blog.paleohacks.com Open in urlscan Pro
2606:4700:10::6816:12c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.paleohacks-mailing.com/a/168/click/10061339/746255798/_b187a58421d056b6a427ec4b293fe1251e58084c/be3730f51cef0db9d02bc23...
Effective URL:
https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Submission: On August 13 via api (August 13th 2023, 10:58:57 pm UTC) from BE — Scanned from DE

Summary HTTP 274 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 43 IPs in 10 countries across 39 domains to perform 274 HTTP transactions. The main IP is 2606:4700:10::6816:12c, located in United States and belongs to CLOUDFLARENET, US. The main domain is blog.paleohacks.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 14th 2023. Valid for: a year.

This is the only time blog.paleohacks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.238.129.105 35.238.129.105	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
81	2606:4700:10:... 2606:4700:10::6816:12c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	2600:9000:212... 2600:9000:2127:5e00:1c:9484:cec0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 12	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	35.202.21.90 35.202.21.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a02:26f0:350... 2a02:26f0:3500:892::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.169.181.77 35.169.181.77	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
6	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1901:0:4... 2600:1901:0:498c::	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
4	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
1 10	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
3	184.30.24.22 184.30.24.22	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.18.25.214 104.18.25.214	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.9.64 104.18.9.64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	64.185.227.156 64.185.227.156	18450 (WEBNX) (WEBNX)
4	2a00:1450:400... 2a00:1450:400e:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:3c::8	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
3 13	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3 3	3.122.33.96 3.122.33.96	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
3 3	213.155.156.166 213.155.156.166	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
2 4	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:1a::9	15169 (GOOGLE) (GOOGLE)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:c824:b680:78be:61ca	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.186.241.51 35.186.241.51	15169 (GOOGLE) (GOOGLE)
274	43

1 35.238.129.105 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.129.238.35.bc.googleusercontent.com

links.paleohacks-mailing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

81 2606:4700:10::6816:12c (United States)

ASN13335 (CLOUDFLARENET, US)

blog.paleohacks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2127:5e00:1c:9484:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.202.21.90 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com

paleohacks.lpages.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:892::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.169.181.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-181-77.compute-1.amazonaws.com

178194.tracking.hyros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

track.mypaleorecipe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:498c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.64.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.24.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com

lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.25.214 (None, )

ASN13335 (CLOUDFLARENET, US)

paleohacks.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.9.64 (None, )

ASN13335 (CLOUDFLARENET, US)

events.attentivemobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.185.227.156 (Los Angeles, United States)

ASN18450 (WEBNX, US)
PTR: 64-185-227-156.static.webnx.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400e:80f::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:3c::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr3---sn-4g5e6nzl.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.130 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 216.58.212.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.122.33.96 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-33-96.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.166 (Sweden) 3 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.29 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.75.89.75 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:1a::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5edndz.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:c824:b680:78be:61ca (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.241.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.241.186.35.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
81	paleohacks.com blog.paleohacks.com	2 MB
36	googlesyndication.com dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 151 pagead2.googlesyndication.com — Cisco Umbrella Rank: 130	379 KB
31	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 206 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 114 cm.g.doubleclick.net — Cisco Umbrella Rank: 239	281 KB
17	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 396	391 KB
17	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	351 KB
13	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2770 www.google.com — Cisco Umbrella Rank: 3	2 KB
8	media.net contextual.media.net — Cisco Umbrella Rank: 649 lg3.media.net — Cisco Umbrella Rank: 6384	76 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	9 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	382 B
6	mypaleorecipe.com track.mypaleorecipe.com	36 KB
6	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 3540 ct.pinterest.com — Cisco Umbrella Rank: 827 log.pinterest.com — Cisco Umbrella Rank: 4591	20 KB
5	google.de www.google.de — Cisco Umbrella Rank: 5933	839 B
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 54	22 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	254 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	226 KB
5	attn.tv cdn.attn.tv — Cisco Umbrella Rank: 3992 paleohacks.attn.tv	43 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1405	902 B
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 150
4	lpages.co paleohacks.lpages.co	15 KB
3	de17a.com 3 redirects d5p.de17a.com — Cisco Umbrella Rank: 4741	926 B
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 977	3 KB
2	gvt1.com 1 redirects redirector.gvt1.com — Cisco Umbrella Rank: 3684 r4---sn-4g5edndz.gvt1.com	790 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 604	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 921 r.turn.com — Cisco Umbrella Rank: 3853	869 B
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 894	20 KB
1	mixpanel.com api-js.mixpanel.com — Cisco Umbrella Rank: 2465	373 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	363 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 465	715 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2178	173 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1190	732 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 777	545 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3044	104 B
1	googlevideo.com rr3---sn-4g5e6nzl.googlevideo.com — Cisco Umbrella Rank: 80062	514 KB
1	attentivemobile.com events.attentivemobile.com — Cisco Umbrella Rank: 3751	160 B
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2666 Failed	221 B
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 5038	18 KB
1	hyros.com 178194.tracking.hyros.com
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	28 KB
1	paleohacks-mailing.com 1 redirects links.paleohacks-mailing.com — Cisco Umbrella Rank: 748763	730 B
274	39

	Domain	Requested by
81	blog.paleohacks.com	blog.paleohacks.com track.mypaleorecipe.com
25	tpc.googlesyndication.com	dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com blog.paleohacks.com cdn.ampproject.org
17	cdn.ampproject.org	dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com securepubads.g.doubleclick.net
13	cm.g.doubleclick.net	3 redirects dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
12	securepubads.g.doubleclick.net	2 redirects blog.paleohacks.com securepubads.g.doubleclick.net
10	www.google.com	1 redirects blog.paleohacks.com dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com tpc.googlesyndication.com
8	pagead2.googlesyndication.com	dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
8	fonts.googleapis.com	blog.paleohacks.com paleohacks.lpages.co dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com securepubads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com
6	www.gstatic.com	dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
6	www.facebook.com	blog.paleohacks.com connect.facebook.net
6	track.mypaleorecipe.com	www.googletagmanager.com track.mypaleorecipe.com
5	www.google.de	blog.paleohacks.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com blog.paleohacks.com
5	www.googletagmanager.com	blog.paleohacks.com www.googletagmanager.com www.google-analytics.com
5	contextual.media.net	blog.paleohacks.com contextual.media.net
5	connect.facebook.net	blog.paleohacks.com connect.facebook.net www.googletagmanager.com
4	sync.teads.tv	2 redirects dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
4	www.googleadservices.com	dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
4	csi.gstatic.com	www.gstatic.com
4	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
4	paleohacks.lpages.co	blog.paleohacks.com paleohacks.lpages.co
3	d5p.de17a.com	3 redirects
3	pm.w55c.net	3 redirects
3	lg3.media.net	blog.paleohacks.com
3	ct.pinterest.com	s.pinimg.com blog.paleohacks.com
3	dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	region1.analytics.google.com	www.googletagmanager.com
3	cdn.attn.tv	blog.paleohacks.com cdn.attn.tv
2	c1.adform.net	2 redirects
2	paleohacks.attn.tv	cdn.attn.tv
2	s.pinimg.com	blog.paleohacks.com s.pinimg.com
2	googleads.g.doubleclick.net	www.googletagmanager.com blog.paleohacks.com
2	assets.pinterest.com	blog.paleohacks.com assets.pinterest.com
1	api-js.mixpanel.com	cdn.mxpnl.com
1	dis.criteo.com	dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	tr.blismedia.com	dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
1	sync.mathtag.com	1 redirects
1	r4---sn-4g5edndz.gvt1.com	dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
1	redirector.gvt1.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	dclk-match.dotomi.com	dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
1	r.turn.com
1	ad.turn.com	1 redirects
1	rr3---sn-4g5e6nzl.googlevideo.com	dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
1	log.pinterest.com	blog.paleohacks.com
1	events.attentivemobile.com	cdn.attn.tv
1	api.ipify.org	blog.paleohacks.com track.mypaleorecipe.com
1	cdn.mxpnl.com	blog.paleohacks.com
1	178194.tracking.hyros.com	blog.paleohacks.com
1	www.googletagservices.com	blog.paleohacks.com
1	links.paleohacks-mailing.com	1 redirects
274	53

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
plus.google.com
www.pinterest.com
twitter.com
www.youtube.com
shop.paleohacks.com
pinterest.com
paleohacks.lpages.co
www.ncbi.nlm.nih.gov
www.fineusa.us
hop.clickbank.net
paleohacks.go2cloud.org
www.instagram.com
paleohacks.com
www.paleohacks.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-14` - `2024-05-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.attn.tv Amazon RSA 2048 M01	`2023-05-02` - `2024-05-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-23` - `2023-08-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.lpages.co R3	`2023-07-26` - `2023-10-24`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
tracking.hyros.com Amazon RSA 2048 M02	`2023-04-02` - `2024-04-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.mxpnl.com GeoTrust TLS RSA CA G1	`2023-07-12` - `2024-08-11`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
attn.tv Cloudflare Inc ECC CA-3	`2023-08-13` - `2024-08-12`	a year	crt.sh
attentivemobile.com Cloudflare Inc ECC CA-3	`2023-08-13` - `2024-08-12`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-07-25` - `2023-10-03`	2 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-08-07` - `2023-11-05`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.mixpanel.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-02-13` - `2024-03-15`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Frame ID: 7F8328A5CFBEDA412249798A8895A012
Requests: 156 HTTP requests in this frame

Frame: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8FD2215D0144F25555D4854EE390B708
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CUG3G308&https=1&itype=CM
Frame ID: 83EAAB5F1410410E3F85358DE7D4D9E6
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v4.0/plugins/comments.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df300d8f9d943738%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Ff11b12a4ed9e36c%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fdry-vs-dehydrated-skin%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width=
Frame ID: D8A652E3C938302A8162FC31698F260E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v4.0/plugins/like.php?action=like&app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c0d8d451918e%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Ff11b12a4ed9e36c%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Ffacebook.com%2Fpaleohacks&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Frame ID: 50E53C749BCE2EB87780A4157428B42B
Requests: 1 HTTP requests in this frame

Frame: https://paleohacks.lpages.co/leadbox/144718873f72a2%3A13300845e746dc/5765867027562496/?lp-in-iframe=1&mpcampaignid=10061339&__fromjs=1
Frame ID: 87FCEC95EFA690A73231208D81CDC693
Requests: 2 HTTP requests in this frame

Frame: https://paleohacks.lpages.co/leadbox/144718873f72a2%3A13300845e746dc/5765867027562496/?lp-in-iframe=1&mpcampaignid=10061339&__fromjs=1
Frame ID: C9850DC9771CD399529B55D95E82F7C8
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/__media__/pics/800028474/1x1.gif
Frame ID: 9F9BDFC9BC15AD75FA2E8764ADEF9C63
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 488854B1C87BB018F063FFC32343554E
Requests: 1 HTTP requests in this frame

Frame: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 84D63F84C8A2AEB7A80EEAEFDE314FD3
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 24C69F025771FFD20D57245DBDE85674
Requests: 9 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 55667F77759826745010CE459B3A1840
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D5845C54345035644A5C28A92C1D6C8D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D62430D2DF15419947D2AB4EC9DAC02B
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: 4B43328156399395B0680B13147A386E
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: 6662B567613F1D9AF35A3756D64A6179
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: E1FEB6BAE1A6079052072889B5D5B46E
Requests: 17 HTTP requests in this frame

Frame: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8BC614F53D40E546AB74D8BF475912E4
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7602AD1BB676E6B21FEFD999B539B9DD
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dry Vs. Dehydrated Skin: The Difference & TreatmentsFacebookGoogle+PinterestTwitterYouTubeFacebookPinterestTwitterYouTube

Page URL History Show full URLs

https://links.paleohacks-mailing.com/a/168/click/10061339/746255798/_b187a58421d056b6a427ec4b293fe1251e58084c/be3... HTTP 302
https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Pinterest (Widgets) Expand

Overall confidence: 100%
Detected patterns

//assets\.pinterest\.com/js/pinit\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

274
Requests

94 %
HTTPS

58 %
IPv6

39
Domains

53
Subdomains

43
IPs

10
Countries

5235 kB
Transfer

9698 kB
Size

35
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/paleohacks
Title: Facebook

Search URL Search Domain Scan URL

URL: https://plus.google.com/+Paleohacks1/posts
Title: Google+

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/paleohacks/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://twitter.com/paleohacks
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Paleohacks
Title: YouTube

Search URL Search Domain Scan URL

URL: https://shop.paleohacks.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://blog.paleohacks.com/dry-vs-dehydrated-skin/&display=popup&ref=plugin&src=share_button
Title: Facebook2k

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://blog.paleohacks.com/dry-vs-dehydrated-skin/&text=Dry%20Vs.%20Dehydrated%20Skin%3A%20The%20Difference%20%26%20Treatments
Title: Tweet1.8k

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://blog.paleohacks.com/dry-vs-dehydrated-skin/&media=https://blog.paleohacks.com/wp-content/uploads/2016/07/Dry-vs-Dehydrated-Treatments.jpg&description=Dry%20Vs.%20Dehydrated%20Skin:%20The%20Difference%20&%20Treatments
Title: Pin634

Search URL Search Domain Scan URL

URL: https://paleohacks.lpages.co/leadbox/144718873f72a2%3A13300845e746dc/5765867027562496/
Title: Click here to get your FREE copy of our Skincare Guide!

Search URL Search Domain Scan URL

URL: http://www.ncbi.nlm.nih.gov/pmc/articles/PMC2908954/#R101
Title: 1

Search URL Search Domain Scan URL

URL: http://www.ncbi.nlm.nih.gov/pubmed/17352748?ordinalpos=1&itool=EntrezSystem2.PEntrez.Pubmed.Pubmed_ResultsPanel.Pubmed_DefaultReportPanel.Pubmed_RVDocSum
Title: 2

Search URL Search Domain Scan URL

URL: http://www.fineusa.us/common/pdf/Clinical_effects_of_dietary_hyaluronic_acid_on_dry_rough_skin.pdf
Title: 3

Search URL Search Domain Scan URL

URL: http://www.ncbi.nlm.nih.gov/pmc/articles/PMC1253722/
Title: 4

Search URL Search Domain Scan URL

URL: http://hop.clickbank.net/?affiliate=phaff&vendor=bloodsug&tid=halkiCTA

Search URL Search Domain Scan URL

URL: https://paleohacks.go2cloud.org/aff_c?offer_id=21&aff_id=1000&aff_sub=kipcta

Search URL Search Domain Scan URL

URL: https://www.instagram.com/meganrosepatiry/

Search URL Search Domain Scan URL

URL: http://paleohacks.com/
Title: Discussion

Search URL Search Domain Scan URL

URL: https://www.paleohacks.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.paleohacks-mailing.com/a/168/click/10061339/746255798/_b187a58421d056b6a427ec4b293fe1251e58084c/be3730f51cef0db9d02bc2384973944327c333c4?ana=Im1wY2FtcGFpZ25pZD0xMDA2MTMzOSI= HTTP 302
https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 179

https://securepubads.g.doubleclick.net/pagead/adview?ai=CetVOKWDZZPOjM9uQ9u8P7NymqASVvN3scMnK3KH9EIjCusGLDhABIMj9iB5glfqugrgHoAHpituaAsgBCakCqD1f4W5esj7gAgCoAwHIAwqqBLkCT9AMUkuX0nCpx6FRGxPciiy_1sR8Xr_3HI_rGgn_gx6OAo6nOWt5Lhtsfk2iffAw_iv2SPU4nhjjcE1WnnOICY9XLD2k5uuHH2Bhf1jwJ9732TPJex7eXiYTrVZXCY727GeNYXoyeHJyePp3wwSN85Jcn1KxjyyddSHGL3yt_J3YwLw6yxjgsFZeTYM3NF9YiQCOFofhxMitq6hUM7uuIL6CS04m6G8YsOlSR5plY_wmNvxlWsnpXKamfaQ0nplaeWcj8ilu1KuSAoi4K4rVK1cGdNOsWYEjO53rKMleTbegsDmsyoDEoza6PNPfzJHFnAdIDV6Yr_NyrRIMF1mzNdVThpPX571tgUzPfhqvBKz9pv0n3wpp53Hk4sqWY2p550hshy0Ac59OIxoja7Fbkl9Bpf_DIUQ9jcAE087sjIME4AQBkgUECAQYAZIFBAgFGASgBi6AB__0pOUBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQnPRZ0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJ7gFodHRwczovL251dWJ1b2ZmaWNpYWwuY29tL2FydGljbGVzL3VuY292ZXJlZC1qYXBhbmVzZT9sPWRlJmM9ZXVyJnZuZHI9bnViZ2dnaWUmc3ViaWQzPTE0MjEwMzQxMDgwJnN1YmlkPTEzODI3MTIwNTIwMyZzdWJpZDI9NjU0NjkxODYyMzIzJnN1YmlkND0mdXRtX3NvdXJjZT1Hb29nbGUmdXRtX21lZGl1bT1DUEMmdXRtX2NhbXBhaWduPTIzdzEwX0EtQUxfcmVmbGV4b2xvZ3kmdXRtX3Rlcm09Y29tYmluZWQtaW1hZ2VzgAoByAsBogwIKgYKBMOwsQK4E5wb2BMM0BUBmBYBgBcBshceChwIABIUcHViLTUxNDQzODk2NTc3ODU1NjUYsJgV&sigh=aeNqYJbs7ro&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJW-2QB3QYgGiJjVmduTXq9yl8IR8l-x0H2hEAhq6NknYiRxKY8gUYeOl5vHQmca1v89xajS-pekhgB&template_id=3484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226998685366935380266%22,%22debug_reporting%22:true,%22destination%22:%22https://nuubuofficial.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22592889193%22],%224%22:[%2208-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225111641298264867985%22}&andc=true

Request Chain 181

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEkRLUic25WPHgoQ5HBRoII&google_cver=1&google_push=AXcoOmRpmoJqqt9OjxLYJdLlm_8_Qtp98nKXs5TQH_KRgdjN4JEN_wZ_u7QI2ta3-iOcVPPb7cabct9lQOq7VdFT_SxBDIhhB_hPWdc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzY3Njc1MDY3OTIzNTEwNTkxOQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEkRLUic25WPHgoQ5HBRoII&google_cver=1

Request Chain 183

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEF1ZZ2KIw6gSPNj7NBV-XRU&google_cver=1&google_push=AXcoOmR4WHjtbULPNj6WFXDn2uxnqo_gkz8fwi1sAdJmLrJmzkPyF02E7z-FutJcV67fXDgCAbOGua1OBAQIfAdYA9KcRlhlG_2zuA HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEF1ZZ2KIw6gSPNj7NBV-XRU&google_cver=1&google_push=AXcoOmR4WHjtbULPNj6WFXDn2uxnqo_gkz8fwi1sAdJmLrJmzkPyF02E7z-FutJcV67fXDgCAbOGua1OBAQIfAdYA9KcRlhlG_2zuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=enlKTFk1R00xUXZrMlQ1&google_gid=CAESEF1ZZ2KIw6gSPNj7NBV-XRU&google_cver=1&google_push=AXcoOmR4WHjtbULPNj6WFXDn2uxnqo_gkz8fwi1sAdJmLrJmzkPyF02E7z-FutJcV67fXDgCAbOGua1OBAQIfAdYA9KcRlhlG_2zuA

