j3fz6d8php3qxbsf7ts879zjdkjgpp1mmxezaxvgt3gvwqvcbxpkgejwh165dv4e9a7hjcbqccsr7g9bgp7jxg3n6ng832b3khvtd9c9htn8wd614pwy29etzzfdk451krnp8pys6aqzvagra7wk80nd0es7xrt9rfy54ve5mqe3x10sbn7w5qkdjh9rahw2t80djx1phzjcc1xty6sy8bn04d83t7ne5dcjp319jhp8e8jn403t7egfpx5aak4mjy0fmt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiT-SM9i6ZIm_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEigJP0MyASFGl1c5ginUxYDANj1F2ylqaEEg7IT9maQIdqW4bARAt_XtQHBvEJu3MiHw3g7c8tMQhPzFQwIsvzbqIRHp4qAgUt4euCG_x4JfCMwx7_hvy2s4M-q_uxwyM7ICimDCfNPTrVZdDk0WsExIq0n0OWTGwXdst00EDxQwO3aQ_vQOW-2CElQLmc7LbmbKHsZLeZgF5xcMDM1Crw6028WjFE-f2U8h5QMXoIWmNGYeL-dNWwwri4jAC-naGZpIdPVsusT7sL_FOu5Do617PSwAPxqSYIPnoSUGh4sT3NPrqV7MHd2BMkjr_jOGP4h-U860PWrR9TolKNsFUchZqmrzZmkGG_PjRWeAEAYAGkvWh6ZqGvtcWoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0yKEy7pq4STHDcHe-LdYt2quKDFg%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://as.ad4m.at/ad/rar?a=13957%2C183975%2C34719&b=YxGfrf3f9RxFVH9HetQtRR8ckS1T4pJcJQ%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=q4VSmfWfbPBuZHgHDtRCXXxaeSgTA2japQ%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=728&d=90&e=&g=4c6712363cc1126424080b1ca6a45b04%2F1009454974025483350&i=20774%2C20597%2C26474&j=14%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1689966644256&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g06wskc7mphr6eketntsjk2mk7b6w5w7rw4mqhzqbsedgceh1qzj01xvxxmm12j2jm12vje1xzvbq25hzs6tfc11x2bejcjktqhkp1tnbfvam6gyp0nfvc2dfq278bgzx3we3dwjzjb7dgtzsxg03czegh32z5s54wb73stdnw6bhr19qba3b591s586ws18ttet3jznv9px852tjnjpyradz9swmfvr426gkh90sas5p2w49rwaqn8y9mndzsndp2tz2v0n272k8e6g93g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvevWM9i6ZIi_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgQJP0F1pO3yX67ZzeK1a9e8mcP7zqajDgx-vVyjCHkUr2fBiDi1fWwR1Q9Z9FymkY3BlVDAAikbKp1gkb6bse2j9kLbI5vcHSYG0NVpTHy8pqn34nb7fcQgCrGFa8RtQtE6yhLp0ccXYR4F40XaC6eLeMVD9UcmRSrZz773Wp7ob0ybSCdywsKlRQ2GLel2IN5Nhv-ypp9zjAzJ0kyL5jY9wG-NSi_KUikurnIMMttHBSpxFWUJAxK8K8T_HcrpCO-I4ENnOJLoBJXb-AfOAYc0MlD2ArxifhvDeDqS7p1UAAu2rTtlzjEWMhDi3DbT2kjMPtNJvcm7vmM2z2ViYVWUDV-AEAYAGhpG7mv_1zaN4oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1Vle0Y0JIAlvdm_9HUfcsqcQBCgA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
network error URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hbmye29a3dvbq2v0phaymk1krps2s0f6s740mky7jrfw9m0s86amhkvymgw5fw5vcj1fwk8bxw4nr769hcd2dxzqn4n36sxjdkpqt12fcwt643f97342ya7d4tktwbakn9x624qq4fpqszh4j4nb80m55qw1vs5jkwkz8mzz0htq4sn44cwcy28wxm4gczvq07wwwt8tkqvrkgj7aqd73cy7kqmarkaz8cathgpjfpkp6ee3z58ppepn0akfpkyczr0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g06wskc7mphr6eketntsjk2mk7b6w5w7rw4mqhzqbsedgceh1qzj01xvxxmm12j2jm12vje1xzvbq25hzs6tfc11x2bejcjktqhkp1tnbfvam6gyp0nfvc2dfq278bgzx3we3dwjzjb7dgtzsxg03czegh32z5s54wb73stdnw6bhr19qba3b591s586ws18ttet3jznv9px852tjnjpyradz9swmfvr426gkh90sas5p2w49rwaqn8y9mndzsndp2tz2v0n272k8e6g93g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCvevWM9i6ZIi_J9yt9u8P68CQoA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01MTQ0Mzg5NjU3Nzg1NTY1yAEJqQJ5W3iAKqiyPuACAKgDAcgDAqoEgQJP0F1pO3yX67ZzeK1a9e8mcP7zqajDgx-vVyjCHkUr2fBiDi1fWwR1Q9Z9FymkY3BlVDAAikbKp1gkb6bse2j9kLbI5vcHSYG0NVpTHy8pqn34nb7fcQgCrGFa8RtQtE6yhLp0ccXYR4F40XaC6eLeMVD9UcmRSrZz773Wp7ob0ybSCdywsKlRQ2GLel2IN5Nhv-ypp9zjAzJ0kyL5jY9wG-NSi_KUikurnIMMttHBSpxFWUJAxK8K8T_HcrpCO-I4ENnOJLoBJXb-AfOAYc0MlD2ArxifhvDeDqS7p1UAAu2rTtlzjEWMhDi3DbT2kjMPtNJvcm7vmM2z2ViYVWUDV-AEAYAGhpG7mv_1zaN4oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1Vle0Y0JIAlvdm_9HUfcsqcQBCgA%252526client%25253Dca-pub-5144389657785565%252526adurl%25253D&clickref=oneidBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&viewref=oneidgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMPoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX
Message:
Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

178194.tracking.hyros.com
a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.travelaudience.com
adservice.google.com
ag.innovid.com
analytics.webgains.io
api-js.mixpanel.com
api.ipify.org
api.webgains.io
as.ad4m.at
assets.ad4m.at
assets.pinterest.com
blog.paleohacks.com
c1.adform.net
c2194b6934c42fa6558434b4fd9e4d3b.safeframe.googlesyndication.com
cdn.attn.tv
cdn.mxpnl.com
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
contextual.media.net
ct.pinterest.com
d39ziaow49lrgk.cloudfront.net
dis.criteo.com
dsp.adfarm1.adition.com
events.attentivemobile.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
lg3.media.net
links.paleohacks-mailing.com
log.pinterest.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
paleohacks.attn.tv
paleohacks.lpages.co
partner.blau.de
partner.o2online.de
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pv.medialead.de
r.turn.com
region1.analytics.google.com
s.pinimg.com
s.tribalfusion.com
securepubads.g.doubleclick.net
static-de.ad4mat.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
track.mypaleorecipe.com
track.webgains.com
um.simpli.fi
www.awin1.com
www.conrad.de
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
api.ipify.org
googlecm.hit.gemius.pl
104.18.37.231
104.18.43.48
104.77.35.11
142.250.184.226
142.250.185.198
145.239.193.130
151.101.128.84
151.101.194.49
167.233.13.224
178.250.7.11
18.134.113.28
18.66.147.41
18.66.26.110
184.30.24.22
185.29.132.241
2001:4860:4802:32::36
2001:4860:4802:36::178
2001:678:cb4:bbbb::11
23.206.208.183
23.32.185.35
2600:1901:0:498c::
2600:1901:0:76b9::
2600:9000:225a:7600:6:66ad:d100:21
2600:9000:225f:b000:1c:9484:cec0:93a1
2606:4700:10::6816:12c
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700::6812:18ad
2606:4700::6812:7f05
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:802::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2001
2a00:1450:400c:c00::9d
2a02:26f0:480:5a1::1931
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a05:d018:d29:3605:cb40:4a86:732c:5dc5
2a05:d01c:1d8:8100:141f:37a7:c589:e0b2
2a06:98c1:3120::3
3.11.66.180
3.120.241.163
3.33.220.150
34.198.79.246
34.96.105.8
35.186.193.173
35.186.241.51
35.190.0.66
35.202.21.90
35.204.74.118
35.238.129.105
37.157.6.241
51.89.9.252
52.28.142.138
64.185.227.156
84.200.5.215
85.114.159.93
95.101.148.20
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
0128e563cfdd4beabe1edf1488c57094072f85cec6219dd04a3fb2be5d37cf84
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3
0464715c4c43f82ddcc164d56fba69897559251056a05b34b0e7daff43222ab2