Request Chain 184

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEmo-McQtMEqkgduqkyUqoI&google_cver=1&google_push=AXcoOmRQpkGr49gpMWd8hsFBFrKiXSER5QyBJiQzrfpfwJMCy6SGErD2Ksrw1Sh63ISsUIAjGHainraYEwTZX3CtNiwyyL4XjCUVIEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEmo-McQtMEqkgduqkyUqoI&google_push=AXcoOmRQpkGr49gpMWd8hsFBFrKiXSER5QyBJiQzrfpfwJMCy6SGErD2Ksrw1Sh63ISsUIAjGHainraYEwTZX3CtNiwyyL4XjCUVIEA

Request Chain 185

https://d5p.de17a.com/cookies/google?google_gid=CAESEHFAblvfajvKSTlG_CJeMIc&google_cver=1&google_push=AXcoOmQKYQPUY1Bbjam1O1MnIuxHWCNI2wSwnsw8Kb8LVH5_9-SFM6qSvprEgFJNDxz_vjUj5nnJPgNfdhYVsVI_kJBLcN8uySW-Thg HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHFAblvfajvKSTlG_CJeMIc&google_cver=1&google_push=AXcoOmQKYQPUY1Bbjam1O1MnIuxHWCNI2wSwnsw8Kb8LVH5_9-SFM6qSvprEgFJNDxz_vjUj5nnJPgNfdhYVsVI_kJBLcN8uySW-Thg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQKYQPUY1Bbjam1O1MnIuxHWCNI2wSwnsw8Kb8LVH5_9-SFM6qSvprEgFJNDxz_vjUj5nnJPgNfdhYVsVI_kJBLcN8uySW-Thg

Request Chain 186

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJTnCM686oG0leqVA6cQTp4&google_cver=1&google_push=AXcoOmS3iMhQziJmkphbhSdPIu75g6vieaagGeCt3ceDwtSU02H_2o0BoGXyMBp9ZXUpZ70lEP9pieC75zYobN4Hugl74OdW1nX44A HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJTnCM686oG0leqVA6cQTp4&google_cver=1&google_push=AXcoOmS3iMhQziJmkphbhSdPIu75g6vieaagGeCt3ceDwtSU02H_2o0BoGXyMBp9ZXUpZ70lEP9pieC75zYobN4Hugl74OdW1nX44A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQ5NzgwMjMzODgyNzg4ODM1Mg&google_push=AXcoOmS3iMhQziJmkphbhSdPIu75g6vieaagGeCt3ceDwtSU02H_2o0BoGXyMBp9ZXUpZ70lEP9pieC75zYobN4Hugl74OdW1nX44A

Request Chain 187

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPUayjK5u3Fe-e5qrfDf-gc&google_cver=1&google_push=AXcoOmSjLSzqIhPY1GKIkAyshO2n1C_BzJ3rGIlSmc1j8YHuMDtW2lh9YLUmfI6g3YH1HaWFiag1BFtZNrxZZy-TEs0uyYQrIO6w3gwi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSjLSzqIhPY1GKIkAyshO2n1C_BzJ3rGIlSmc1j8YHuMDtW2lh9YLUmfI6g3YH1HaWFiag1BFtZNrxZZy-TEs0uyYQrIO6w3gwi HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 253

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 261

https://redirector.gvt1.com/videoplayback?id=a393081ecb024f96&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1691974732&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=2EC311BCFA69FD91D4244E494852070C2769EF94.796C944447E42F9E795F67E3CA2B9A5747EBA5D9&key=ck2 HTTP 302
https://r4---sn-4g5edndz.gvt1.com/videoplayback?id=a393081ecb024f96&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1691974732&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=31B63502AF8634EFBDD7388325EEDF1A88E609D0.3E5B5AE9927A12BDB58D24E210093D41A356F43A&key=cms1&cms_redirect=yes&mh=ju&mip=2a01:4a0:1338:92::9&mm=28&mn=sn-4g5edndz&ms=nvh&mt=1691967148&mv=u&mvi=4&pl=36

Request Chain 267

https://securepubads.g.doubleclick.net/pagead/adview?ai=C-S7bK2DZZMS5Buuj7_UPvMKl6ALPwML7ccC8oafAEf6C0ryNDhABIMj9iB5glfqugrgHoAGj7KLHA8gBCakCqD1f4W5esj7gAgCoAwHIAwqqBLoCT9Aowax1DcGE27sf3U9mXiQdHf9DCMzvLHJrg-nI85ThcOHraZlQqVJ-Zjl1t-UtJtFXkV1NQOxQtSWEtNWARuf8rxXF6p9B9_TPeUBmCmqHdoe5XH8SReNk_1vBWYUDpgMb66EDy3IP4pEXzs2keGSHz85ISHDvwndPbsg9uewDg27qv8x2c6TYInUDZ5bbwYbvQw-QL70jMlVrdfubtpr2jeoMSIX9O9uC1cPQIDu5ZohXlah1wD_fSOH8vZiyMh0di9IHJWzj37CbsqNZUWo9fYqKUNzcvTRkbLV4l_XKoVupzy980hhvZpKuFu_4W1eiMdop2q8fU1zfhUh0d6Qj3D3QOYvD50Xr74jNS50TyZPG9B_EATZiUJIIVdmHzkCQ9o1YCdymdi9p7S5HecuU34Hktu8hR7XABJaIwK2UBOAEAZIFBAgEGAGSBQQIBRgEoAYugAfFk904qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ3oYx0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJKGh0dHBzOi8vd3d3LmthYnMuZGUvYWt0aW9uL3N1bW1lci1zYWxlL2GACgHICwGiDAgqBgoEw7CxArgTnBvYEw7QFQGYFgGAFwGyFx4KHAgAEhRwdWItNTE0NDM4OTY1Nzc4NTU2NRiwmBU&sigh=BJrBgTPDrrk&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWOvE1-Y5OSOOpzLG7UEpQb0KAF0C2E6Vs7AhnQQimFYZbSYGfSjtRHkbYf4kuN5Sh8XlWFK0lzhgB&template_id=3484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229922138169422423864%22,%22debug_reporting%22:true,%22destination%22:%22https://kabs.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22954775075%22],%224%22:[%2208-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221693098600457203745%22}&andc=true

Request Chain 271

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMEyxrWlp4anIfmjPNkSMM4&google_cver=1&google_push=AXcoOmS3FDMbDLY78ojHM4eUv5cwL259DmHnEUOA6e7wMcVE2J87n9-7SZ-OMkdIVo93G34NqArRBRIm9wBlklsirWRiWDgWciOKqTY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=enlKTFk1R00xUXZrMlQ1&google_gid=CAESEMEyxrWlp4anIfmjPNkSMM4&google_cver=1&google_push=AXcoOmS3FDMbDLY78ojHM4eUv5cwL259DmHnEUOA6e7wMcVE2J87n9-7SZ-OMkdIVo93G34NqArRBRIm9wBlklsirWRiWDgWciOKqTY

Request Chain 272

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOAo0zOeRG8oA_YIKfygj2s&google_cver=1&google_push=AXcoOmQD1yOeJuUXqOioPpkq9dc5VI6yA0NNVcUrMq3yEwhQX-XDuodPhCxMiAdy2zUbWFQUxvYXpdHxMjLV5hKZEPxwq8-P6svB55g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQD1yOeJuUXqOioPpkq9dc5VI6yA0NNVcUrMq3yEwhQX-XDuodPhCxMiAdy2zUbWFQUxvYXpdHxMjLV5hKZEPxwq8-P6svB55g

Request Chain 274

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBAGCENmqG-FlAzlc0TSMlc&google_cver=1&google_push=AXcoOmRpJ_s6OzEOfmaUEu3mlmQUIZrs4bzC3gpc-PMta_GwNOQ0rjn6xEGKAQ2QbU_E1xMPO95Mo05Au-VqG8CsugDFn6DA9B6k1KY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRpJ_s6OzEOfmaUEu3mlmQUIZrs4bzC3gpc-PMta_GwNOQ0rjn6xEGKAQ2QbU_E1xMPO95Mo05Au-VqG8CsugDFn6DA9B6k1KY&google_hm=eS1qYjdMZktKRTJwRXB0Zjlna1poekFSemozNDVDUXhrRX5B

Request Chain 275

https://d5p.de17a.com/cookies/google?google_gid=CAESEA45VOn4SeqTnFD-TwUi_n0&google_cver=1&google_push=AXcoOmQS-VhcyDr67SA7T4n-yQ2OC5j5qpZYPDs1ILOlm2xfO91AE-s4cpCBKt-3ny6-lpImHrDKXC-CLJnZaqM6UIcsPLxg8eQ7aMI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQS-VhcyDr67SA7T4n-yQ2OC5j5qpZYPDs1ILOlm2xfO91AE-s4cpCBKt-3ny6-lpImHrDKXC-CLJnZaqM6UIcsPLxg8eQ7aMI

Request Chain 277

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGTiGeaTGIi-KckW6w65Cdk&google_cver=1&google_push=AXcoOmRxqWfo5vJGCoZ9chk3HejRmlEUnp7aD7mPInt2a32df5MKga2S2YPhgsZhR_SV7OG0Qks5JAGNyQ6BqKdHd_NNiycXddSZtKuL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRxqWfo5vJGCoZ9chk3HejRmlEUnp7aD7mPInt2a32df5MKga2S2YPhgsZhR_SV7OG0Qks5JAGNyQ6BqKdHd_NNiycXddSZtKuL HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

274 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
blog.paleohacks.com/dry-vs-dehydrated-skin/
Redirect Chain

https://links.paleohacks-mailing.com/a/168/click/10061339/746255798/_b187a58421d056b6a427ec4b293fe1251e58084c/be3730f51cef0db9d02bc2384973944327c333c4?ana=Im1wY2FtcGFpZ25pZD0xMDA2MTMzOSI=
https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

104 KB
24 KB

2090ms
1972ms

Document
text/html

2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.23
Resource Hash: 6e5c40a4d24412d23dc4e4def2309b719ff2942504a2bd9c867944e66ad174cd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7f649092b806bbbb-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 13 Aug 2023 22:58:48 GMT
expires: Sun, 13 Aug 2023 22:58:47 GMT
link: <https://blog.paleohacks.com/wp-json/>; rel="https://api.w.org/", <https://blog.paleohacks.com/wp-json/wp/v2/posts/40033>; rel="alternate"; type="application/json", <https://blog.paleohacks.com/?p=40033>; rel=shortlink
server: cloudflare
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/7.3.23

Redirect headers

cache-control: no-cache
content-type: text/html; charset=utf-8
date: Sun, 13 Aug 2023 22:58:46 GMT
location: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.14.0 + Phusion Passenger 5.3.5
status: 302 Found
transfer-encoding: chunked
vary: Origin
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-powered-by: Phusion Passenger 5.3.7
x-request-id: 46c41c8a-9d7b-4adb-90a3-3210850ab384
x-runtime: 0.052810
x-xss-protection: 1; mode=block

GET
H2 200 cookie-popup.min.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/ 0
166 B 54ms
46ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/cookie-popup.min.css?ver=5.5.12
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:48 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 1520942
etag: "60d1dffd-0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f64909f1afabbbb-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Sat, 26 Aug 2023 08:29:46 GMT

GET
H2 200 dashicons.min.css
blog.paleohacks.com/wp-includes/css/ 58 KB
35 KB 59ms
52ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/css/dashicons.min.css?ver=5.5.12
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7203ef7f18e8e70e9991515982b3bbd43524cf048e9591b7aab1e80db938774

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 11:54:45 GMT
server: cloudflare
age: 2445724
etag: W/"60782985-e687"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7f64909f1afbbbbb-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 15 Aug 2023 15:36:44 GMT

GET
H2 200 shared-counts.min.css
blog.paleohacks.com/wp-content/plugins/Shared-Counts-develop/assets/css/ 26 KB
3 KB 55ms
48ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/Shared-Counts-develop/assets/css/shared-counts.min.css?ver=1.4.0
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21f25f7bc7b9666cbf2a6dff9d5e82c5f8ca9b60afda6726fa78e8f80ab32f56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 07 Oct 2019 15:03:04 GMT
server: cloudflare
age: 2195500
etag: W/"5d9b53a8-6886"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7f64909f1afcbbbb-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 18 Aug 2023 13:07:08 GMT

GET
H2 200 style.min.css
blog.paleohacks.com/wp-includes/css/dist/block-library/ 53 KB
8 KB 56ms
49ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.12
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Oct 2020 19:09:15 GMT
server: cloudflare
age: 2495785
etag: W/"5f7cc0db-d293"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7f64909f1afdbbbb-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 15 Aug 2023 01:42:23 GMT

GET
H2 200 style.min.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/ 187 KB
17 KB 71ms
65ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/style.min.css?ver=2.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa575e81bbad973d7554e7c58ca906b97472bd692566c3e79f27385f08d63ca1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 1217958
etag: W/"60d1dffd-2ea5c"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7f64909f1affbbbb-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 29 Aug 2023 20:39:30 GMT

GET
H2 200 font-awesome.min.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/font-awesome/css/ 30 KB
7 KB 70ms
64ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/font-awesome/css/font-awesome.min.css?ver=5.5.12
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 2445724
etag: W/"60d1dffd-7918"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7f64909f1b00bbbb-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 15 Aug 2023 15:36:44 GMT

GET
H2 200 fonts.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/ 2 KB
400 B 70ms
64ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=5.5.12
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0713ea500e4a6a33fbed93ce88ecfcc3333bbdce608f5f07fddf8ac74337f8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:48 GMT
content-encoding: br
cf-cache-status: HIT
age: 2455505
cf-polished: origSize=1942
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
etag: W/"60d1dffd-796"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7f64909f2b01bbbb-FRA
expires: Tue, 15 Aug 2023 12:53:43 GMT

GET
H2 200 front.css
blog.paleohacks.com/wp-content/plugins/other-popular-articles/assets/css/ 950 B
390 B 517ms
511ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/other-popular-articles/assets/css/front.css?ver=1691967527
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb4030bfa42716d19ae274676604a4d4dec5277ab60c4dcd64e61d0df5f9c573

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Aug 2018 12:45:14 GMT
server: cloudflare
etag: W/"5b86955a-3b6"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7f64909f2b02bbbb-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Sep 2023 22:58:49 GMT

GET
H2 200 style.css
blog.paleohacks.com/wp-content/plugins/paleohacks-tools-soften-it/assets/css/ 3 KB
930 B 531ms
526ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/paleohacks-tools-soften-it/assets/css/style.css?ver=1691967527
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 903d8d5de01ac0b9aedf5aecbf964498c581cbf6656751999560442e6cc700b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 09 Oct 2019 15:47:58 GMT
server: cloudflare
etag: W/"5d9e012e-ab4"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7f64909f2b03bbbb-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Sep 2023 22:58:49 GMT

GET
H2 200 twitter-feed.css
blog.paleohacks.com/wp-content/plugins/wp-to-twitter/css/ 1 KB
570 B 70ms
65ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/wp-to-twitter/css/twitter-feed.css?ver=5.5.12
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a53bc33c39273359690f66fe69169c7f21746854db5a1541fb76bd1313e2122

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:48 GMT
content-encoding: br
cf-cache-status: HIT
age: 2477004
cf-polished: origSize=1742
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Tue, 06 Apr 2021 13:07:36 GMT
server: cloudflare
etag: W/"606c5d18-6ce"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7f64909f2b05bbbb-FRA
expires: Tue, 15 Aug 2023 06:55:24 GMT

GET
H2 200 css
fonts.googleapis.com/ 22 KB
1 KB 143ms
52ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%7CSatisfy&ver=1.2.0

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d371a384b7bb8b79f2cfc828aa4d9dc61481834193c555bd37abd10ddb0bef7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Aug 2023 22:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 13 Aug 2023 22:58:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Aug 2023 22:58:48 GMT

GET
H2 200 mai-theme.min.css
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/ 74 KB
14 KB 100ms
95ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/mai-theme.min.css?ver=1.11.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3c9181e83a24ce8fd1aedc13a573daded27c8677a50cf879fbee552798158be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:06:36 GMT
server: cloudflare
age: 2527587
etag: W/"606c5cdc-1264a"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7f64909f5b30bbbb-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 14 Aug 2023 16:52:21 GMT

GET
H2 200 flexington.min.css
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/ 93 KB
8 KB 95ms
91ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/flexington.min.css?ver=2.5.0
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18dd8449dd7bd05b1b1a8a1640218993802b7e73a218b75c05acf5c9b47d6082

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:06:36 GMT
server: cloudflare
age: 2246983
etag: W/"606c5cdc-174c5"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7f64909f5b31bbbb-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 17 Aug 2023 22:49:05 GMT

GET
H2 200 style.css
blog.paleohacks.com/wp-content/plugins/simple-social-icons/css/ 1 KB
484 B 107ms
102ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/simple-social-icons/css/style.css?ver=3.0.2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 315c4601aeb913aecb4f659c9a9748bd163bb881867c5f6211578667bcc43cb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:48 GMT
content-encoding: br
cf-cache-status: HIT
age: 844886
cf-polished: origSize=1228
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Thu, 14 May 2020 13:04:10 GMT
server: cloudflare
etag: W/"5ebd41ca-4cc"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7f64909f5b33bbbb-FRA
expires: Sun, 03 Sep 2023 04:17:22 GMT

GET
H2 200 jquery-ui.min.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/ 43 KB
8 KB 106ms
102ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/jquery-ui.min.css?ver=5.5.12
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7104243950b6eff64b0d4d1fa98d354ae07a9605bb31dab31a488c765b32d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 2495785
etag: W/"60d1dffd-ac08"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7f64909f5b35bbbb-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 15 Aug 2023 01:42:23 GMT

GET
H2 200 sspop.css
blog.paleohacks.com/wp-content/plugins/social_share_popup/assets/css/ 3 KB
1 KB 105ms
101ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/social_share_popup/assets/css/sspop.css
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb2032a0b90cb58dc7bae39580e26c34a7b44d3aad4fb088f965e32ae8196822

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:48 GMT
content-encoding: br
cf-cache-status: HIT
age: 488969
cf-polished: origSize=4778
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Wed, 29 Aug 2018 12:45:14 GMT
server: cloudflare
etag: W/"5b86955a-12aa"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7f64909f5b38bbbb-FRA
expires: Thu, 07 Sep 2023 07:09:19 GMT

GET
H2 200 style.css
blog.paleohacks.com/wp-content/themes/paleohacks/ 22 KB
5 KB 97ms
93ms Stylesheet
text/css 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/themes/paleohacks/style.css?ver=1.2.0.12820200113
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52d3e5c9fb15f3cfd863ca4b8d2144e308acbce5b319dee97f70661130c3878c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:48 GMT
content-encoding: br
cf-cache-status: HIT
age: 1443275
cf-polished: origSize=29969
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Tue, 28 Jan 2020 01:13:56 GMT
server: cloudflare
etag: W/"5e2f8ad4-7511"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7f64909f5b39bbbb-FRA
expires: Sun, 27 Aug 2023 06:04:13 GMT

GET
H2 200 jquery.js Show response
blog.paleohacks.com/wp-includes/js/jquery/ 95 KB
34 KB 107ms
103ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 23 Aug 2019 16:00:11 GMT
server: cloudflare
age: 155918
cf-polished: origSize=96873
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7f64909f5b3abbbb-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Aug 2023 03:40:10 GMT