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0a53bc33c39273359690f66fe69169c7f21746854db5a1541fb76bd1313e2122
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca1c9f5af182f656194cb2979f3973df5cb0a003d3bd38c2cb08a7ac042e4ed
0dde316c3d9f75d80bbdbceac417f7c6f424bf661774de611e048189e2d3879d
0deefdb7baa1ccf6d66bc78da5add142a5130caff7062e062c5a00d23f3e7380
10e4263a3d186abe0dc93a846313bcc2afad986c721d7298447c897ceda52ef3
11715aec7f7cf76332d464d65a2ce85ed2c12fc4a90cadf0e191418af2df3d7e
1414a599611253b31746e91b77f168573dbb42cc13a705fd72104a7eaca15e93
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
150cbe5c514aa70efcd179127476f4f5451db2ed4d033c0608afabdf9d18ec92
159ec23a6b35726aca57348e6615a6db4fa63c8bb12490cca4d260c8e05f9434
15d7b13e7c438f4fb9c6b2f9940e9193c9a25c1bb1ed4625d1badbac8882db2f
16154b9f51ea5424301cac6740a8ce906699e9f0330334034c56f054b50beb29
17d9ce1c35e5b33820bbf311fa3c73d6d986430b6d676d6c07f820a7f46e7b03
1838efd1e3c2c5105de4c7fcac86ce290c80fedb89d4131e1d990ff4a9d4e83f
18dd8449dd7bd05b1b1a8a1640218993802b7e73a218b75c05acf5c9b47d6082
18e68f82c8bb97595ed34c4a03b66a68007bfebe86c702c6939299eebac01446
194388578fe16a8f6d0790e1af9f6f935a03b3ecb8d7620f0ebca642761ebc88
1a6778639759f20ac4c647b91f5620427756b3b59a3d1e05b544a90a75e4bf8c
1ccd8afe56f0b455bba1b1ccba0eef363becc19167f7f2c4ba5e99c503311ead
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d39eb8237d1eba013490c4a984b23fa6945db6a75d6aa61af8bf0f3387594ab
20b7a33246e7f01900b8553817e02266d77b49365d011716f8411d12612ea54d
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
2193d80bc4cefdb76a09ddac0d68f4cde201a2e0dc51155eb48686c199d880d1
21f25f7bc7b9666cbf2a6dff9d5e82c5f8ca9b60afda6726fa78e8f80ab32f56
222e024a119ff514e245cc07990f912a400c337efce19b567a6661d23c310938
229e5a0cf38692aadb68fe1ab6ea1e26a0a3b26fbb4e731f33ad807a50ef1227
2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1
28231c5458fd9cb480d00d3a971a9134dddffa2a54aab14ea6ddace5ef739f12
28a9cd9966f483e6e045ea00027ccdd01729a0f798262de274caf951f41b0003
2b2467afc74bd60eaa7e6783a71e02345337c0d1742d682bda10a5af87a9d470
2b47e2b5d041b401f4d6dc04b120f9ada18fdd87dc40f2c764879a7c7c5a2f93
2def8d74b52caa3031a35df82df12154ee6e34e29ec27c52d437369af3597fa0
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
315c4601aeb913aecb4f659c9a9748bd163bb881867c5f6211578667bcc43cb7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
337548e5a49f9b0543f04e26958548f23cf9914ba71aecc4de6005597dd7a910
3537aca32fd9019a921a280a6cb8ee3ee9e7443dc14dd04ed24486a04704203d
3778c38e4bf0bc228b4a8e8460910aabbc263d974ce38873f91bcda88b74c00f
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3c5d6118de7369e3f8e06bd343c2c2eb9090573fda398851e33ab22db2026e93
3e031ee2b6307161e852ef731954de0f13930fb0c43596f11ce825aa6a0019a9
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078
45c1be73436389f02c770d2d1c5565bf8c3bcdfa2110d87738c702d93e6e09b8
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
472131e2a0b3a9923aa2571acb454e567534e422625a85b405f2d843c0c52570
47a6d3380cf89ad6b678478ccb347dc3ddeadcf7ca344bfc842424aaf7bfd025
48544d39ceaebb01d8e31886a19c82330f02125740397558bb0baa16b81b8c6f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f3299c5ea607670cf4fa7b23590e53b86370c98a93939c07196793d7b899c7