GET
H2 200 service-facebook-pixel.js Show response
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 54 B
160 B 105ms
102ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/service-facebook-pixel.js?ver=5.5.12
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 530699399fd7548a91ac3f2bb58609584569f0520fbaa67c6dbe625cde7a5e0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 361899
cf-polished: origSize=68
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7f64909f5b3bbbbb-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 16 Aug 2023 18:27:09 GMT

GET
H2 200 634.js Show response
blog.paleohacks.com/wp-content/uploads/415/856/public/assets/js/ 11 KB
4 KB 107ms
103ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/uploads/415/856/public/assets/js/634.js?ver=1.25.0
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c280a532f1bfe942302340b698487d9fc32c8f5f0916fb27b3dc528d43226802

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 22 Jun 2021 13:10:26 GMT
server: cloudflare
age: 361899
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7f64909f5b3cbbbb-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 16 Aug 2023 18:27:09 GMT

GET
H2 200 gtm4wp-form-move-tracker.js Show response
blog.paleohacks.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 1 KB
514 B 105ms
101ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.13.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a4e4d87eb5124ff8ace838e9e12db5b279607a0773d2b91cd079d85d426089b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 22 Jun 2021 13:09:38 GMT
server: cloudflare
age: 361899
cf-polished: origSize=1536
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7f64909f5b3ebbbb-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 16 Aug 2023 18:27:09 GMT

GET
H2 200 675.js Show response
blog.paleohacks.com/wp-content/uploads/415/904/assets/ 5 KB
2 KB 105ms
102ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/uploads/415/904/assets/675.js?ver=2.12.0
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77f9962a622a241decfe5721c5fd2a68f871f223088b4423b99a996679de7631

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 22 Jun 2021 13:10:26 GMT
server: cloudflare
age: 361899
cf-polished: origSize=9328
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7f64909f5b40bbbb-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 16 Aug 2023 18:27:09 GMT

GET
H2 200 svgxuse.js Show response
blog.paleohacks.com/wp-content/plugins/simple-social-icons/ 4 KB
1 KB 106ms
102ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/simple-social-icons/svgxuse.js?ver=1.1.21
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af96bd176c6eaa479ffaabedb2b14745bbbe5167067052301d874e690a5adc7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 14 May 2020 13:04:10 GMT
server: cloudflare
age: 361899
cf-polished: origSize=9238
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7f64909f5b42bbbb-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 16 Aug 2023 18:27:09 GMT

GET
H2 200 cookie-list.js Show response
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 919 B
506 B 106ms
103ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/cookie-list.js?ver=2.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a6778639759f20ac4c647b91f5620427756b3b59a3d1e05b544a90a75e4bf8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 228144
cf-polished: origSize=1385
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7f64909f5b44bbbb-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 18 Aug 2023 07:36:24 GMT

GET
H2 200 653.js Show response
blog.paleohacks.com/wp-content/uploads/415/904/33/881/775/ 91 KB
27 KB 116ms
112ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/uploads/415/904/33/881/775/653.js?ver=2.12.0
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94de4f783ba7c57d7ce8932e3ef6b26f064e54d42c66ec30f43e5733a22faa7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 22 Jun 2021 13:10:26 GMT
server: cloudflare
age: 361899
cf-polished: origSize=92993
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7f64909f5b45bbbb-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 16 Aug 2023 18:27:09 GMT

GET
H2 200 dtag.js Show response
cdn.attn.tv/paleohacks/ 3 KB
2 KB 164ms
59ms Script
text/javascript 2600:9000:2127:5e00:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/paleohacks/dtag.js
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:5e00:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b47e2b5d041b401f4d6dc04b120f9ada18fdd87dc40f2c764879a7c7c5a2f93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: Y4H_bTaFBWRi9GimSEzzR9Px4JwIrNub
content-encoding: gzip
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
date: Sun, 13 Aug 2023 22:58:23 GMT
x-amz-cf-pop: PRG50-C1
age: 27
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 08 Feb 2023 20:56:10 GMT
server: AmazonS3
etag: W/"d943f1634cc781ba4142fc11b4ba2cd4"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=120
x-amz-cf-id: T_pt9TSoCg5EylRPXjE4n-A7dvHEKoKX9fLrhpSVuAzdlMePjU3-8g==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 150ms
40ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c95177295b33675bd5c98332e83bd05b669dff217fd61dd19ecb2d18fdcbcd2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blog.paleohacks.com/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 13 Aug 2023 22:58:49 GMT
content-md5: /RDQqCkx0SuaU2cpPbsZfA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-debug: sAU0KnJwWhkxLa8gVQySMZYPzke78J32WM7zLqDCuKMUaAx4IphdSC1XdMMX/BXVd6E8bOSYp5m6uBY3QEbQhw==
x-fb-content-md5: 59592c234d076bea3710b062442e6a98
cross-origin-opener-policy: same-origin-allow-popups
etag: "210a815e4739b171396d59a11f0b22be"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 13 Aug 2023 23:10:06 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 217ms
107ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8df34eb5ba6fce70650937c2483ea2de6fabfce0d1a464c13da3af0de333cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28113
x-xss-protection: 0
server: cafe
etag: 916 / 19582 / m202308030102 / config-hash: 9566803040182507923
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 22:58:49 GMT

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 101 KB
38 KB 204ms
94ms Script
text/javascript 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CUG3G308

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

818c5c8303e1864eaeee7f50ec8b5eae3a1bae533d3077b43c388d43bd76e860

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-mnt-h: 21-g4dd
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 13 Aug 2023 22:58:49 GMT
server: Apache
etag: "bf54ef4eb69da52fab2b2223c80f711a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-sdbt
timing-allow-origin: *
content-length: 38562
expires: Sun, 13 Aug 2023 23:03:49 GMT

GET
H3 200 logo.png
blog.paleohacks.com/wp-content/uploads/2015/10/ 2 KB
2 KB 101ms
91ms Image
image/webp 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2015/10/logo.png
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83685ec127cc7475c7a3649e73986c90d87d037247409d80423f5caceed4681e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
cf-cache-status: HIT
age: 537054
cf-polished: origFmt=png, origSize=1719
content-disposition: inline; filename="logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1536
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 09 Nov 2019 16:35:00 GMT
server: cloudflare
etag: "5dc6eab4-6b7"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28bf33a74-FRA
expires: Wed, 06 Sep 2023 17:47:55 GMT

GET
H3 200 cookbook-opt-in1.jpg
blog.paleohacks.com/wp-content/uploads/2015/08/ 15 KB
15 KB 101ms
91ms Image
image/webp 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2015/08/cookbook-opt-in1.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfc98d46b8948bdd10ecef95fe6292a8bfabac6782a441f6759b8bf9f5361af4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
cf-cache-status: HIT
age: 362101
cf-polished: qual=85, origFmt=jpeg, origSize=19662
content-disposition: inline; filename="cookbook-opt-in1.webp"
alt-svc: h3=":443"; ma=86400
content-length: 15536
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 09 Nov 2019 16:20:14 GMT
server: cloudflare
etag: "5dc6e73e-4cce"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28bf43a74-FRA
expires: Fri, 08 Sep 2023 18:23:47 GMT

GET
H3 200 beginners-book-143x150.png
blog.paleohacks.com/wp-content/uploads/2018/06/ 8 KB
9 KB 115ms
105ms Image
image/webp 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2018/06/beginners-book-143x150.png
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 735b305aadf14dd683363407e953b1eec091e541f8d6172d459454e40d7074c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
cf-cache-status: HIT
age: 1682485
cf-polished: origFmt=png, origSize=9206
content-disposition: inline; filename="beginners-book-143x150.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8628
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sun, 10 Nov 2019 01:55:00 GMT
server: cloudflare
etag: "5dc76df4-23f6"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28bf73a74-FRA
expires: Thu, 24 Aug 2023 11:37:24 GMT

GET
H3 200 Dry-vs-Dehydrated-Treatments.jpg
blog.paleohacks.com/wp-content/uploads/2016/07/ 54 KB
54 KB 742ms
733ms Image
image/jpeg 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2016/07/Dry-vs-Dehydrated-Treatments.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7eefbcd3ff3357415aa7923cf3bdd685354269bf1be05d3711e77b0db9e32d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:50 GMT
cf-cache-status: MISS
last-modified: Sat, 09 Nov 2019 18:01:11 GMT
server: cloudflare
etag: "5dc6fee7-d827"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28bf83a74-FRA
alt-svc: h3=":443"; ma=86400
content-length: 55335
expires: Tue, 12 Sep 2023 22:58:49 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
28 KB 265ms
157ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c2208c5318a29b0fb705d081edb6ff22949ff544bce045fd5b8b05c0b70c114

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28124
x-xss-protection: 0
server: cafe
etag: 709 / 19582 / 31076944 / config-hash: 9566803040182507923
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 22:58:49 GMT

GET
H2 200 leadbox-1556801631.js Show response
paleohacks.lpages.co/ 25 KB
7 KB 459ms
142ms Script
application/javascript 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://paleohacks.lpages.co/leadbox-1556801631.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

1838efd1e3c2c5105de4c7fcac86ce290c80fedb89d4131e1d990ff4a9d4e83f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
strict-transport-security: max-age=15768000
content-encoding: br
server: Leadpages
etag: W/"4VIKFw"
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: application/javascript
cache-control: no-cache

GET
H3 200 Girl-drinking-water-e1465008203148.jpg
blog.paleohacks.com/wp-content/uploads/2016/06/ 37 KB
38 KB 674ms
666ms Image
image/jpeg 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2016/06/Girl-drinking-water-e1465008203148.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 643bfb352ed5d2963800037eddc5386b836177703ef9319b68d8b90e1ebc6896

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:49 GMT
cf-cache-status: MISS
last-modified: Sat, 09 Nov 2019 17:51:38 GMT
server: cloudflare
etag: "5dc6fcaa-9528"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28bf93a74-FRA
alt-svc: h3=":443"; ma=86400
content-length: 38184
expires: Tue, 12 Sep 2023 22:58:49 GMT

GET
H3 200 aloe-inexpensive.jpg
blog.paleohacks.com/wp-content/uploads/2016/07/ 31 KB
32 KB 664ms
655ms Image
image/jpeg 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2016/07/aloe-inexpensive.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d89b26e99cfe7ad5a1e2d031a25d02d71aceb92d6578b55922040799dbac710

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:49 GMT
cf-cache-status: MISS
last-modified: Sat, 09 Nov 2019 18:03:37 GMT
server: cloudflare
etag: "5dc6ff79-7da7"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28bfa3a74-FRA
alt-svc: h3=":443"; ma=86400
content-length: 32167
expires: Tue, 12 Sep 2023 22:58:49 GMT

GET
H3 200 Hyaluronic-acid.jpg
blog.paleohacks.com/wp-content/uploads/2016/07/ 24 KB
25 KB 654ms
646ms Image
image/jpeg 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2016/07/Hyaluronic-acid.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffd9ceb54844f1a6800c24b87b30d1770fbc74b9dad31637b6a487f7e11c7031

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:49 GMT
cf-cache-status: MISS
last-modified: Sat, 09 Nov 2019 18:01:33 GMT
server: cloudflare
etag: "5dc6fefd-6172"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28bfb3a74-FRA
alt-svc: h3=":443"; ma=86400
content-length: 24946
expires: Tue, 12 Sep 2023 22:58:49 GMT

GET
H3 200 humidifier.jpg
blog.paleohacks.com/wp-content/uploads/2016/07/ 25 KB
25 KB 296ms
288ms Image
image/jpeg 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2016/07/humidifier.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49c5d2055dbe6c02a4db8107cc4ca7f4660be1207bea0186374d5430647cd9c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:49 GMT
cf-cache-status: MISS
last-modified: Sat, 09 Nov 2019 18:05:30 GMT
server: cloudflare
etag: "5dc6ffea-63b6"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28bfc3a74-FRA
alt-svc: h3=":443"; ma=86400
content-length: 25526
expires: Tue, 12 Sep 2023 22:58:49 GMT

GET
H3 200 coffee-and-alcohol.jpg
blog.paleohacks.com/wp-content/uploads/2016/07/ 61 KB
61 KB 403ms
395ms Image
image/jpeg 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2016/07/coffee-and-alcohol.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc3707cf7ca24e2c53845265949af4ba2d3e0321a15850eda7535af9e6115471

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:49 GMT
cf-cache-status: MISS
last-modified: Sat, 09 Nov 2019 18:04:28 GMT
server: cloudflare
etag: "5dc6ffac-f36c"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28bfe3a74-FRA
alt-svc: h3=":443"; ma=86400
content-length: 62316
expires: Tue, 12 Sep 2023 22:58:49 GMT

GET
H3 200 moisturize-with-oils.jpg
blog.paleohacks.com/wp-content/uploads/2016/07/ 24 KB
24 KB 631ms
623ms Image
image/jpeg 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2016/07/moisturize-with-oils.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d16b3096152894da9540e7f1f5d908d906e1d7739731a350c049a626e0c3cd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:49 GMT
cf-cache-status: MISS
last-modified: Sat, 09 Nov 2019 18:05:58 GMT
server: cloudflare
etag: "5dc70006-6069"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28bff3a74-FRA
alt-svc: h3=":443"; ma=86400
content-length: 24681
expires: Tue, 12 Sep 2023 22:58:49 GMT

GET
H3 200 topical-honey.jpg
blog.paleohacks.com/wp-content/uploads/2016/07/ 45 KB
45 KB 749ms
740ms Image
image/jpeg 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2016/07/topical-honey.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a209db7abe7fb22fa70e8586572f09b80829da81a89dfcc1ee4132506d15b62d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:50 GMT
cf-cache-status: MISS
last-modified: Sat, 09 Nov 2019 18:07:23 GMT
server: cloudflare
etag: "5dc7005b-b378"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28c003a74-FRA
alt-svc: h3=":443"; ma=86400
content-length: 45944
expires: Tue, 12 Sep 2023 22:58:49 GMT

GET
H3 200 harsh-cleaners.jpg
blog.paleohacks.com/wp-content/uploads/2016/07/ 34 KB
34 KB 650ms
642ms Image
image/jpeg 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2016/07/harsh-cleaners.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f1e6835411646996e70a522387d1dc1a3f649e23dea9716c733ca3e43c9f441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:49 GMT
cf-cache-status: MISS
last-modified: Sat, 09 Nov 2019 18:05:19 GMT
server: cloudflare
etag: "5dc6ffdf-8618"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28c013a74-FRA
alt-svc: h3=":443"; ma=86400
content-length: 34328
expires: Tue, 12 Sep 2023 22:58:49 GMT

GET
H3 200 Dry-vs-Dehydrated-Treatments-info.jpg
blog.paleohacks.com/wp-content/uploads/2016/07/ 45 KB
45 KB 767ms
759ms Image
image/jpeg 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2016/07/Dry-vs-Dehydrated-Treatments-info.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fa1b6a9b9523afaa550b74f38810b798e97a59b9c164ba67b4914c8dc493f50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:50 GMT
cf-cache-status: MISS
last-modified: Sat, 09 Nov 2019 18:01:11 GMT
server: cloudflare
etag: "5dc6fee7-b45c"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28c023a74-FRA
alt-svc: h3=":443"; ma=86400
content-length: 46172
expires: Tue, 12 Sep 2023 22:58:49 GMT

GET
H3 200 megan-patiry-200x200.jpg
blog.paleohacks.com/wp-content/uploads/2019/11/ 12 KB
12 KB 192ms
184ms Image
image/jpeg 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2019/11/megan-patiry-200x200.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a85e412768c5b8acd35ab72de250395dd232a9b37b6f2a229397a4ee74b1f322

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:49 GMT
cf-cache-status: MISS
last-modified: Tue, 12 Nov 2019 03:13:23 GMT
server: cloudflare
etag: "5dca2353-3066"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28c033a74-FRA
alt-svc: h3=":443"; ma=86400
content-length: 12390
expires: Tue, 12 Sep 2023 22:58:49 GMT

GET
H3 200 aloe-vera-e1459465541809.jpg
blog.paleohacks.com/wp-content/uploads/2016/03/ 63 KB
64 KB 418ms
410ms Image
image/jpeg 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2016/03/aloe-vera-e1459465541809.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d7044491640c5d370f9a42167408db62fc24ffa29f0b58040df07777138c9e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:49 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Nov 2019 19:49:10 GMT
server: cloudflare
etag: "5dc5c6b6-fdc6"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28c053a74-FRA
alt-svc: h3=":443"; ma=86400
content-length: 64966
expires: Tue, 12 Sep 2023 22:58:49 GMT

GET
H3 200 Raspberry-Lemon-Swirl-Bars744.jpg
blog.paleohacks.com/wp-content/uploads/2016/07/ 69 KB
69 KB 414ms
406ms Image
image/jpeg 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2016/07/Raspberry-Lemon-Swirl-Bars744.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 285cf73c5e05e005d99708d895807383ba5f8f88ceae6cb091fc8e7d9601294f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:49 GMT
cf-cache-status: MISS
last-modified: Sat, 09 Nov 2019 18:02:23 GMT
server: cloudflare
etag: "5dc6ff2f-1128c"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28c063a74-FRA
alt-svc: h3=":443"; ma=86400
content-length: 70284
expires: Tue, 12 Sep 2023 22:58:49 GMT

GET
H3 200 3-DIY-Face-Body-Scrubs744.jpg
blog.paleohacks.com/wp-content/uploads/2018/01/ 105 KB
105 KB 772ms
764ms Image
image/jpeg 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2018/01/3-DIY-Face-Body-Scrubs744.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cf8215e45f379b63425323398429061d3ae9350a0e5dcc675e2a7c48019361d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:50 GMT
cf-cache-status: MISS
last-modified: Sun, 10 Nov 2019 01:03:41 GMT
server: cloudflare
etag: "5dc761ed-1a308"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28c073a74-FRA
alt-svc: h3=":443"; ma=86400
content-length: 107272
expires: Tue, 12 Sep 2023 22:58:49 GMT

GET
H3 200 welcome_background-b846349c1589482f22840fb8684601b7-550x413.jpg
blog.paleohacks.com/wp-content/uploads/2019/12/ 7 KB
8 KB 132ms
124ms Image
image/webp 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2019/12/welcome_background-b846349c1589482f22840fb8684601b7-550x413.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87d0cc6bfa46d38da4abcbc18fb2d5c893c43add2ee2b0f04e0e805cf0455c3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
cf-cache-status: HIT
age: 71341
cf-polished: qual=85, origFmt=jpeg, origSize=80925
content-disposition: inline; filename="welcome_background-b846349c1589482f22840fb8684601b7-550x413.webp"
alt-svc: h3=":443"; ma=86400
content-length: 7588
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Wed, 04 Dec 2019 21:01:19 GMT
server: cloudflare
etag: "5de81e9f-13c1d"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28c083a74-FRA
expires: Tue, 12 Sep 2023 03:09:47 GMT

GET
H3 200 DIY-Skin-Firming-Night-Cream744.jpg
blog.paleohacks.com/wp-content/uploads/2018/05/ 60 KB
60 KB 133ms
125ms Image
image/webp 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2018/05/DIY-Skin-Firming-Night-Cream744.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac9539b6ef8138093d54518d316c0c1e154bdca5e65f2d3bf82ab3ea6e572f58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
cf-cache-status: HIT
age: 133
cf-polished: qual=85, origFmt=jpeg, origSize=77031
content-disposition: inline; filename="DIY-Skin-Firming-Night-Cream744.webp"
alt-svc: h3=":443"; ma=86400
content-length: 61254
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sun, 10 Nov 2019 01:37:33 GMT
server: cloudflare
etag: "5dc769dd-12ce7"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28c0a3a74-FRA
expires: Tue, 12 Sep 2023 22:56:36 GMT

GET
H3 200 21-Skin-Firming-Collagen-Drinks-for-Glowing-Skin744.jpg
blog.paleohacks.com/wp-content/uploads/2018/04/ 57 KB
57 KB 744ms
737ms Image
image/jpeg 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2018/04/21-Skin-Firming-Collagen-Drinks-for-Glowing-Skin744.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e3082ac9be0c0a68fab5c0a3163d96bc63fe3cdcab1586f47c4bf1f56113f9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:50 GMT
cf-cache-status: MISS
last-modified: Sun, 10 Nov 2019 01:29:06 GMT
server: cloudflare
etag: "5dc767e2-e2ed"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28c0b3a74-FRA
alt-svc: h3=":443"; ma=86400
content-length: 58093
expires: Tue, 12 Sep 2023 22:58:49 GMT

GET
H3 200 Dry-Brushing-6-Amazing-Benefits-How-To-Do-It744.jpg
blog.paleohacks.com/wp-content/uploads/2018/06/ 43 KB
43 KB 767ms
759ms Image
image/jpeg 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2018/06/Dry-Brushing-6-Amazing-Benefits-How-To-Do-It744.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eda5c706167a9f28499ef545e40cdb6248e42e05aef57c52cc2584176a569dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:50 GMT
cf-cache-status: MISS
last-modified: Sun, 10 Nov 2019 01:45:58 GMT
server: cloudflare
etag: "5dc76bd6-ac54"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28c0c3a74-FRA
alt-svc: h3=":443"; ma=86400
content-length: 44116
expires: Tue, 12 Sep 2023 22:58:49 GMT

GET
H3 200 Skin-Firming-Chocolate-Collagen-Fudge-Squares744.jpg
blog.paleohacks.com/wp-content/uploads/2018/05/ 39 KB
40 KB 170ms
163ms Image
image/webp 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2018/05/Skin-Firming-Chocolate-Collagen-Fudge-Squares744.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6d2bf98ba390942ed0ef88219651a9e8fb691b242057675f2bc6eebc7b51420

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
cf-cache-status: HIT
age: 133
cf-polished: qual=85, origFmt=jpeg, origSize=44113
content-disposition: inline; filename="Skin-Firming-Chocolate-Collagen-Fudge-Squares744.webp"
alt-svc: h3=":443"; ma=86400
content-length: 40322
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sun, 10 Nov 2019 01:42:01 GMT
server: cloudflare
etag: "5dc76ae9-ac51"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28c0d3a74-FRA
expires: Tue, 12 Sep 2023 22:56:36 GMT

GET
H3 200 Oil-Cleansing-for-Perfect-Skin744.jpg
blog.paleohacks.com/wp-content/uploads/2015/03/ 42 KB
43 KB 400ms
393ms Image
image/jpeg 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2015/03/Oil-Cleansing-for-Perfect-Skin744.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67443dc1fc8c2ff18fcedd8ec83f1a3fa78b594a2f5c70dde63a4fd899534ede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:49 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Jul 2018 15:17:24 GMT
server: cloudflare
etag: "5b50ab84-a995"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28c0e3a74-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43413
expires: Tue, 12 Sep 2023 22:58:49 GMT

GET
H3 200 instant-pot-vs-slow-cooker-the-difference-and-which-is-better-3-350x263.jpg
blog.paleohacks.com/wp-content/uploads/2020/12/ 10 KB
10 KB 191ms
184ms Image
image/webp 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2020/12/instant-pot-vs-slow-cooker-the-difference-and-which-is-better-3-350x263.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0128e563cfdd4beabe1edf1488c57094072f85cec6219dd04a3fb2be5d37cf84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
cf-cache-status: HIT
age: 1483784
cf-polished: qual=85, origFmt=jpeg, origSize=13651
content-disposition: inline; filename="instant-pot-vs-slow-cooker-the-difference-and-which-is-better-3-350x263.webp"
alt-svc: h3=":443"; ma=86400
content-length: 10232
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 11 Dec 2020 03:23:53 GMT
server: cloudflare
etag: "5fd2e649-3553"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28c0f3a74-FRA
expires: Sat, 26 Aug 2023 18:49:05 GMT

GET
H3 200 Breadfruit-Flour-350x263.jpg
blog.paleohacks.com/wp-content/uploads/2020/10/ 14 KB
14 KB 197ms
190ms Image
image/jpeg 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2020/10/Breadfruit-Flour-350x263.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 869d3767805b1c7b11b2df755e7cb769ee1b450553d87c374e19cb535a6afd2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
cf-cache-status: HIT
age: 1108286
cf-polished: degrade=85, origSize=19193, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 13929
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Tue, 20 Oct 2020 21:03:53 GMT
server: cloudflare
etag: "5f8f50b9-4af9"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28c103a74-FRA
expires: Thu, 31 Aug 2023 03:07:23 GMT

GET
H3 200 The-14-Day-Keto-Meal-Plan800-350x263.jpg
blog.paleohacks.com/wp-content/uploads/2020/09/ 30 KB
31 KB 199ms
191ms Image
image/webp 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2020/09/The-14-Day-Keto-Meal-Plan800-350x263.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3e0e5db2674fb727b63871f299ea9f146ce45e3e3ed0c583f4ffdfb6fafb7ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
cf-cache-status: HIT
age: 318246
cf-polished: qual=85, origFmt=jpeg, origSize=36409
content-disposition: inline; filename="The-14-Day-Keto-Meal-Plan800-350x263.webp"
alt-svc: h3=":443"; ma=86400
content-length: 30954
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Thu, 17 Sep 2020 22:14:02 GMT
server: cloudflare
etag: "5f63dfaa-8e39"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28c123a74-FRA
expires: Sat, 09 Sep 2023 06:34:43 GMT

GET
H3 200 The-12-Best-Low-Carb-Vegetables-and-Their-Benefits744.jpg
blog.paleohacks.com/wp-content/uploads/2019/03/ 73 KB
73 KB 210ms
202ms Image
image/webp 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2019/03/The-12-Best-Low-Carb-Vegetables-and-Their-Benefits744.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 755313ac3cb953d818fd8f3344a3ebf9fd2101223dffa2278b5499e927f9a574

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
cf-cache-status: HIT
age: 318245
cf-polished: qual=85, origFmt=jpeg, origSize=109440
content-disposition: inline; filename="The-12-Best-Low-Carb-Vegetables-and-Their-Benefits744.webp"
alt-svc: h3=":443"; ma=86400
content-length: 74830
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Mon, 11 Nov 2019 20:19:53 GMT
server: cloudflare
etag: "5dc9c269-1ab80"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28c133a74-FRA
expires: Sat, 09 Sep 2023 06:34:44 GMT

GET
H3 200 The-7-Best-Natural-Substitutes-for-White-Sugar744.jpg
blog.paleohacks.com/wp-content/uploads/2019/07/ 56 KB
56 KB 220ms
213ms Image
image/webp 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2019/07/The-7-Best-Natural-Substitutes-for-White-Sugar744.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c79fa1e22ae47fd00860dad5c471b16c686c8373b4767145929fc1ff1e2dba07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
cf-cache-status: HIT
age: 2071100
cf-polished: qual=85, origFmt=jpeg, origSize=83320
content-disposition: inline; filename="The-7-Best-Natural-Substitutes-for-White-Sugar744.webp"
alt-svc: h3=":443"; ma=86400
content-length: 57376
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Mon, 11 Nov 2019 19:28:12 GMT
server: cloudflare
etag: "5dc9b64c-14578"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28c143a74-FRA
expires: Sat, 19 Aug 2023 23:40:29 GMT

GET
H3 200 9-Easy-Yoga-Poses-to-Reverse-Bad-Posture744.jpg
blog.paleohacks.com/wp-content/uploads/2018/05/ 45 KB
46 KB 236ms
229ms Image
image/webp 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2018/05/9-Easy-Yoga-Poses-to-Reverse-Bad-Posture744.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac69914e2139f8eddaee80cb7e3a59b78356cf4a9c638af0cc6f0c147471a455

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
cf-cache-status: HIT
age: 786272
cf-polished: qual=85, origFmt=jpeg, origSize=50376
content-disposition: inline; filename="9-Easy-Yoga-Poses-to-Reverse-Bad-Posture744.webp"
alt-svc: h3=":443"; ma=86400
content-length: 46494
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sun, 10 Nov 2019 01:36:34 GMT
server: cloudflare
etag: "5dc769a2-c4c8"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28c163a74-FRA
expires: Sun, 03 Sep 2023 20:34:17 GMT

GET
H3 200 paleohacks-logo-black-1.png
blog.paleohacks.com/wp-content/uploads/2017/08/ 2 KB
2 KB 237ms
230ms Image
image/webp 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2017/08/paleohacks-logo-black-1.png
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 708970c58cd4f871a3f3ffb9309d7e696a537afd00fc7e0d78ccf21137032136

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
cf-cache-status: HIT
age: 291298
cf-polished: origFmt=png, origSize=3119
content-disposition: inline; filename="paleohacks-logo-black-1.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2012
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 09 Nov 2019 20:01:17 GMT
server: cloudflare
etag: "5dc71b0d-c2f"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490a28c173a74-FRA
expires: Sat, 09 Sep 2023 14:03:51 GMT

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ 361 B
461 B 213ms
40ms Script
application/javascript 2a02:26f0:3500:892::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:892::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "62d32c28f14783b94192cd8d35bc010d"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=217
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 203

GET
H3 200 cookie-popup.js Show response
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 14 KB
3 KB 50ms
50ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/cookie-popup.js?ver=2.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11715aec7f7cf76332d464d65a2ce85ed2c12fc4a90cadf0e191418af2df3d7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 294611
cf-polished: origSize=21011
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7f6490a26bcf3a74-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 17 Aug 2023 13:08:37 GMT

GET
H3 200 jquery.base64.min.js Show response
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 2 KB
928 B 49ms
49ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/jquery.base64.min.js?ver=2.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49416531519583e597dccc3856da2fa093b5e739baf9fda442b7047309e7f51c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 351187
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7f6490a27bdb3a74-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 16 Aug 2023 21:25:42 GMT

GET
H3 200 shared-counts.min.js Show response
blog.paleohacks.com/wp-content/plugins/Shared-Counts-develop/assets/js/ 2 KB
1 KB 60ms
49ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/Shared-Counts-develop/assets/js/shared-counts.min.js?ver=1.4.0
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79148d3b353f75f4b122ec75e03dd4470a1878599a5f148123f103cfdae350ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 07 Oct 2019 15:03:04 GMT
server: cloudflare
age: 343217
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7f6490a28be23a74-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 16 Aug 2023 23:38:32 GMT

GET
H3 200 front.js Show response
blog.paleohacks.com/wp-content/plugins/other-popular-articles/assets/js/ 428 B
431 B 195ms
184ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/other-popular-articles/assets/js/front.js?ver=1691967527
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15d7b13e7c438f4fb9c6b2f9940e9193c9a25c1bb1ed4625d1badbac8882db2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Aug 2018 12:45:14 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7f6490a28be33a74-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 20 Aug 2023 22:58:49 GMT

GET
H3 200 popup.js Show response
blog.paleohacks.com/wp-content/plugins/paleohacks-tools-soften-it/assets/js/ 2 KB
1 KB 197ms
186ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/paleohacks-tools-soften-it/assets/js/popup.js?ver=1691967527
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 222e024a119ff514e245cc07990f912a400c337efce19b567a6661d23c310938

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 13 Apr 2019 00:14:12 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7f6490a28be43a74-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 20 Aug 2023 22:58:49 GMT

GET
H3 200 556.js Show response
blog.paleohacks.com/wp-content/uploads/415/578/public/assets/js/ 4 KB
1 KB 60ms
49ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/uploads/415/578/public/assets/js/556.js?ver=1.8.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4c6a39cdb1f2dab900d10c83275e2e72e795325924c731d8fa0c49b9ec5ccb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 22 Jun 2021 13:10:26 GMT
server: cloudflare
age: 198097
cf-polished: origSize=5914
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7f6490a28be53a74-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 18 Aug 2023 15:57:12 GMT

GET
H3 200 comment-reply.min.js Show response
blog.paleohacks.com/wp-includes/js/ 3 KB
1 KB 79ms
68ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/comment-reply.min.js?ver=5.5.12
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 11:54:45 GMT
server: cloudflare
age: 383276
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7f6490a28be63a74-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 16 Aug 2023 12:30:53 GMT

GET
H3 200 hoverIntent.min.js Show response
blog.paleohacks.com/wp-includes/js/ 1 KB
713 B 79ms
68ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/hoverIntent.min.js?ver=1.8.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 495d2f8c8b7f1bbd664c2c10c086a644e63e4934b9734813b27956a34709eea4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 11:54:45 GMT
server: cloudflare
age: 346847
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7f6490a28be73a74-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 16 Aug 2023 22:38:02 GMT

GET
H3 200 superfish.min.js Show response
blog.paleohacks.com/wp-content/themes/genesis/lib/js/menu/ 4 KB
2 KB 61ms
50ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/themes/genesis/lib/js/menu/superfish.min.js?ver=1.7.10
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Oct 2020 19:10:24 GMT
server: cloudflare
age: 280921
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7f6490a28be83a74-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 17 Aug 2023 16:56:48 GMT

GET
H3 200 skip-links.min.js Show response
blog.paleohacks.com/wp-content/themes/genesis/lib/js/ 386 B
442 B 60ms
50ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/themes/genesis/lib/js/skip-links.min.js?ver=3.3.3
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Oct 2020 19:10:24 GMT
server: cloudflare
age: 346847
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7f6490a28be93a74-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 16 Aug 2023 22:38:02 GMT

GET
H3 200 mai-theme.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 10 KB
3 KB 79ms
69ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/mai-theme.min.js?ver=1.11.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdef9d92aa1c5e9d8e409303f5ee38caceeecf3c1bdbf6e2f7bec8fe273dd596

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:06:36 GMT
server: cloudflare
age: 351187
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7f6490a28beb3a74-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 16 Aug 2023 21:25:42 GMT

GET
H3 200 basic-scroll.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 10 KB
3 KB 62ms
51ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/basic-scroll.min.js?ver=3.0.2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 508c6c8665bb4da4b211a97cdc3b2e791109204f82265d6af2eb79c51b61e014

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:06:36 GMT
server: cloudflare
age: 346847
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7f6490a28bec3a74-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 16 Aug 2023 22:38:02 GMT

GET
H3 200 mai-scroll.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 4 KB
1 KB 100ms
89ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/mai-scroll.min.js?ver=1.11.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6e7fcc13e9fa0b4541bf314c25c54bf91807667df0a57d7cf30a554a7c00cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:06:36 GMT
server: cloudflare
age: 346847
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7f6490a28bed3a74-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 16 Aug 2023 22:38:02 GMT

GET
H3 200 fitvids.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 2 KB
948 B 61ms
51ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/fitvids.min.js?ver=1.2.0
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 150cbe5c514aa70efcd179127476f4f5451db2ed4d033c0608afabdf9d18ec92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:06:36 GMT
server: cloudflare
age: 346847
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7f6490a28bef3a74-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 16 Aug 2023 22:38:02 GMT

GET
H3 200 fitvids-init.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 68 B
283 B 59ms
49ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/fitvids-init.min.js?ver=1.11.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1414a599611253b31746e91b77f168573dbb42cc13a705fd72104a7eaca15e93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:06:36 GMT
server: cloudflare
age: 346847
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7f6490a28bf03a74-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 16 Aug 2023 22:38:02 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 150ms
39ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?ver=20160428

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

33938005cb281e0e6cc43620a4ceeada714e35377d95de4e311cf89b2a82cd6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 13 Aug 2023 22:58:49 GMT
content-md5: URbXHTlQZxq3uMD8VJHKIw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1684
x-fb-debug: mNhgiz0isMm3BZjtXzM25t9qXPKOFtMw1mkGu5MbeGokHvFU1eB6f7EQPSYL7K6aFUfbhIwRMw5E8NYGsaZqVw==
x-fb-content-md5: 1fbb4be1c95b524e24aaaa773ef3aa07
cross-origin-opener-policy: same-origin-allow-popups
etag: "29f677e19dbbbdb9c67f71692348ba2a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 13 Aug 2023 23:16:06 GMT

GET
H3 200 sspop.js Show response
blog.paleohacks.com/wp-content/plugins/social_share_popup/assets/js/ 3 KB
1 KB 101ms
91ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/social_share_popup/assets/js/sspop.js?ver=20160428
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa0d6c798742eedb9be8babd47ebaaace2c45e45d1bb86a4b1bf55a827980b91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 29 Aug 2018 12:45:14 GMT
server: cloudflare
age: 136915
cf-polished: origSize=4756
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7f6490a28bf13a74-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Aug 2023 08:56:54 GMT

GET
H3 200 ea-share-count-support.js Show response
blog.paleohacks.com/wp-content/plugins/social_share_popup/assets/js/ 3 KB
1 KB 101ms
91ms Script
application/javascript 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/social_share_popup/assets/js/ea-share-count-support.js?ver=10.9.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 337548e5a49f9b0543f04e26958548f23cf9914ba71aecc4de6005597dd7a910

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 29 Aug 2018 12:45:14 GMT
server: cloudflare
age: 485391
cf-polished: origSize=3949
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7f6490a28bf23a74-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 15 Aug 2023 08:08:57 GMT

GET
H2 200 universal-script Show response
178194.tracking.hyros.com/v1/lst/ 0
0 378ms
119ms Script
text/javascript 35.169.181.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://178194.tracking.hyros.com/v1/lst/universal-script?ph=be1460aad6057c7a1655c8e1f69701db974993aa8c5a8087d36bd921dbbd93db&tag=!tracking
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.181.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-181-77.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 232 KB
83 KB 152ms
52ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fdc0768b7fd9802a34f8da85dd3c684200c839ac5239354f8d993c8b5c10d2a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84322
x-xss-protection: 0
last-modified: Sun, 13 Aug 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 13 Aug 2023 22:58:49 GMT

GET
H3 200 symbol-defs.svg
blog.paleohacks.com/wp-content/plugins/simple-social-icons/ 19 KB
8 KB 237ms
230ms Other
image/svg+xml 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/simple-social-icons/symbol-defs.svg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 194388578fe16a8f6d0790e1af9f6f935a03b3ecb8d7620f0ebca642761ebc88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 May 2020 13:04:10 GMT
server: cloudflare
age: 1581436
etag: W/"5ebd41ca-4b81"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
cf-ray: 7f6490a28c1a3a74-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 25 Aug 2023 15:41:33 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 134ms
39ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%7CSatisfy&ver=1.2.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:05:03 GMT
x-content-type-options: nosniff
age: 168826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 00:05:03 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 307 KB
87 KB 42ms
42ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=92e9f684cc482cb3eca6c5e23094c7d5