49416531519583e597dccc3856da2fa093b5e739baf9fda442b7047309e7f51c
4945bee5c64f638c99c8acdc2eb4fe3e84637be1f0428ccb2e4efe38f5071e02
495d2f8c8b7f1bbd664c2c10c086a644e63e4934b9734813b27956a34709eea4
4ab41794b991bbf04516440dc95a8019e66fc13201a179b2bcef107a70858783
4d50d762acfc4719d72e179a807590dfb8c63e4547b83ecc35a82777d218e30c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
508c6c8665bb4da4b211a97cdc3b2e791109204f82265d6af2eb79c51b61e014
5118f86a504411f4695fec489aa3adf6a2db467a953752c820821098ab1d29c2
520588ce7664bd466b754ad57c4dce8020ffa827cbbcdd7651619a7dc64bb844
52184cd43bbd52529bce9c0e2210613e47f8a8e144429681b0811ae46a936656
52d3e5c9fb15f3cfd863ca4b8d2144e308acbce5b319dee97f70661130c3878c
530699399fd7548a91ac3f2bb58609584569f0520fbaa67c6dbe625cde7a5e0f
5517acae2f83cb92cf756a98d0f93e094084763764a615d3c60f4a0ffa5d38da
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5891185bbadfceb49591b012abeeea967dca978a653930a6ca23863d9a3f4c92
5a08b3ce5f1a63f2cf73161dff9f376afd826ca94ed335c383735b7016224d6f
5aa49f0af3e388fdd29408e87eba4ea66280dc6023105732c233ebc6924784b9
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5f6ba0d520ab45e29a96c755045d991b68d40ca504a926ad2c3831bc262730ce
5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4
5facf3ca997fd8a7658579d40b8bc44a659e12df5b45b2f1f1713f987b86366c
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
611bde69387dbefbc603066ec9bd8beee4521fcd38c66fa600b1319f3092c883
6163a1793a31054c8e0614925b6056ea48982bcbc2fefaf1b3830668005d473a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64c9f0e4b833890006bf7258121d6ee3a8c64cd99ace1102c5252c704ea53801
67969d49ae2921f7ba587394b0db1f2dbb99fe3a26159cbaca48d46fe06898c3
679a1fcf545ea5d1a751b5a0fc4be99f73f4f2ee22fbfb3f0a90fdf6684b49fd
682b27e54462f82c7d74362de52e2aa29a0a0fa5edc381d664970eb94470fc5c
683ce8e56410f4a95a1b3aa3b105175e539916b9c6a88682907937439d9b7e76
6974d0dc9ca9cac6831ba21bba9a0fcb1ac3067714c685da2245248b57b30b73
6ae0b0e74edee33dd3e9d91c15b595508fc05e1ced11a15dbe787d0f9862dfc2
6c75b0d6862aafea13a1ad7f4779ea4f47a058be8aed60c15cf32dacea3e3acd
7038de60b90eba7fcc47b07a8e1ca2610879661b6066bc06055f6250b4ad1e50
708970c58cd4f871a3f3ffb9309d7e696a537afd00fc7e0d78ccf21137032136
730f0360a03efcd7bc76a7538f6ec200c0da77f64624dc79741b534a2ecca903
735b305aadf14dd683363407e953b1eec091e541f8d6172d459454e40d7074c4
73a1df893e4b1858fb55ca852cb37a21319cdaa7051da0de24e3aef0c9066ea3
755313ac3cb953d818fd8f3344a3ebf9fd2101223dffa2278b5499e927f9a574
75e79ffb3d2ce5c30bf5b2041576c11a95489d425b683786666f7c0ecb6bf521
75ffa5acf4d8d7334fb1737f7353046bcc162e41d94117a25eb08bd8bf522aee
77f9962a622a241decfe5721c5fd2a68f871f223088b4423b99a996679de7631
79148d3b353f75f4b122ec75e03dd4470a1878599a5f148123f103cfdae350ec
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7f33cbf9ef291c51db6380b4f948cec25eb7499b7381568b8c1c708dc9968278
82168bea85f997368bc4644e6b9d08095d2b8c90e2b9eabc4abfdcb17926e88a
8242fc13955acde235e23608039f811597f59b7c25f3ee5e846570db044d67cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83685ec127cc7475c7a3649e73986c90d87d037247409d80423f5caceed4681e
83dad54c15cfb7370db9d0fbf73b7175e079225f9234d2eb24ea5a949e7e4833