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a42e49f14bfc0b40393b43f5e10483665b442bed4226ddac38e02a6fb200f8f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blog.paleohacks.com/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 13 Aug 2023 22:58:49 GMT
content-md5: cTk+H9Nk7BzlIqePzRrh/w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88675
x-fb-debug: 1aOon8X8NLbxngZyi3TPIaiDuVR0lTdZW0vvsHG6Vgrqjoj5+Bf50bWndhYuZS9ujSI/2/kUzcrxW2MRm87huQ==
x-fb-content-md5: b694c3ad7f2ece53e68f2d4d9e6017cd
cross-origin-opener-policy: same-origin-allow-popups
etag: "0e651e809aee12010865bf4d9ef1e753"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Mon, 12 Aug 2024 22:41:29 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/955239029/ 3 KB
2 KB 142ms
52ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/955239029/?random=1691967529601&cv=11&fst=1691967529601&bg=ffffff&guid=ON&async=1&gtm=45He3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fblog.paleohacks.com%2Fdry-vs-dehydrated-skin%2F%3Fmpcampaignid%3D10061339&hn=www.googleadservices.com&frm=0&tiba=Dry%20Vs.%20Dehydrated%20Skin%3A%20The%20Difference%20%26%20Treatments&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03b0df87eee4f790c240ab1d6bc59ce2295ce8773146dbe4b54c4a41f634beb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 141ms
39ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 13 Aug 2023 21:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4146
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 13 Aug 2023 23:49:43 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 172 KB
47 KB 41ms
41ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

07b896a6d0efd4c2b706477a0f2c2ada2dff59d654a3cd4bf2ed84333a90d7c7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 13 Aug 2023 22:58:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47245
x-xss-protection: 0
pragma: public
x-fb-debug: IeyOQRQ+7LverExnyZFERejDBFDeUs4iFcfWHgtXMEN/qkeR9N9ixB8TvLw+SUkExbC67YDagzt1W6H0yAvqww==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 3 KB
2 KB 41ms
39ms Script
application/javascript 2a02:26f0:3500:892::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:892::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4390638e76d0b4b63b9c290db13a9ad38a82736135af43e86ee154491ccd2cd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "7dab9fb913eecdc09be06c97ce01ae2a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1471

GET
H2 200 jquery-3.5.1.min.js Show response
track.mypaleorecipe.com/js/ 87 KB
32 KB 141ms
48ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Nov 2021 03:31:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3355
etag: W/"15d86-5d052be3dfc43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8W2%2BLtWoJxYDi%2B0BR9yBuooC5WVX7IspY3ac5%2FR%2Bwd4NPo6RR%2BCHuY99Wg6zOr1dVF7vb1zqZvDo44%2FCF9X7qdzr4aJ4%2FiFq%2FFVNy05J6Lc1R%2FTJeHV6%2FEaEY2WW%2FbjCHixEx84J7FQrni0TnpkALMztcGrBlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f6490a4be1218cf-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 52 KB
18 KB 127ms
40ms Script
text/javascript 2600:1901:0:498c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3537aca32fd9019a921a280a6cb8ee3ee9e7443dc14dd04ed24486a04704203d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 14:19:36 GMT
content-encoding: gzip
age: 31153
x-guploader-uploadid: ADPycdvO1UUAOPnsyyXMekT921gYeUd0POgkey30LBQ6qX0xfFkqEsyiuvzBGG5CYvJzGHYaXCzCpKCOHX1_gvHGJTifVfEgCHmQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17969
last-modified: Fri, 05 May 2023 17:33:19 GMT
server: UploadServer
etag: "6eb612a000fc103e2769e576a68fc412"
vary: Accept-Encoding
x-goog-generation: 1683307999305716
x-goog-hash: crc32c=6XUl6A==, md5=brYSoAD8ED4naeV2po/EEg==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=86400
x-goog-stored-content-length: 17969
accept-ranges: bytes
expires: Mon, 14 Aug 2023 14:19:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
87 KB 54ms
54ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QMKQQWEFHC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3065dea2a26b0929e91fae8e967374aac27b98fa39c302f4ae892b362f6c1ced

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89042
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 13 Aug 2023 22:58:49 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/ 400 KB
127 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b4bb74c7f550162d688cef16db8298a8b697ed71082729828f0bfc3b6bbe4dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 19:04:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14089
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129487
x-xss-protection: 0
server: cafe
etag: 4885750571797100496
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 12 Aug 2024 19:04:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 136ms
39ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=510626776365517&ev=fb_page_view&dl=https%3A%2F%2Fblog.paleohacks.com%2Fdry-vs-dehydrated-skin%2F%3Fmpcampaignid%3D10061339&rl=&if=false&ts=1691967529639&sw=1600&sh=1200&at=

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 13 Aug 2023 22:58:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 main.04e94784.js Show response
s.pinimg.com/ct/lib/ 63 KB
18 KB 40ms
39ms Script
application/javascript 2a02:26f0:3500:892::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.04e94784.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:892::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fd386afa44d059e6ca715a93b137ed3f3129d0256ee732ce7f7379646daebd87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "8bc4eba10054ba07ad4e64b48e81a0a8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18136

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 135ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QMKQQWEFHC&gtm=45je3890&_p=1298519277&_gaz=1&cid=1384739232.1691967530&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691967529&sct=1&seg=0&dl=https%3A%2F%2Fblog.paleohacks.com%2Fdry-vs-dehydrated-skin%2F%3Fmpcampaignid%3D10061339&dt=Dry%20Vs.%20Dehydrated%20Skin%3A%20The%20Difference%20%26%20Treatments&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMKQQWEFHC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 153ms
49ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QMKQQWEFHC&cid=1384739232.1691967530&gtm=45je3890&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMKQQWEFHC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 145ms
51ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QMKQQWEFHC&cid=1384739232.1691967530&gtm=45je3890&aip=1&z=436811531

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 405752247076167 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 46ms
45ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/405752247076167?v=2.9.123&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d208e58d78460c136ccffd216d0785beab49bf2ac0ed23851ea622241ce9e677

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 13 Aug 2023 22:58:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 89246
x-xss-protection: 0
pragma: public
x-fb-debug: fCjbPW5Gu8wHjjq+dWurol7uaQF45lbOglhua0sbtiomeOxfNYNnS/LZejkf9g7RFrEdUZgck47oNrjRYDQrjQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 160 KB
44 KB 1377ms
1377ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2789975722667140&correlator=3352533978332853&eid=31076625%2C31076868%2C31076923&output=ldjh&gdfp_req=1&vrg=202308030102&ptt=17&impl=fifs&iu_parts=55892584%2CPH300x2502%2CPHBlog300x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x250%2C300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1691967529785&lmt=1691960329&adxs=-9%2C1100&adys=-9%2C1505&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fblog.paleohacks.com%2Fdry-vs-dehydrated-skin%2F%3Fmpcampaignid%3D10061339&frm=20&vis=1&psz=0x-1%7C300x250&msz=0x-1%7C300x-1&fws=2%2C4&ohw=0%2C1600&ga_vid=1384739232.1691967530&ga_sid=1691967530&ga_hid=1298519277&ga_fc=true&dlt=1691967528793&idt=972&adks=79842087%2C1706127594

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8dfadec2fc0e69d74d56a705198080d59e6581a6730093e356f8cee9b801991e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45355
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8FD2 6 KB
3 KB 168ms
49ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 22:58:49 GMT
expires: Mon, 12 Aug 2024 22:58:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
ct.pinterest.com/user/ 568 B
616 B 172ms
70ms XHR
application/json 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2615989242318&cb=1691967529797&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.04e94784.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 159ec23a6b35726aca57348e6615a6db4fa63c8bb12490cca4d260c8e05f9434

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pin-unauth: dWlkPVltRmxaRFU1WldZdFlqaGlOeTAwTmpFMkxUazRaRFV0WWpnMk9ERTNaVEJpTURZeA
pragma: no-cache
content-encoding: gzip
referrer-policy: origin
date: Sun, 13 Aug 2023 22:58:49 GMT
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://blog.paleohacks.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-pinterest-rid: 6544963996145503
content-length: 385
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/955239029/ 42 B
455 B 144ms
53ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/955239029/?random=1691967529601&cv=11&fst=1691964000000&bg=ffffff&guid=ON&async=1&gtm=45He3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fblog.paleohacks.com%2Fdry-vs-dehydrated-skin%2F%3Fmpcampaignid%3D10061339&frm=0&tiba=Dry%20Vs.%20Dehydrated%20Skin%3A%20The%20Difference%20%26%20Treatments&fmt=3&is_vtc=1&random=2444098828&rmt_tld=0&ipr=y

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/955239029/ 42 B
154 B 84ms
52ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/955239029/?random=1691967529601&cv=11&fst=1691964000000&bg=ffffff&guid=ON&async=1&gtm=45He3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fblog.paleohacks.com%2Fdry-vs-dehydrated-skin%2F%3Fmpcampaignid%3D10061339&frm=0&tiba=Dry%20Vs.%20Dehydrated%20Skin%3A%20The%20Difference%20%26%20Treatments&fmt=3&is_vtc=1&random=2444098828&rmt_tld=1&ipr=y

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
247 B 159ms
67ms Image
image/gif 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2615989242318&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fblog.paleohacks.com%2Fdry-vs-dehydrated-skin%2F%3Fmpcampaignid%3D10061339%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2204e94784%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1691967529807
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:49 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 9203904005441328
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:45:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 808
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 13 Aug 2023 23:45:21 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
224 B 47ms
47ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1298519277&t=pageview&_s=1&dl=https%3A%2F%2Fblog.paleohacks.com%2Fdry-vs-dehydrated-skin%2F%3Fmpcampaignid%3D10061339&ul=en-us&de=UTF-8&dt=Dry%20Vs.%20Dehydrated%20Skin%3A%20The%20Difference%20%26%20Treatments&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEAjAAAAACAAI~&jid=125181621&gjid=675513829&cid=1384739232.1691967530&tid=UA-42752472-1&_gid=1610327124.1691967530&_r=1&_slc=1&gtm=45He3890n81TJTDCJG&cd1=health&cd2=July%2028%2C%202016&cd3=Megan%20Patiry&cd5=health-2%2Cskin-care&z=417737109

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a3c6048948c57aae55beef92d5a18abce757ad2783354a2eda068b14798e5a75

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 can-i-show.js Show response
paleohacks.lpages.co/static/all/js/ 21 B
212 B 141ms
140ms Script
application/javascript 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://paleohacks.lpages.co/static/all/js/can-i-show.js

Requested by

Host: paleohacks.lpages.co
URL: https://paleohacks.lpages.co/leadbox-1556801631.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

5517acae2f83cb92cf756a98d0f93e094084763764a615d3c60f4a0ffa5d38da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
strict-transport-security: max-age=15768000
content-encoding: br
server: Leadpages
etag: W/"4VIKFw"
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: application/javascript
cache-control: no-cache

GET
H2 200 smtr Show response
contextual.media.net/ 77 KB
29 KB 334ms
333ms Script
text/javascript 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?ule=487&&bc=8*KZO803CW-g7u*G60%24LGxs4x4stLQ49.s_wtxs.&kkdd=A3%7C!%7CAnH*hW3u9&q*=xs4x4stLQ49.s_wtxs.&eZVT=x&C6Vu=.&76bg=5QQ9&b*Z=wmBl_l_.w&bVbZ=jrKrbP2KpnqrqtV8rMS!M2%3D%3D&bT*Z=tQssLtQLw&6*fg=_..1QL.&bb=-~&6b=UF&y77V6=x&TgvaTG=y77V6%3A%2F%2FcGOe0VuGgOyub!60bOC%2FZThDq6DZgyhZTu7gZD6!*K%2F%3FCVbuCVu*eK*Z%3Dx..sx__4&K6g=L&G8=x&aeZ=9&*8=xs..&!77Gg=-Th%20p6%20-gyhZTu7gZ%20J!*K%3A%20ryg%20-*zzgTgKbg%20%26%20rTgu7CgK76&Cbz=w9_sQ&Ve*Z=VxsQLx999Q7Q.Q_.wx_QQLw&Kc=x&ure=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUG3G308

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Resource Hash

68ecba078ab3e2da62ce4574f90f7fc83e6dd0e68bf04ad1726d44468e6db9b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
x-sc-h: 22-e1v1
content-length: 29614
expires: Sun, 13 Aug 2023 22:58:50 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 83EA 15 KB
6 KB 93ms
93ms Document
text/html 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CUG3G308&https=1&itype=CM

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

50d434eb90776c8fbb4f0e0cbcb2c1ad299bffe0a1930e587cc0347be64bb839

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 5917
content-type: text/html; charset=UTF-8
date: Sun, 13 Aug 2023 22:58:49 GMT
expires: Tue, 15 Aug 2023 22:58:49 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK bping.php
lg3.media.net/ 35 B
338 B 151ms
42ms Image
image/gif 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=579&&vgd_cdv=1047&vgd_cage=3&vgd_tsce=L224&vgd_mcf=84362&gdpr=1&mspa=0&prid=8PRHGG6T9&cid=8CUG3G308&crid=726657258&vi=1691967529406387160&ugd=4&lf=6&cc=DE&sc=BY&lper=100&wsip=170785111&r=1691967529832&requrl=https%3A%2F%2Fblog.paleohacks.com%2Fdry-vs-dehydrated-skin%2F%3Fmpcampaignid%3D10061339&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=201011&vgd_rakh=1691967529163581770&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fdmedianet.js&vgd_pgid=p162514442t202308132258&vgd_pgids=1&vgd_uspa=0&hvsid=00001691967529828013588907522441&gdpr=1&mspa=0&vgd_l2type=scs_newfl&vgd_end=1

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Sun, 13 Aug 2023 22:58:49 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Sun, 13 Aug 2023 22:58:49 GMT

GET
H2 200 jquery.cookie.js Show response
track.mypaleorecipe.com/js/ 2 KB
1 KB 55ms
53ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/js/jquery.cookie.js?v=1.0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dde3261ae85ead281a4f3120a5c4cee3bc7a1874c284c4a23874af1ada1f08ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3355
cf-polished: origSize=3254
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 09 Nov 2021 03:31:23 GMT
server: cloudflare
etag: W/"cb6-5d052be67bb4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJfQB%2BAkrfMzFkIZrFx8o2tKQrNQS9hYmG%2F%2BpnMtz804ht21B5j8BadS3s%2BA0jtfSsr4UzDG7YtlMnRnNtATD92jE1mzVY0d1FZIJ2m5Vy8ocWaJQkbXzVS%2FGibeh6mRMrpvo5gOXec8NJGjdn8S9TWAlB9MHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f6490a5cece18cf-FRA

OPTIONS /
api.ipify.org/ Frame 0
0

GET /
api.ipify.org/ 0
0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 50ms
48ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-42752472-1&cid=1384739232.1691967530&jid=125181621&gjid=675513829&_gid=1610327124.1691967530&_u=YADAAEAiAAAAACAAI~&z=647214099

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 13 Aug 2023 22:58:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
85 KB 56ms
55ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RWB4GYKC4G&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

49044643b4fe027dea5a7ca6abc8161d0f5fec5980dc1e66cbcd0762d4c182c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86582
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 13 Aug 2023 22:58:49 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 46ms
46ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1298519277&t=pageview&_s=1&dl=https%3A%2F%2Fblog.paleohacks.com%2Fdry-vs-dehydrated-skin%2F%3Fmpcampaignid%3D10061339&ul=en-us&de=UTF-8&dt=Dry%20Vs.%20Dehydrated%20Skin%3A%20The%20Difference%20%26%20Treatments&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAiEAjBAAAACAAI~&jid=925071799&gjid=877183944&cid=1384739232.1691967530&tid=UA-81910700-1&_gid=1610327124.1691967530&_slc=1&gtm=45He3890n81TJTDCJG&z=248996485

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 49ms
48ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-81910700-1&cid=1384739232.1691967530&jid=925071799&gjid=877183944&_gid=1610327124.1691967530&_u=aCDAiEAjBAAAAGAAI~&z=588218433

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 13 Aug 2023 22:58:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 admin-ajax.php Show response
blog.paleohacks.com/wp-admin/ 16 KB
3 KB 960ms
956ms XHR
application/json 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.paleohacks.com/wp-admin/admin-ajax.php

Requested by

Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.23

Resource Hash

b7eacd311c7864316020996ac805efb086bc5f9982ab93fd02032eb83450d31f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 13 Aug 2023 22:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-powered-by: PHP/7.3.23
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/json; charset: utf-8
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 7f6490a62efc3a74-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 comments.php
www.facebook.com/v4.0/plugins/ Frame D8A6 0
0 71ms
71ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v4.0/plugins/comments.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df300d8f9d943738%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Ff11b12a4ed9e36c%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fdry-vs-dehydrated-skin%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=92e9f684cc482cb3eca6c5e23094c7d5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 13 Aug 2023 22:58:49 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: ikPZJ5vWjq3Gv9+dlxnrCDfn9hnDy1J+vixWtfHt/IeVeZN/HtisdcNxUsb7BXZB21ubYenBiPArjqZ2hieMjQ==
x-frame-options: DENY
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/v4.0/plugins/ Frame 50E5 0
117 B 70ms
70ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v4.0/plugins/like.php?action=like&app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c0d8d451918e%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Ff11b12a4ed9e36c%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Ffacebook.com%2Fpaleohacks&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=92e9f684cc482cb3eca6c5e23094c7d5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 13 Aug 2023 22:58:49 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: lRJFr1IoIG0+H5/+Aqay+l1YpwNsKIPVnmPF3I3euYtqJO9g4LzhG7NboqJbGc4ukYonraXDPqP8rykpXL6Q/A==
x-xss-protection: 0

GET
H2 404 / Show response
paleohacks.lpages.co/leadbox/144718873f72a2%3A13300845e746dc/5765867027562496/ Frame 87FC 12 KB
4 KB 567ms
567ms Document
text/html 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://paleohacks.lpages.co/leadbox/144718873f72a2%3A13300845e746dc/5765867027562496/?lp-in-iframe=1&mpcampaignid=10061339&__fromjs=1
Requested by: Host: paleohacks.lpages.co
URL: https://paleohacks.lpages.co/leadbox-1556801631.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 90.21.202.35.bc.googleusercontent.com
Software: Leadpages /
Resource Hash: c1be9f83e44f68ace4eee63b3dc6bb421dd413e0819bab3fccb484c3ed0dca87

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Sun, 13 Aug 2023 22:58:50 GMT
server: Leadpages
vary: Accept-Encoding

GET
H2 404 / Show response
paleohacks.lpages.co/leadbox/144718873f72a2%3A13300845e746dc/5765867027562496/ Frame C985 12 KB
4 KB 633ms
632ms Document
text/html 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://paleohacks.lpages.co/leadbox/144718873f72a2%3A13300845e746dc/5765867027562496/?lp-in-iframe=1&mpcampaignid=10061339&__fromjs=1
Requested by: Host: paleohacks.lpages.co
URL: https://paleohacks.lpages.co/leadbox-1556801631.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 90.21.202.35.bc.googleusercontent.com
Software: Leadpages /
Resource Hash: c1be9f83e44f68ace4eee63b3dc6bb421dd413e0819bab3fccb484c3ed0dca87

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Sun, 13 Aug 2023 22:58:50 GMT
server: Leadpages
vary: Accept-Encoding

GET
H2 200 unified-tag.js Show response
cdn.attn.tv/tag/4-latest/ 119 KB
40 KB 65ms
65ms Script
application/javascript 2600:9000:2127:5e00:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/paleohacks/dtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:5e00:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1222ceb8785b6542345167cb0dc4ec3c26b1d71ccf441ad9838946324e108e68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: H7hHJY1niouN.2MukhXqg0ouCnuhlMya
content-encoding: gzip
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
date: Sun, 13 Aug 2023 22:58:49 GMT
x-amz-cf-pop: PRG50-C1
age: 21
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 09 Aug 2023 21:05:19 GMT
server: AmazonS3
etag: W/"d49c50c39e01a4b178bbb54010868426"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
x-amz-cf-id: 2aycCwT6bj3EfbzPuoxZPnkB15kgIGEptnTOv1B_BYxOA2tkEgmFVw==

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 41ms
40ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=405752247076167&ev=PageView&dl=https%3A%2F%2Fblog.paleohacks.com%2Fdry-vs-dehydrated-skin%2F%3Fmpcampaignid%3D10061339&rl=&if=false&ts=1691967529954&sw=1600&sh=1200&v=2.9.123&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1691967529952.1468753089&it=1691967529760&coo=false&tm=1&rqm=GET

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 13 Aug 2023 22:58:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 41ms
40ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=405752247076167&ev=PageView&dl=https%3A%2F%2Fblog.paleohacks.com%2Fdry-vs-dehydrated-skin%2F%3Fmpcampaignid%3D10061339&rl=&if=false&ts=1691967529955&sw=1600&sh=1200&v=2.9.123&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1691967529952.1468753089&it=1691967529760&coo=false&rqm=GET

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 13 Aug 2023 22:58:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
18 KB 41ms
41ms Script
application/javascript 2a02:26f0:3500:892::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.4591882549424193
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:892::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "3725764cf05d1a0938de73d398772331"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=293
accept-ranges: bytes
content-length: 18679

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 45ms
44ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1298519277&t=event&ni=Yes&_s=1&dl=https%3A%2F%2Fblog.paleohacks.com%2Fdry-vs-dehydrated-skin%2F%3Fmpcampaignid%3D10061339&ul=en-us&de=UTF-8&dt=Dry%20Vs.%20Dehydrated%20Skin%3A%20The%20Difference%20%26%20Treatments&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=leadbox&ea=show&el=Skin%20Care%20Lead%20Magnet&_u=aCDACEAjBAAAAGAAI~&jid=&gjid=&cid=1384739232.1691967530&tid=UA-42752472-1&_gid=1610327124.1691967530&gtm=45He3890n81TJTDCJG&z=1627130847

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 00:56:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 79356
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 53ms
51ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-42752472-1&cid=1384739232.1691967530&jid=125181621&_u=YADAAEAiAAAAACAAI~&z=808822944

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 52ms
52ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-42752472-1&cid=1384739232.1691967530&jid=125181621&_u=YADAAEAiAAAAACAAI~&z=808822944

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 admin-ajax.php Show response
blog.paleohacks.com/wp-admin/ 2 KB
847 B 1144ms
1144ms XHR
text/html 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.paleohacks.com/wp-admin/admin-ajax.php?action=display_popular_articles&_=1691967529862

Requested by

Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.23

Resource Hash

a9b1746c47e90b996aef35bc66950b04461453f2bc6e5eeb89bc7629bc447dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.23
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
cf-ray: 7f6490a66f2e3a74-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 /
blog.paleohacks.com/dry-vs-dehydrated-skin/ 30 KB
30 KB 1753ms
1753ms Image
text/html 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.23
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.23
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: max-age=0
cf-ray: 7f6490a66f2f3a74-FRA
link: <https://blog.paleohacks.com/wp-json/>; rel="https://api.w.org/", <https://blog.paleohacks.com/wp-json/wp/v2/posts/40033>; rel="alternate"; type="application/json", <https://blog.paleohacks.com/?p=40033>; rel=shortlink
alt-svc: h3=":443"; ma=86400
expires: Sun, 13 Aug 2023 22:58:50 GMT

GET
H3 200 Hind-Regular.woff2
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/hind/ 93 KB
93 KB 51ms
50ms Font
application/octet-stream 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/hind/Hind-Regular.woff2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=5.5.12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5891185bbadfceb49591b012abeeea967dca978a653930a6ca23863d9a3f4c92

Request headers

Referer: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=5.5.12
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 1083818
vary: Accept-Encoding,User-Agent
cache-control: max-age=2592000
cf-ray: 7f6490a66f303a74-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Aug 2023 09:55:11 GMT

GET
H3 200 Montserrat-SemiBold.woff2
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/montserrat/ 79 KB
79 KB 50ms
50ms Font
application/octet-stream 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/montserrat/Montserrat-SemiBold.woff2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=5.5.12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47a6d3380cf89ad6b678478ccb347dc3ddeadcf7ca344bfc842424aaf7bfd025

Request headers

Referer: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=5.5.12
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:49 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 362099
vary: Accept-Encoding,User-Agent
cache-control: max-age=2592000
cf-ray: 7f6490a66f313a74-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Sep 2023 18:23:50 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 53ms
53ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-81910700-1&cid=1384739232.1691967530&jid=925071799&_u=aCDAiEAjBAAAAGAAI~&z=1585485459

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 50ms
50ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-81910700-1&cid=1384739232.1691967530&jid=925071799&_u=aCDAiEAjBAAAAGAAI~&z=1585485459

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 main.js Show response
track.mypaleorecipe.com/js/ 3 KB
1 KB 575ms
573ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/js/main.js?v=1.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ae0b0e74edee33dd3e9d91c15b595508fc05e1ced11a15dbe787d0f9862dfc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Tue, 09 Nov 2021 03:31:21 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=4494
etag: W/"118e-5d052be46686b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VlvqX68AvN0NUleIaFX99Y500d1welIP6ir5%2FTP%2BDWaUi%2FuaoOJeNwlCJIR7cin5gLki%2Fgg%2FeJnlvHHvrwIbTiXGaFbYSrPhfpzBFm2ZmIGjpOXi7gHoKY36wmV336TLi9V2GCr3R4QvOIiuGmkQ6O35YlJjiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f6490a6abf2694f-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 48ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RWB4GYKC4G&_ono=1&gtm=45je3890&_p=1298519277&_gaz=1&ul=en-us&sr=1600x1200&cid=1384739232.1691967530&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fblog.paleohacks.com%2Fdry-vs-dehydrated-skin%2F%3Fmpcampaignid%3D10061339&dt=Dry%20Vs.%20Dehydrated%20Skin%3A%20The%20Difference%20%26%20Treatments&sid=1691967530&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_1=health&ep.ua_dimension_2=July%2028%2C%202016&ep.ua_dimension_3=Megan%20Patiry&ep.ua_dimension_5=health-2%2Cskin-care
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RWB4GYKC4G&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 49ms
48ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-RWB4GYKC4G&cid=1384739232.1691967530&gtm=45je3890&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RWB4GYKC4G&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 52ms
52ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-RWB4GYKC4G&cid=1384739232.1691967530&gtm=45je3890&aip=1&z=1564551525

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
paleohacks.attn.tv/d/ 5 B
257 B 530ms
419ms Fetch
application/json 104.18.25.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleohacks.attn.tv/d/?attn_vid=425b64f38d5a4889b919e086dcc153fb
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:50 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: *
x-envoy-upstream-service-time: 4
cf-ray: 7f6490a858c1914c-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 e
events.attentivemobile.com/ 0
160 B 245ms
139ms Ping
text/plain 104.18.9.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://events.attentivemobile.com/e?v=4.25.1_d124c336df&pd=https%3A%2F%2Fblog.paleohacks.com%2Fdry-vs-dehydrated-skin%2F%3Fmpcampaignid%3D10061339&u=425b64f38d5a4889b919e086dcc153fb&c=paleohacks&ceid=UsU&lt=1691967530167&tag=modern&cs=3912930009&t=v&r=&m=%7B%22source%22%3A%22a%22%7D&cb=1691967530172
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain;charset=UTF-8
x-envoy-upstream-service-time: 4
cf-ray: 7f6490a85b681c07-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 paleohacks.attn.tv.js Show response
cdn.attn.tv/growth-tag-assets/client-configs/ 0
384 B 434ms
433ms Script
text/javascript 2600:9000:2127:5e00:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/growth-tag-assets/client-configs/paleohacks.attn.tv.js
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:5e00:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: kGJjc2HxNgGNuk_7UqP1h9o.liqWLb8I
content-encoding
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
date: Sun, 13 Aug 2023 06:11:57 GMT
last-modified: Mon, 17 Dec 2018 20:59:49 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 60416
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 0
x-amz-cf-id: sKVCNdhQcCxeBkXwGLhqU_qu_zxV0wYFxqe0imW3xRvPpowaLFtWfg==

GET
H2 200 1x1.gif
contextual.media.net/__media__/pics/800028474/ Frame 9F9B 42 B
198 B 43ms
43ms Image
image/gif 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/__media__/pics/800028474/1x1.gif

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:50 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 04 Jun 2018 10:04:19 GMT
server: Apache
content-type: image/gif
cache-control: max-age=665307
accept-ranges: bytes
content-length: 42
expires: Mon, 21 Aug 2023 15:47:17 GMT

GET
DATA 200
OK truncated
/ Frame 9F9B 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9F9B 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bullet8.woff
contextual.media.net/__media__/fonts/bullet8/ Frame 9F9B 2 KB
2 KB 122ms
43ms Font
font/woff 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/__media__/fonts/bullet8/bullet8.woff

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

53270b71935310d01091c385fb610d324d59e3cb15354e98762445f658cb64bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://blog.paleohacks.com/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:50 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 16 May 2016 10:39:41 GMT
server: Apache
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1708
expires: Mon, 14 Aug 2023 22:58:50 GMT

GET
H/1.1 200
OK bql.php Show response
lg3.media.net/ Frame 9F9B 15 B
324 B 41ms
40ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=3890&&vgd_canary=0&vgd_l2type=scs_newfl&fp=apuRvDLAtBkB00__Cmkal3KFrsnGCYd4VsEPJ59Tez9hVFartwcufxw1ABPe-E5QVqxKxC41iJ-FD7b92UBvEhqN61p8kUQY5Uu_AN6xAIF_AfOaHQSzdXJNtLBJdR48r_m5xkcWXSPeGv5z6m_0Jg%3D%3D&cme=0ZtT1_FO9fW0yXZCevTMeinKzeuWCoQii-yHW5hjiqcaBwdZ_jUA9x6KFQfP30rGGCnekhzxiE0l9xayLHWGwysdffo3MH8k120GlPRGzsTEB5eNC63d9KxSIsYABi10yRlw3YFql8Be3LvA-rVfcHZAHxtfbKQAbpGCmKAuQfHg4m7r3QeFBxZ1ZUCBqsKR0_utBYTKlivHovP-b60kjM1T07Z90Ax10XhRaKGThBGKruohisKwmC_AKWEhKY01NQtIK6GAapCaGbelK_wyCKJChAbhHo3xxhzzfyngzxsCZ2sdIT1i1FbByS7RUSV0%7C%7CKOA2tkfoPlCxJ92iUGwOAJF-FU3JoeM41kAOPvwAVOiuZCXsApE1f2sSYYCbZX8yrlGGv9WgeBAdHKNcOmzgJ46JmeLXwGZVBilfFVX1ydg%3D%7CPjh0G0G2IrOwcgU9gOyssfaKVgAr1zTklc88w3BqyKwHRs3KN68uYkEJGQneo40xgG37oeK3Sjm8DOvF2-_viKRnJgI9ia-dwRK1jBxnRtc%3D%7CpxZi6nj8YL3czU55JHRnrSMnXCMXpIZQ3Gi1rX0v3RYpX15e4AcKeJ5VycgL9X8EBJB0nzJ5_AgiIK4BCrI4RwplvAu5DghUAl5MZjbgShnpAJqefWGmDJLzccr-xx67QSii0tA-8AMVDMG5RN_B9yPlqkjVApw0L0AKI9j3M7xeb43xOmpdiYzF9HcJhBFyip0Bog6rqcw8azqtvoIi29vsmE1uVAeNJQXZsR-3Uc3ignAANztCoGVj7h6qhc7Os7uSh9-0E6133qqUv1xl5Q%3D%3D%7C&ksu=224&fdkt=423&vgde_kbbh=ffoyxQJuO&kwd[]=Best+Hydrating+Moisturizers+for+Face&kwt[]=423&kbc[]=1262517365&kwp[]=1&kid[]=350909279&kbc2[]=3%3D0.35%7C4%3D1.00%7C5%3D-1%7C6%3D-1%7C16%3D-1%7Cokt%3D423%7Cbkt%3D423%7Cps%3D1.071&ktd[]=274894815488&kwd[]=Buy+Best+Moisturizers+for+Aging+Skin&kwt[]=423&kbc[]=1262074113&kwp[]=2&kid[]=350709677&kbc2[]=3%3D0.21%7C4%3D1.00%7C5%3D-1%7C6%3D-1%7C16%3D-1%7Cokt%3D423%7Cbkt%3D423%7Cps%3D1.071&ktd[]=824650629376&kwd[]=Home+Remedies+for+Dry+Skin&kwt[]=423&kbc[]=1262074113&kwp[]=3&kid[]=13934105&kbc2[]=3%3D0.17%7C4%3D1.00%7C5%3D-1%7C6%3D-1%7C16%3D-1%7Cokt%3D423%7Cbkt%3D423%7Cps%3D1.071&ktd[]=274911592704&kwd[]=5+Ways+to+Get+Rid+of+Dry+Skin&kwt[]=423&kbc[]=1262074113&kwp[]=4&kid[]=353584843&kbc2[]=3%3D0.37%7C4%3D1.00%7C5%3D-1%7C6%3D-1%7C16%3D-1%7Cokt%3D423%7Cbkt%3D423%7Cps%3D1.071&ktd[]=274894815488&v=1&gdpr=1&geo=52.52%7C13.41&dlper=25&lper=100&lpid=&tsid=1&hint=&cc=DE&wsip=170774887&bca=0&ugd=4&vgde_setid=Nff&cid=8CUG3G308&vi=1691967529406387160&vsid=DefVid&tdAdd[]=asnum%3D201011&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=1010&vgd_implt=3&vgd_cage=3&vgd_tsce=L224-S224&vgd_l3_sc=BY&vgd_chost=contextual.media.net&vgd_katid=807890590&vgd_katbid=-21&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_kals=ttype%3D10002%7C%7Cpt%3D1%7C%7Clmid%3DvDef%7C%7Cctr%3D0.002%7C%7Crpc%3D0.358%7C%7Cttd%3D8&vgd_kalog=SI%3D3299%7C%7CMI%3D3299%7C%7CSID%3D8%7C%7CHID%3D0%7C%7CMPTD%3D128%7C%7CTPTD%3D150457034855497602564%7C%7CCI%3D3299%7C%7CUUID%3Dr7Fnl5w3HTjCFqlz8C%7C%7CTLID%3D6&vgd_pdtid=1&vgd_nrrv=13243&vgd_nrrmf=c80a&vgd_nrrsf=scrr&vgd_cty=berlin&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&pid=8PO52G640&sttm=1691967529828&upk=1691967530.7685&hvsid=00001691967529828013588907522441&verid=3121199&vgd_l1rakh=1691967529163581770&vgd_isiolc=1&abpl=2&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D201011&vgd_mcf=84362&vgd_vstrid=DefVid&vgd_icat=635&vgd_spcat=500896&vgd_cfud=220419&vgd_scsver=165&vgd_optout=0&vgd_l2shld=1&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_l1rpth=%2Fdmedianet.js&vgd_lbt=200&vgd_btm=%7B%22SPAMPXL%22%3A%221%22%2C%22URLDC%22%3A%221%22%7D&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A302%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200&vgd_uspa=0&vgd_sc=BY&vgd_l1rhst=contextual.media.net&hvsid=00001691967529828013588907522441&rc=0&rand=1691967530201&matm=1691967530201&requrl=https%3A%2F%2Fblog.paleohacks.com%2Fdry-vs-dehydrated-skin%2F%3Fmpcampaignid%3D10061339&vgd_x_pos=1062&vgd_y_pos=377&vgd_ren_page_h=12427&vgd_ltimesrc=2&vgd_ltime=510&vgd_rtime=386&vgd_etm=6&vgd_l1hcsd=Og4dd%7C5295&vgd_l1ch=1&vgd_lhl=1246&vgd_pgid=p162514442t202308132258&vgd_sbSup=0&vgd_nrrs=13243&vgd_cdv=1047&vgd_cntrdt=AS%7CDIV-726657258%7CDIV-paleo-740493111&vgd_eadm=1&vgd_end=1

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Sun, 13 Aug 2023 22:58:50 GMT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 15
Expires: Sun, 13 Aug 2023 22:58:50 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 4888 0
18 B 40ms
40ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://blog.paleohacks.com
Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://blog.paleohacks.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 22:58:50 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 css2
fonts.googleapis.com/ Frame 87FC 9 KB
858 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap

Requested by

Host: paleohacks.lpages.co
URL: https://paleohacks.lpages.co/leadbox/144718873f72a2%3A13300845e746dc/5765867027562496/?lp-in-iframe=1&mpcampaignid=10061339&__fromjs=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a63284d0b07236a49f89dd197f9aa2ea595e314e750b5d42834fbda2f7cba411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paleohacks.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Aug 2023 22:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 13 Aug 2023 21:12:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Aug 2023 22:58:50 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame C985 9 KB
835 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap

Requested by

Host: paleohacks.lpages.co
URL: https://paleohacks.lpages.co/leadbox/144718873f72a2%3A13300845e746dc/5765867027562496/?lp-in-iframe=1&mpcampaignid=10061339&__fromjs=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a63284d0b07236a49f89dd197f9aa2ea595e314e750b5d42834fbda2f7cba411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paleohacks.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Aug 2023 22:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 13 Aug 2023 22:50:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Aug 2023 22:58:50 GMT

GET
H3 200 createVisitor Show response
track.mypaleorecipe.com/api/ 9 B
711 B 684ms
640ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/api/createVisitor
Requested by: Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 8db66be4622d44dabf5b23e0701217d2c0134ff49172c7bc3a69ccc6305c6938

Request headers

Accept: */*
Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FRWOXmkTZLINXIUkfkB%2BSZsq2jYoTXp78r0VPDMxmcx58nwR6prdn3IWJAJs6gXP1OYB1DRyX1W4n7LnZoNMjpSisENsytND4vnoOYjdEa5LKbYy1O7xQigr8vWcQZMMUAPjAYGWA37LS3iiSnLkoR3mbk%2BC8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, max-age=0, no-cache
cf-ray: 7f6490aa9e173608-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 204 unrenderedCreative
paleohacks.attn.tv/ 0
0 436ms
436ms Fetch 104.18.25.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleohacks.attn.tv/unrenderedCreative?v=4.25.1&r=&id=425b64f38d5a4889b919e086dcc153fb&pv=1&l=https%3A%2F%2Fblog.paleohacks.com%2Fdry-vs-dehydrated-skin%2F%3Fmpcampaignid%3D10061339&w=1600&h=1200&ss_ref=ORGANIC&m=marketing&m=live-sms&m=backInStock&m=topBar&f=2
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 13 Aug 2023 22:58:51 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 16
cf-ray: 7f6490aa8ad1914c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
27 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/uploads/415/904/33/881/775/653.js?ver=2.12.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95c18c65e5a96cb0dd4ccc52832d3e99e98fd39933f8e95adb94507c5cc62d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28124
x-xss-protection: 0
server: cafe
etag: 503 / 19582 / 31076940 / config-hash: 9566803040182507923
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 22:58:50 GMT