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86078e67acfc24254302385d284700cda5dc5542c2408596cc718ecccfcb3e05
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae
869d3767805b1c7b11b2df755e7cb769ee1b450553d87c374e19cb535a6afd2e
87d0cc6bfa46d38da4abcbc18fb2d5c893c43add2ee2b0f04e0e805cf0455c3a
88d683f1add45261e881bb076ee7a1f05830af435954033bfb80e24686b73085
8a132bc5849b9036742f0a8ef191d221138fe9882475f1b6ed5cde8642693edd
8a4e4d87eb5124ff8ace838e9e12db5b279607a0773d2b91cd079d85d426089b
8b9f639109e4af53e07c008d35c38374fa01b28a452272c04b5995658c86ddde
8bf18c595a16d5650676f61967d5956c41f9371aaca301e1297bb5e99cf7c90f
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e71afd53d34b1a32c15ee776f34aa51869e45820afcc130ee01477b7e9e275e
903d8d5de01ac0b9aedf5aecbf964498c581cbf6656751999560442e6cc700b9
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94de4f783ba7c57d7ce8932e3ef6b26f064e54d42c66ec30f43e5733a22faa7e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a47eb231c8cb97b60cc5d21d9fcdcf9f8132ecf3a18f3c039b0e938e4d75c5e1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a63284d0b07236a49f89dd197f9aa2ea595e314e750b5d42834fbda2f7cba411
a6be18654cc2ff528e1eb057baf3b8bd6567d9fe66696ed385b14e2e85c6176b
a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff
aa0d6c798742eedb9be8babd47ebaaace2c45e45d1bb86a4b1bf55a827980b91
aa575e81bbad973d7554e7c58ca906b97472bd692566c3e79f27385f08d63ca1
ab6456ef0246f3d40fdb403bd81fed03ba17c7541266b465f06cc32f86649a73
ac69914e2139f8eddaee80cb7e3a59b78356cf4a9c638af0cc6f0c147471a455
ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb
adfb527a789ff65fb5304cd34bd2aafbae55c2287ac92423da1734e810dd2670
ae46c3d5e92b3a5b4a090c61a6cde0dc7cbdb70222cd7a32e6c4cc1734bbddb0
ae85b3a62e03f6cec749c1e847d6564d6f0c7479be7e7b97d0b48716d0467e8b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
af96bd176c6eaa479ffaabedb2b14745bbbe5167067052301d874e690a5adc7f
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b3a5b74f9c9e61d876201c7cbed656b4e0eb1b21b952cc0a54d785a199c7abd6
b3e0e5db2674fb727b63871f299ea9f146ce45e3e3ed0c583f4ffdfb6fafb7ab
b4e827ad72023944815099096a25ccb9e11d197d1354269ee28bff1396dcf462
b51c37ff5fe69008307fabe0e42c55b5865be8012c5c35a97f4e045100558914
b7203ef7f18e8e70e9991515982b3bbd43524cf048e9591b7aab1e80db938774
b89954b6e655faac47144f839324f91233f0b13f3b69db03e7af9d95c8949baf
ba03acc1b27410fe6f06c98363fdb0501f64dda2fbf95791e586d6e3e866affa
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bb146db6ebd66b29cbeafeb55af7564efb760cc48331528d813f1a138fec4224
bd369723121fb6cd727c0b440fb544db43a2408ba63f029cf804f88fcf52b0b6
bd833e56774c4e58549c8e1f8bbb5e325443444010b44e061dce257da15f4518
c0713ea500e4a6a33fbed93ce88ecfcc3333bbdce608f5f07fddf8ac74337f8f
c1be9f83e44f68ace4eee63b3dc6bb421dd413e0819bab3fccb484c3ed0dca87
c23308a250ea3ca6ae0b6f730051226aec859ee4ac86d98c1a90ca1b6b0408dc
c280a532f1bfe942302340b698487d9fc32c8f5f0916fb27b3dc528d43226802
c2ae6a18b973d0fbd53cd575408e3720cec1b94418b180ab6b83a82611eb1906
c4e54f3040346701c8c4011adf977b31a6e2126debc963149834e0e68fe19187
c5d2b24e68b8ac27727ae26248865936f2d2d8179fc7e90bbc1ee99ae5aab725
c6e7fcc13e9fa0b4541bf314c25c54bf91807667df0a57d7cf30a554a7c00cae