GET
H3 200 admin-ajax.php Show response
blog.paleohacks.com/wp-admin/ 1 KB
938 B 808ms
806ms XHR
text/html 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.paleohacks.com/wp-admin/admin-ajax.php?action=show_optin_async&post_id=40033&_=1691967529863

Requested by

Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.23

Resource Hash

78d51876e19ed55833c73a4994bf979c4a40d4f028547ba81437b2b57eed120d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.23
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
cf-ray: 7f6490acbc4a3a74-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 278 KB
50 KB 1430ms
1430ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2789975722667140&correlator=3352533978332853&eid=31076625%2C31076868%2C31076923&output=ldjh&gdfp_req=1&vrg=202308030102&ptt=17&impl=fifs&iu_parts=55892584%2Cdesktopfooter%2Cph_widebanner%2Csitefooterbanner%2CPaleohacksSidebarBanner&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%2C970x250%7C728x90%2C970x250%7C728x90%2C300x250%7C300x600&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1691967531008&lmt=1691960331&adxs=0%2C315%2C315%2C1062&adys=1110%2C341%2C12393%2C2959&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C2%7C3&ucis=3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fblog.paleohacks.com%2Fdry-vs-dehydrated-skin%2F%3Fmpcampaignid%3D10061339&frm=20&vis=1&psz=728x-1%7C1600x0%7C1600x0%7C302x0&msz=728x-1%7C1600x0%7C1600x0%7C302x0&fws=516%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&ga_vid=1384739232.1691967530&ga_sid=1691967530&ga_hid=1298519277&ga_fc=true&dlt=1691967528793&idt=972&adks=2912191614%2C3129430941%2C2355259855%2C698452367

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9771d928e37f1954111a1f3a72c184b97317783c06ec2b7ecd9f28863edea77f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51591
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blog.paleohacks.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 How-to-Carb-Cycle-for-Fat-Loss744.jpg
blog.paleohacks.com/wp-content/uploads/2018/06/ 64 KB
64 KB 50ms
50ms Image
image/webp 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2018/06/How-to-Carb-Cycle-for-Fat-Loss744.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97a24ab2121a3edfe321439c72a3895c337c957632c8d6d9f112c4c1e944eba9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:51 GMT
cf-cache-status: HIT
age: 54322
cf-polished: qual=85, origFmt=jpeg, origSize=78072
content-disposition: inline; filename="How-to-Carb-Cycle-for-Fat-Loss744.webp"
alt-svc: h3=":443"; ma=86400
content-length: 65332
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sun, 10 Nov 2019 01:49:10 GMT
server: cloudflare
etag: "5dc76c96-130f8"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490adace33a74-FRA
expires: Tue, 12 Sep 2023 07:53:28 GMT

GET
H2 200 /
log.pinterest.com/ 0
237 B 74ms
68ms Image
text/plain 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=LNyqWnxmi3Uv&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fblog.paleohacks.com%2Fdry-vs-dehydrated-skin%2F&viaSrc=canonical
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 13 Aug 2023 22:58:51 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 4
x-pinterest-rid: 5778038047789406
content-length: 0
x-served-by: cache-fra-eddf8230073-FRA
pragma: no-cache
server: envoy
x-timer: S1691967531.174687,VS0,VE28
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 container.html Show response
dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 84D6 6 KB
3 KB 41ms
41ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 22:58:49 GMT
expires: Mon, 12 Aug 2024 22:58:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK bqi.php
lg3.media.net/ 15 B
15 B 41ms
40ms Image
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?vgd_len=2081&lf=3&&vgd_tsce=L224&vgd_l2type=scs_newfl&pid=8PO52G640&vgd_cdv=1047&vgd_cage=3&katid=807890590&kals=ttype=10002||pt=1||lmid=vDef||ctr=0.002||rpc=0.358||ttd=8&kata=aton&kasts=tstype=-10408||gbid=-1&kalog=SI=3299||MI=3299||SID=8||HID=0||MPTD=128||TPTD=150457034855497602564||CI=3299||UUID=r7Fnl5w3HTjCFqlz8C||TLID=6&katen=1&pc=9&katbid=-21&cme=0ZtT1_FO9fW0yXZCevTMeinKzeuWCoQii-yHW5hjiqcaBwdZ_jUA9x6KFQfP30rGGCnekhzxiE0l9xayLHWGwysdffo3MH8k120GlPRGzsTEB5eNC63d9KxSIsYABi10yRlw3YFql8Be3LvA-rVfcHZAHxtfbKQAbpGCmKAuQfHg4m7r3QeFBxZ1ZUCBqsKR0_utBYTKlivHovP-b60kjM1T07Z90Ax10XhRaKGThBGKruohisKwmC_AKWEhKY01NQtIK6GAapCaGbelK_wyCKJChAbhHo3xxhzzfyngzxsCZ2sdIT1i1FbByS7RUSV0||KOA2tkfoPlCxJ92iUGwOAJF-FU3JoeM41kAOPvwAVOiuZCXsApE1f2sSYYCbZX8yrlGGv9WgeBAdHKNcOmzgJ46JmeLXwGZVBilfFVX1ydg=|Pjh0G0G2IrOwcgU9gOyssfaKVgAr1zTklc88w3BqyKwHRs3KN68uYkEJGQneo40xgG37oeK3Sjm8DOvF2-_viKRnJgI9ia-dwRK1jBxnRtc=|pxZi6nj8YL3czU55JHRnrSMnXCMXpIZQ3Gi1rX0v3RYpX15e4AcKeJ5VycgL9X8EBJB0nzJ5_AgiIK4BCrI4RwplvAu5DghUAl5MZjbgShnpAJqefWGmDJLzccr-xx67QSii0tA-8AMVDMG5RN_B9yPlqkjVApw0L0AKI9j3M7xeb43xOmpdiYzF9HcJhBFyip0Bog6rqcw8azqtvoIi29vsmE1uVAeNJQXZsR-3Uc3ignAANztCoGVj7h6qhc7Os7uSh9-0E6133qqUv1xl5Q==|&fp=apuRvDLAtBkB00__Cmkal3KFrsnGCYd4VsEPJ59Tez9hVFartwcufxw1ABPe-E5QVqxKxC41iJ-FD7b92UBvEhqN61p8kUQY5Uu_AN6xAIF_AfOaHQSzdXJNtLBJdR48r_m5xkcWXSPeGv5z6m_0Jg==&vgd_x_pos=1062&vgd_y_pos=402&vgd_rensize=302_250&vgd_ren_page_h=13247&vgd_lbt=200&vgd_btm=%7B%22SPAMPXL%22%3A%221%22%2C%22URLDC%22%3A%221%22%7D&gdpr=1&mspa=0&prid=8PRHGG6T9&cid=8CUG3G308&crid=726657258&requrl=https://blog.paleohacks.com/dry-vs-dehydrated-skin/mpcampaignid=10061339&vi=1691967529406387160&ugd=4&cc=DE&sc=BY&startTime=1691967529822&l1ch=1&l1hcsd=l1!Og4dd|5295&sttm=1691967529828&upk=1691967530.7685&hvsid=00001691967529828013588907522441&verid=3121199&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1691967529163581770&vgd_sc=BY&vgd_uspa=0&vgd_isiolc=1&vgd_pgid=p162514442t202308132258&vgd_pgids=1&vgd_end=1

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Sun, 13 Aug 2023 22:58:51 GMT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 15
Expires: Sun, 13 Aug 2023 22:58:51 GMT

GET
H2 200 12e0c0bbc282de0324fc2c716af124fb.js Show response
www.gstatic.com/mysidia/ Frame 84D6 9 KB
4 KB 140ms
39ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/12e0c0bbc282de0324fc2c716af124fb.js?tag=client_fast_engine_2019

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c1e5469741d286589a094c9fea2c1e5409ac1eca95013c43c65c781d170e2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 08:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 399250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3920
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:28:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 08:04:41 GMT

GET
H2 200 3e881cad55383437c91698a17d09f133.js Show response
www.gstatic.com/mysidia/ Frame 84D6 140 KB
51 KB 142ms
41ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3e881cad55383437c91698a17d09f133.js?tag=video_mra/web_raspberry_ms

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72bce1d8441437e210c0a053e087f0444869afedab4bba9aaa2bcd4d3419da7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 456881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52598
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:28:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 06 Nov 2023 16:04:10 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 84D6 21 KB
1 KB 49ms
49ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Aug 2023 22:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 13 Aug 2023 21:28:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Aug 2023 22:58:51 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ Frame 84D6 110 KB
33 KB 169ms
47ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

723df3c7d7a3d796cd19b2d214c09340b55cf08e08d26cdf29848731527239ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 13 Aug 2023 22:58:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32235
x-xss-protection: 0
server: sffe
etag: "e3f6ff5fb1ac62c8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 13 Aug 2023 22:58:51 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 84D6 2 KB
973 B 43ms
42ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 05:41:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Aug 2023 05:41:37 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 84D6 23 KB
9 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 05:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Aug 2023 05:41:38 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 84D6 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14715
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Aug 2023 18:53:36 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 84D6 20 KB
8 KB 140ms
40ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55763
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Aug 2023 07:29:28 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 84D6 0
0 50ms
49ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTl57fBGRDccQ9Qf_ZyUXzMYpDRN3QeA3Yh3Eg-eYmOcrejZkiAtFWqV7iVgtbWJP4aYxk0HQ4eMlaCvSYEgp_4Gep7qw
Requested by: Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame 84D6 33 KB
14 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 09:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 392353
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:28:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 09:59:38 GMT

GET
H/1.1 200
OK / Show response
api.ipify.org/ 21 B
221 B 332ms
110ms XHR
application/json 64.185.227.156
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 64.185.227.156 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-227-156.static.webnx.com
Software: nginx/1.25.1 /
Resource Hash: e33a708ad9d04c864fdd86f9ccfdfbbdf24c3b2585bed619367ba4c4747c4e20

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 13 Aug 2023 22:58:51 GMT
Server: nginx/1.25.1
Connection: keep-alive
Content-Length: 21
Vary: Origin
Content-Type: application/json

GET
DATA 200
OK truncated
/ Frame 84D6 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 csi
csi.gstatic.com/ Frame 84D6 0
225 B 152ms
45ms Ping
image/gif 2a00:1450:400e:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lla1s6ov&c=2410795139106&slotId=1205397569553&qqid=CLPc2Zze2oADFVuI_QcdbK4JRQ&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1&ua_e=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3e881cad55383437c91698a17d09f133.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:80f::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:51 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/1053657336354243090/ Frame 84D6 99 KB
99 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1053657336354243090/14763004658117789537

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14569cb71a2d18408dcee2434292bb0bcfd8b78d791f01bb371d0f7e465b7c6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 15:36:59 GMT
x-content-type-options: nosniff
age: 199312
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101213
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 14:12:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 10 Aug 2024 15:36:59 GMT

GET
H/1.1 206
Partial Content videoplayback
rr3---sn-4g5e6nzl.googlevideo.com/ Frame 84D6 514 KB
514 KB 150ms
41ms Media
video/mp4 2a00:1450:4001:3c::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-4g5e6nzl.googlevideo.com/videoplayback?expire=1691996331&ei=K2DZZI6DBemy6dsPh5OawAk&ip=2a01:4a0:1338:92::9&id=07ebbef72a1ca7a5&itag=18&source=youtube&requiressl=yes&mh=nD&mm=31&mn=sn-4g5e6nzl&ms=au&mv=m&mvi=3&pl=36&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=7.082&lmt=1673961928923527&mt=1691967192&txp=6310224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhALeGW9ScO8cNg-Rz7yUvrdhvt-MAV7FdJz4iNndNR7_-AiEAvD6whjTJOk1x98XmigSkwn-HhByuxO2dK9i_pOtNhE0=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgIgo21I6B9fHByqI4VvB0t3OAqHT07OurRsjhuiVv3lICIBV6IX1RzyiP_KG1_TjfNeOztSCM5gKkCuc8pJfNYToO&cpn=3089BQwRH7GaDaFO

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:3c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

ce7b37027a65f40822994651c0e09e78a474cda90f8ce1cee5b4010a60d8c206

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 13 Aug 2023 22:58:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Jan 2023 13:25:28 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-526234/526235
Cache-Control: private, max-age=28500
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 526235
Expires: Sun, 13 Aug 2023 22:58:51 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 24C6 1 KB
1001 B 133ms
39ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50041
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 09:04:50 GMT
etag: 48472445140208031
expires: Mon, 14 Aug 2023 09:04:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 84D6 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 036292f3508c4bc501229b877bf4768d898b3cdf8739f2c1baa015158126c2cd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 84D6 33 KB
33 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 07:13:42 GMT
x-content-type-options: nosniff
age: 402309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Aug 2024 07:13:42 GMT

GET
H3 200 createActivityLog Show response
track.mypaleorecipe.com/api/ 8 B
611 B 586ms
586ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/api/createActivityLog?visitor_id=156781585&activity_type_id=1&fbp=fb.1.1691967529952.1468753089&fbc=undefined&ga=GA1.2.1384739232.1691967530&client_ip_address=80.255.7.108&client_user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/115.0.5790.170%20Safari/537.36&full_url=https%3A%2F%2Fblog.paleohacks.com%2Fdry-vs-dehydrated-skin%2F%3Fmpcampaignid%3D10061339&utm_source=0&utm_medium=0&utm_campaign=0&utm_content=0&utm_term=0
Requested by: Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 96e2c81ad267e34acb307e61ebfdfd18bf9d2943cf9e83e12ec0fe8856787b29

Request headers

Accept: */*
Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQj9OaD5oAZ32zWzci7L0mIaI14IwdBlTrkxoRlKkjx8nYk4IM8ZTqbFKHFlOlesF3MMhG%2FWb6h4g4BDH5OTumfFL1PdpVpEbfxck1GFYha9xV7JR4GEBtPYDFjwFAzfxF%2FhZKz23Aa8zf3diPqdXek4Ju%2FjDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, max-age=0, no-cache
cf-ray: 7f6490b0bd6f3608-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 84D6
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CetVOKWDZZPOjM9uQ9u8P7NymqASVvN3scMnK3KH9EIjCusGLDhABIMj9iB5glfqugrgHoAHpituaAsgBCakCqD1f4W5esj7gAgCoAwHIAwqqBLkCT9AMUkuX0nCpx6FRGxPciiy_1sR8...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226998685366935380266%22,%22debug_reporting%22:true,%22destination%22:%22https://nuubuofficial.com%22,%22event_report_window...

0
0

171ms
77ms

Fetch
text/css

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226998685366935380266%22,%22debug_reporting%22:true,%22destination%22:%22https://nuubuofficial.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22592889193%22],%224%22:[%2208-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225111641298264867985%22}&andc=true

Protocol

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:52 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"6998685366935380266","debug_reporting":true,"destination":"https://nuubuofficial.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["592889193"],"4":["08-13"],"6":["true"]},"priority":"500","source_event_id":"5111641298264867985"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 13 Aug 2023 22:58:52 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 13 Aug 2023 22:58:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"6998685366935380266","debug_reporting":true,"destination":"https://nuubuofficial.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["592889193"],"4":["08-13"],"6":["true"]},"priority":"500","source_event_id":"5111641298264867985"}&andc=true
access-control-allow-origin: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 159ms
77ms Preflight
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CetVOKWDZZPOjM9uQ9u8P7NymqASVvN3scMnK3KH9EIjCusGLDhABIMj9iB5glfqugrgHoAHpituaAsgBCakCqD1f4W5esj7gAgCoAwHIAwqqBLkCT9AMUkuX0nCpx6FRGxPciiy_1sR8Xr_3HI_rGgn_gx6OAo6nOWt5Lhtsfk2iffAw_iv2SPU4nhjjcE1WnnOICY9XLD2k5uuHH2Bhf1jwJ9732TPJex7eXiYTrVZXCY727GeNYXoyeHJyePp3wwSN85Jcn1KxjyyddSHGL3yt_J3YwLw6yxjgsFZeTYM3NF9YiQCOFofhxMitq6hUM7uuIL6CS04m6G8YsOlSR5plY_wmNvxlWsnpXKamfaQ0nplaeWcj8ilu1KuSAoi4K4rVK1cGdNOsWYEjO53rKMleTbegsDmsyoDEoza6PNPfzJHFnAdIDV6Yr_NyrRIMF1mzNdVThpPX571tgUzPfhqvBKz9pv0n3wpp53Hk4sqWY2p550hshy0Ac59OIxoja7Fbkl9Bpf_DIUQ9jcAE087sjIME4AQBkgUECAQYAZIFBAgFGASgBi6AB__0pOUBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQnPRZ0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJ7gFodHRwczovL251dWJ1b2ZmaWNpYWwuY29tL2FydGljbGVzL3VuY292ZXJlZC1qYXBhbmVzZT9sPWRlJmM9ZXVyJnZuZHI9bnViZ2dnaWUmc3ViaWQzPTE0MjEwMzQxMDgwJnN1YmlkPTEzODI3MTIwNTIwMyZzdWJpZDI9NjU0NjkxODYyMzIzJnN1YmlkND0mdXRtX3NvdXJjZT1Hb29nbGUmdXRtX21lZGl1bT1DUEMmdXRtX2NhbXBhaWduPTIzdzEwX0EtQUxfcmVmbGV4b2xvZ3kmdXRtX3Rlcm09Y29tYmluZWQtaW1hZ2VzgAoByAsBogwIKgYKBMOwsQK4E5wb2BMM0BUBmBYBgBcBshceChwIABIUcHViLTUxNDQzODk2NTc3ODU1NjUYsJgV&sigh=aeNqYJbs7ro&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJW-2QB3QYgGiJjVmduTXq9yl8IR8l-x0H2hEAhq6NknYiRxKY8gUYeOl5vHQmca1v89xajS-pekhgB&template_id=3484&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 13 Aug 2023 22:58:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 24C6
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEkRLUic25WPHgoQ5HBRoII&google_cver=1&google_push=AXcoOmRpmoJqqt9OjxLYJdLlm_8_Qtp98nKXs5TQH_KRgdjN4JEN_wZ_u7QI2ta3-iOcVPPb7cabct9lQOq7VdFT_SxBDIhhB_hPWdc
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzY3Njc1MDY3OTIzNTEwNTkxOQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEkRLUic25WPHgoQ5HBRoII&google_cver=1

43 B
398 B

107ms
47ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEkRLUic25WPHgoQ5HBRoII&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 13 Aug 2023 22:58:51 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEkRLUic25WPHgoQ5HBRoII&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 24C6 0
104 B 220ms
88ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELCYemjVQlydo0nAPA333zE&google_cver=1&google_push=AXcoOmSCRS08m1_Tvc8NGX-kwdx2DJwzgPO0ruV4XFJIJraW9XoXNCEe-Ige9sJ-AHfUXh5lRw5_LTnthjl3MdwBRp7lZiyKrTg2hA
Requested by: Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:51 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 24C6
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEF1ZZ2KIw6gSPNj7NBV-XRU&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEF1ZZ2KIw6gSPNj7NBV-XRU&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=enlKTFk1R00xUXZrMlQ1&google_gid=CAESEF1ZZ2KIw6gSPNj7NBV-XRU&google_cver=1&google_push=AXcoOmR4WHjtbULPNj6WFXDn2uxnqo_gkz8fwi1sAdJmLrJ...