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c79fa1e22ae47fd00860dad5c471b16c686c8373b4767145929fc1ff1e2dba07
c833f74357d565730d9c30fff3e8fd9a8c3fb0d6ed6a39e0312f42c291977ebd
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb143f3ca45bc083c04df6a4191b22a3cdde9dbee39960f09672f8c5e9e001b1
cdce925f223974f8773c5eb201d2260afeb72b04a0699a64c7bf07ee1ca35b28
cdef9d92aa1c5e9d8e409303f5ee38caceeecf3c1bdbf6e2f7bec8fe273dd596
ce4bede7ea6ea420714374fcc25fa80ed0863ef04d79d698a77b750783dc0123
cfc98d46b8948bdd10ecef95fe6292a8bfabac6782a441f6759b8bf9f5361af4
d0c629bcf88dc23c20cbc029d9516101ae786d9eec88f8ca477fe09222ecdf2d
d2b60cccafb6ec2bf205be958da942e8bbe124dbca10cb1e8eaa75b6ac78a594
d371a384b7bb8b79f2cfc828aa4d9dc61481834193c555bd37abd10ddb0bef7c
d5b4220c763cf3969a312deb7c95adeee817351a6c1b5485cf7c607199a496b6
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d6939232b8f1f5b30506a90ba69d1c7f7c2ab6018a59290367eb8437d98458d6
d6cddb0acb8765d10d69cd416b80ae7c8a9cb35333f4569c4aac932c2e396ea9
d7104243950b6eff64b0d4d1fa98d354ae07a9605bb31dab31a488c765b32d5c
dbf05c8de07965683efe374781f65e16d8afebbf1845634115d695e20693aa3e
dc04bf16792fb4dc44fdef70c1604b175a0dc798a163fe1481cb5c9a88d20126
dc1b42be040850b715a2fcb173c97186ed800d062c9980f661a97a8cd79065df
dde3261ae85ead281a4f3120a5c4cee3bc7a1874c284c4a23874af1ada1f08ec
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea2d76bbfbe2bbc66c90822c011fa7aa316ed8dca2eda5dc0837e22da6d3171
decc23d4d2b9e39764e53fef2d9a316c86a7835e6115f0c26c5e1c74e4e3cdfd
e17b3f5ca80e9c4c692d471f9537168654b266dbdfcb28e015f93e21b61486df
e1f1298767e4be7239cf28bb31eaada9d1750fbf45f29b2294fcfd4add302bdd
e2896baee6b8842f374967663fb0bf4b40426f52380b244bfc9f244dde5600cd
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c9181e83a24ce8fd1aedc13a573daded27c8677a50cf879fbee552798158be
e3cd62f0f64543cb7a9a820ed1e08cfab1e97c646ef12a47f5fc33cd11b227a6
e4c6a39cdb1f2dab900d10c83275e2e72e795325924c731d8fa0c49b9ec5ccb8
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7e7431b9cf4e5b9b4c1c03a02f12677a1ff48e92af634fb2bf0fa9d6d2d6f67
e84889cb87db55da8abdde45e90e7e3fb352ef848f816e738ccac21b7eebce65
e8b1012f16a7c0a81edf99671c9b9070b5a43cd55eb64d4f9ab8ca6a025647c0
eb7992882aa0838cd9d41c9e9bcef9e10576c790b9a325c060e2a8ab00922876
ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f398c6f250a4b7c3751acc2297e4b29bc311c1db88f540c8fe032aa89ece7ff3
f60666eadab2f7ecd6e58e599c160dffc76df7e32c0280c71231b4dbfd095389
f6beaaf60a3c528376907d26643d53136e843b84566d0aa2132e78a1bb15dae3
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fb2032a0b90cb58dc7bae39580e26c34a7b44d3aad4fb088f965e32ae8196822
fb4030bfa42716d19ae274676604a4d4dec5277ab60c4dcd64e61d0df5f9c573
fc3b9560801a452b77ea7c459117de4c65358d244fd160c6372cd08bf76b24b9
fca751b99463cdbb2064f0564f2730ca8ce34c75aaa23846a46bb0651ef9216d
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fd91d4679e225414d5a07156c2406b1195778c3f30f30bedd0c403c6b403995e
fdfac542ba02fe75587505204e34f28ddc1c385b810f4f1a2878e1b792eb0a8f
fe4cbace9fd4820232a3ef9ebfef646bb3948bec6a5fbf5015a7caa1eb09718e
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2
ffaeebb54ad82887bbd7cfe1c662054eb944984969a705dd9a2a95e3b853aca0