170 B
232 B

50ms
50ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=enlKTFk1R00xUXZrMlQ1&google_gid=CAESEF1ZZ2KIw6gSPNj7NBV-XRU&google_cver=1&google_push=AXcoOmR4WHjtbULPNj6WFXDn2uxnqo_gkz8fwi1sAdJmLrJmzkPyF02E7z-FutJcV67fXDgCAbOGua1OBAQIfAdYA9KcRlhlG_2zuA

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 13 Aug 2023 22:58:50 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0310c9e42ac8c94ba@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=enlKTFk1R00xUXZrMlQ1&google_gid=CAESEF1ZZ2KIw6gSPNj7NBV-XRU&google_cver=1&google_push=AXcoOmR4WHjtbULPNj6WFXDn2uxnqo_gkz8fwi1sAdJmLrJmzkPyF02E7z-FutJcV67fXDgCAbOGua1OBAQIfAdYA9KcRlhlG_2zuA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 24C6
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEmo-McQtMEqkgduqkyUqoI&google_push=AXcoOmRQpkGr49gpMWd8hsFBFrKiXSER5QyBJiQzrfpfwJMCy6SGErD2Ks...

170 B
232 B

50ms
49ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEmo-McQtMEqkgduqkyUqoI&google_push=AXcoOmRQpkGr49gpMWd8hsFBFrKiXSER5QyBJiQzrfpfwJMCy6SGErD2Ksrw1Sh63ISsUIAjGHainraYEwTZX3CtNiwyyL4XjCUVIEA

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220058-FRA
pragma: no-cache
date: Sun, 13 Aug 2023 22:58:51 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1691967532.779375,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEmo-McQtMEqkgduqkyUqoI&google_push=AXcoOmRQpkGr49gpMWd8hsFBFrKiXSER5QyBJiQzrfpfwJMCy6SGErD2Ksrw1Sh63ISsUIAjGHainraYEwTZX3CtNiwyyL4XjCUVIEA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 24C6
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEHFAblvfajvKSTlG_CJeMIc&google_cver=1&google_push=AXcoOmQKYQPUY1Bbjam1O1MnIuxHWCNI2wSwnsw8Kb8LVH5_9-SFM6qSvprEgFJNDxz_vjUj5nnJPgNfdhYVsVI_kJBLcN8...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHFAblvfajvKSTlG_CJeMIc&google_cver=1&google_push=AXcoOmQKYQPUY1Bbjam1O1MnIuxHWCNI2wSwnsw8Kb8LVH5_9-SFM6qSvprEgFJNDxz_vjUj5nnJPgNfdhYVsVI_kJBLc...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQKYQPUY1Bbjam1O1MnIuxHWCNI2wSwnsw8Kb8LVH5_9-SFM6qSvprEgFJNDxz_vjUj5nnJPgNfdhYVsVI_kJBLcN8uySW-Thg

170 B
232 B

50ms
50ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQKYQPUY1Bbjam1O1MnIuxHWCNI2wSwnsw8Kb8LVH5_9-SFM6qSvprEgFJNDxz_vjUj5nnJPgNfdhYVsVI_kJBLcN8uySW-Thg

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQKYQPUY1Bbjam1O1MnIuxHWCNI2wSwnsw8Kb8LVH5_9-SFM6qSvprEgFJNDxz_vjUj5nnJPgNfdhYVsVI_kJBLcN8uySW-Thg
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 24C6
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJTnCM686oG0leqVA6cQTp4&google_cver=1&google_push=AXcoOmS3iMhQziJmkphbhSdPIu75g6vieaagGeCt3ceDwtSU02H_2o0BoGXyMBp9ZXUpZ70lEP9pieC7...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJTnCM686oG0leqVA6cQTp4&google_cver=1&google_push=AXcoOmS3iMhQziJmkphbhSdPIu75g6vieaagGeCt3ceDwtSU02H_2o0BoGXyMBp9ZXUpZ70lEP9...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQ5NzgwMjMzODgyNzg4ODM1Mg&google_push=AXcoOmS3iMhQziJmkphbhSdPIu75g6vieaagGeCt3ceDwtSU02H_2o0BoGXyMBp9ZXUpZ70lEP9pie...

170 B
243 B

56ms
56ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQ5NzgwMjMzODgyNzg4ODM1Mg&google_push=AXcoOmS3iMhQziJmkphbhSdPIu75g6vieaagGeCt3ceDwtSU02H_2o0BoGXyMBp9ZXUpZ70lEP9pieC75zYobN4Hugl74OdW1nX44A

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQ5NzgwMjMzODgyNzg4ODM1Mg&google_push=AXcoOmS3iMhQziJmkphbhSdPIu75g6vieaagGeCt3ceDwtSU02H_2o0BoGXyMBp9ZXUpZ70lEP9pieC75zYobN4Hugl74OdW1nX44A
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame 24C6
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPUayjK5u3Fe...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSjLSzqIhPY1GKIkAyshO2n1C_BzJ3rGIlSmc1j8YHuMDtW2lh9YLUmfI6g3YH1HaWFiag1BFtZNrxZZy-TEs0uyYQrIO6w3gwi
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

63ms
63ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Sun, 13 Aug 2023 22:58:51 GMT
pragma: no-cache
date: Sun, 13 Aug 2023 22:58:51 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 24C6 0
139 B 148ms
47ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IkL_ON3zGr0E84cNQgLYq99AFXVH0eZaRJKF7sIZMAEVnTOazTaYUNtxkPkE3OcPYyndQVvw

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 170ms
89ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308030102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96c3109f17ea7187bfedfde17eae1283ef7e753787e05966e76145af2126312e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11739
x-xss-protection: 0

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 5566 565 B
400 B 68ms
68ms Document
text/html 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.04e94784.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Sun, 13 Aug 2023 22:58:51 GMT
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1487338437810424

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 54ms
53ms Image
text/html 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=1103799269&rv=3890&u=AAAAAAAIAAAAACAAAAAAAAg&ut=AgCA&h=Ag&cid=137939032&l=137939032.EC2.TC0.HTC0~*~*~GA795.802

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:51 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 63ms
63ms Image
text/html 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=2146103170&rv=3890&u=AAAAAAAIAAAAACAAAAAAAAg&ut=AgCA&h=Ag&cid=G-RWB4GYKC4G&l=G-RWB4GYKC4G.L3310.S74.E1591.EC5.TC33.HTC0~gtm.init.S0.V0.E109.TS5ogtgasend.TI16.TE1.TS5ogtreferralexclusion.TI18.TE0.TS5ogtsessiontimeout.TI19.TE0.TS5ogt1pdatav2.TI20.TE0.TS5ccdgalast.TI21.TE0.TS5ccdautoredact.TI22.TE0.TS5ogteventcreate.TI23.TE0.TS5ogteventcreate.TI24.TE0.TS5ogteventcreate.TI25.TE0.TS5ogteventcreate.TI26.TE0.TS5ogteventcreate.TI27.TE0.TS5ogteventcreate.TI28.TE0.TS5ogteventcreate.TI29.TE0.TS5ogteventcreate.TI30.TE0.TS5ogteventcreate.TI31.TE0.TS5ogteventcreate.TI32.TE0.TS5ogteventcreate.TI33.TE0.TS5ogteventcreate.TI34.TE0.TS5ogteventcreate.TI35.TE0.TS5ogteventcreate.TI36.TE0.TS5ogteventcreate.TI37.TE0.TS5ogteventcreate.TI38.TE0.TS5ogteventcreate.TI39.TE0.TS5ogteventcreate.TI40.TE0.TS5ogteventcreate.TI41.TE0.TS5ccdconversionmarking.TI42.TE0.TS5ccdemsitesearch.TI43.TE0.TS5ccdgaregscope.TI44.TE0.TS5ogtgooglesignals.TI45.TE0.TS5ogtgagamlink.TI46.TE0.TS5setproductsettings.TI47.TE0.TS5ccdgafirst.TI48.TE0~gtm.js.S0.V0.E95.TS5gct.TI13.TE0~gtm.dom.S0.V0.E66~gtm.load.S0.V0.E0~gtm.init_consent.S1.V0.E81

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:51 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Popup-Dec2017-Skin_care_guide.jpg
blog.paleohacks.com/wp-content/uploads/2018/01/ 110 KB
110 KB 387ms
386ms Image
image/jpeg 2606:4700:10::6816:12c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2018/01/Popup-Dec2017-Skin_care_guide.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:12c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4627a47f289fd2cc6035d7ceee7f885f6daeaf1ded69378f8283d27ec5712169

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Aug 2023 22:58:52 GMT
cf-cache-status: MISS
last-modified: Sun, 10 Nov 2019 01:10:42 GMT
server: cloudflare
etag: "5dc76392-1b6b1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7f6490b1cfb23a74-FRA
alt-svc: h3=":443"; ma=86400
content-length: 112305
expires: Tue, 12 Sep 2023 22:58:51 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 182ms
74ms Preflight
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 13 Aug 2023 22:58:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Aug 2023 22:58:51 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D584 13 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1690
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 22:30:42 GMT
expires: Mon, 12 Aug 2024 22:30:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D624 831 B
556 B 49ms
48ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

842c4861ef314ec1b74018e5cf21c3844d7a73e2ab77ccf118abbaba0e6b1535

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jR2NKv_n4mibT_t5ThQA4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 534
content-security-policy: script-src 'report-sample' 'nonce-jR2NKv_n4mibT_t5ThQA4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 22:58:52 GMT
expires: Sun, 13 Aug 2023 22:58:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js Show response
pagead2.googlesyndication.com/bg/ Frame D584 37 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 06:15:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 146611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14662
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Aug 2024 06:15:21 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D624 0
0 72ms
72ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308030102&jk=2789975722667140&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D584 0
10 B 39ms
38ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?t8Cb0g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 createUrlParam Show response
track.mypaleorecipe.com/api/ 8 B
674 B 236ms
235ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/api/createUrlParam?url_param_key=mpcampaignid&url_param_value=10061339&activity_id=27819505
Requested by: Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 2e3f35ef16137f3f87cd0cc493c1f4af4d7d757a3bb28601525d87c6520b899c

Request headers

Accept: */*
Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYEtwcX1DooKTkqQHN9xpU1og9NsC%2BOA9JBT1%2BqyflfUWdCB12HZo90sU4gs54N0CwxRd%2FcDOAAvsF%2FCB2gFMQ0EnRsdjImYouf4plFWho8JyavhvFp7xcaxJV3d07Qr3oNzDnbb0y7xKkUmjL3DqSCJCUBS1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, max-age=0, no-cache
cf-ray: 7f6490b468ad3608-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307272333000/ Frame 4B43 222 KB
61 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 09 Aug 2023 10:00:12 GMT
age: 392320
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: sffe
etag: "72571316e23440c4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 08 Aug 2024 10:00:12 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 4B43 15 KB
5 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 09 Aug 2023 10:00:11 GMT
age: 392321
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 08 Aug 2024 10:00:11 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 4B43 94 KB
28 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 12 Aug 2023 03:23:10 GMT
age: 156942
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 11 Aug 2024 03:23:10 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 4B43 5 KB
2 KB 97ms
96ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 09 Aug 2023 10:00:11 GMT
age: 392321
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 08 Aug 2024 10:00:11 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 4B43 40 KB
13 KB 98ms
97ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 09 Aug 2023 10:00:12 GMT
age: 392320
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 08 Aug 2024 10:00:12 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4B43 14 KB
1 KB 52ms
52ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Aug 2023 22:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 13 Aug 2023 21:24:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Aug 2023 22:58:52 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307272333000/ Frame 6662 222 KB
61 KB 91ms
89ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 09 Aug 2023 10:00:12 GMT
age: 392320
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: sffe
etag: "72571316e23440c4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 08 Aug 2024 10:00:12 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 6662 15 KB
5 KB 104ms
103ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 09 Aug 2023 10:00:11 GMT
age: 392321
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 08 Aug 2024 10:00:11 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 6662 94 KB
28 KB 105ms
104ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 12 Aug 2023 03:23:10 GMT
age: 156942
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 11 Aug 2024 03:23:10 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 6662 5 KB
2 KB 112ms
111ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 09 Aug 2023 10:00:11 GMT
age: 392321
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 08 Aug 2024 10:00:11 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 6662 40 KB
13 KB 113ms
112ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 09 Aug 2023 10:00:12 GMT
age: 392320
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 08 Aug 2024 10:00:12 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6662 14 KB
1 KB 51ms
50ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Aug 2023 22:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 13 Aug 2023 21:39:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Aug 2023 22:58:52 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307272333000/ Frame E1FE 222 KB
61 KB 106ms
105ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 09 Aug 2023 10:00:12 GMT
age: 392320
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: sffe
etag: "72571316e23440c4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 08 Aug 2024 10:00:12 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame E1FE 15 KB
5 KB 120ms
119ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 09 Aug 2023 10:00:11 GMT
age: 392321
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 08 Aug 2024 10:00:11 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame E1FE 94 KB
28 KB 121ms
120ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 12 Aug 2023 03:23:10 GMT
age: 156942
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 11 Aug 2024 03:23:10 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame E1FE 5 KB
2 KB 126ms
126ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 09 Aug 2023 10:00:11 GMT
age: 392321
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 08 Aug 2024 10:00:11 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame E1FE 40 KB
13 KB 127ms
126ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 09 Aug 2023 10:00:12 GMT
age: 392320
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 08 Aug 2024 10:00:12 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E1FE 4 KB
655 B 51ms
50ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Aug 2023 22:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 13 Aug 2023 21:36:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Aug 2023 22:58:52 GMT

GET
H3 200 container.html Show response
dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8BC6 6 KB
3 KB 42ms
40ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 22:58:49 GMT
expires: Mon, 12 Aug 2024 22:58:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4B43 2 KB
2 KB 43ms
42ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 23:35:53 GMT
x-content-type-options: nosniff
server: cafe
age: 84179
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2471
x-xss-protection: 0
expires: Sun, 13 Aug 2023 23:35:53 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4B43 295 B
319 B 44ms
43ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 27453
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 14 Aug 2023 15:21:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4B43 0
0 57ms
55ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSLwgj519knegHHK2D7kmHydLZCjvCOmbPhXkfZrjf675sMGG8FHWMIK4QXFx6Qxyo_FsqVmyZQvIaBPYoV7sfi4vrMeQ
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6662 2 KB
2 KB 43ms
41ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 04:40:07 GMT
x-content-type-options: nosniff
server: cafe
age: 65925
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 14 Aug 2023 04:40:07 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6662 295 B
319 B 44ms
43ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 27453
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 14 Aug 2023 15:21:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6662 0
0 58ms
56ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRzGx1Uj2b2K_VWbCVMakg78aDUOOIl8-SZl6cu2FPVyfbtcTyI-tnfQ9FE9HSQa402wbl3-4ehqhsN_JSJ3MRbbdVCPg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E1FE 2 KB
2 KB 43ms
42ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 04:40:07 GMT
x-content-type-options: nosniff
server: cafe
age: 65925
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 14 Aug 2023 04:40:07 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E1FE 295 B
319 B 44ms
43ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 27453
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 14 Aug 2023 15:21:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E1FE 0
0 58ms
57ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQwIADsV5BRx7aMTU1nzOY64l_d4XS87qGDn2ryDte50NDZbLMDibJgzo--nAJF0aIqGePLf6i80XLNaKEhoJh8UTnfNw
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 4B43 136 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6878b4c04dcb447d6b39de2d0ebca089e6c3d8196af59c6aea6269b9b0996bee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4B43 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9869bf7378443c517c75368aa8b6fa24787dc1d3b3a355daa7d2924564e9c320

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/14850704073889119776/ Frame 6662 40 KB
40 KB 48ms
47ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14850704073889119776/14763004658117789537?w=600&h=314

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4058e4f15caa39107c8f7e3de5c6779041c7b17a213d82c5c9743410e0484ab0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 11:02:14 GMT
x-content-type-options: nosniff
age: 215798
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40962
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 06:42:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 10 Aug 2024 11:02:14 GMT

GET
DATA 200
OK truncated
/ Frame 6662 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6662 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 843245d38197c1ae733406b6faeda0f9b53376d8853df5d513a880489c822166

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6662 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a200068a281e0b98ad769df929a429a1fa5f940535f041ed511ab4944dbfc80

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/10220976235389914201/ Frame E1FE 33 KB
33 KB 43ms
43ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10220976235389914201/14763004658117789537?w=600&h=314

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a626eea4812f44a7c5a81cb5390d4183fb2985c9572de359d49fe77d02d7f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 09:10:25 GMT
x-content-type-options: nosniff
age: 222507
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33609
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 06:49:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 10 Aug 2024 09:10:25 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11845074295767615406/ Frame E1FE 927 B
954 B 47ms
46ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11845074295767615406/14763004658117789537?w=100&h=100

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7582de85ba13e92e3e34c23ed002b60023d07f897c670f1967e7663b7cc3d875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 09:40:50 GMT
x-content-type-options: nosniff
age: 220682
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 927
x-xss-protection: 0
last-modified: Sun, 26 Jun 2022 03:40:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 10 Aug 2024 09:40:50 GMT

GET
DATA 200
OK truncated
/ Frame E1FE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dce9289b62262c4542d4d2528e4f512fc950e1f0cc0571cddf830647113bf5a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 4B43 33 KB
33 KB 46ms
43ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 07:13:42 GMT
x-content-type-options: nosniff
age: 402310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Aug 2024 07:13:42 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 6662 33 KB
33 KB 45ms
44ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 07:13:42 GMT
x-content-type-options: nosniff
age: 402310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Aug 2024 07:13:42 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E1FE 16 KB
16 KB 72ms
71ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 451958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Aug 2024 17:26:14 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E1FE 15 KB
15 KB 90ms
89ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 348636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Aug 2024 22:08:16 GMT

GET
H3 200 12e0c0bbc282de0324fc2c716af124fb.js Show response
www.gstatic.com/mysidia/ Frame 8BC6 9 KB
4 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/12e0c0bbc282de0324fc2c716af124fb.js?tag=client_fast_engine_2019

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c1e5469741d286589a094c9fea2c1e5409ac1eca95013c43c65c781d170e2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 08:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 399251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3920
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:28:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 08:04:41 GMT

GET
H3 200 3e881cad55383437c91698a17d09f133.js Show response
www.gstatic.com/mysidia/ Frame 8BC6 140 KB
51 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3e881cad55383437c91698a17d09f133.js?tag=video_mra/web_raspberry_ms_cta_adjustment

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72bce1d8441437e210c0a053e087f0444869afedab4bba9aaa2bcd4d3419da7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 483024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52598
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:28:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 06 Nov 2023 08:48:28 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8BC6 21 KB
1 KB 56ms
55ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Aug 2023 22:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 13 Aug 2023 21:42:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Aug 2023 22:58:52 GMT

GET
H3 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ Frame 8BC6 110 KB
32 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

723df3c7d7a3d796cd19b2d214c09340b55cf08e08d26cdf29848731527239ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 13 Aug 2023 22:58:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32235
x-xss-protection: 0
server: sffe
etag: "e3f6ff5fb1ac62c8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 13 Aug 2023 22:58:52 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 8BC6 2 KB
894 B 40ms
40ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 05:41:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62235
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Aug 2023 05:41:37 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 8BC6 23 KB
9 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 05:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Aug 2023 05:41:38 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 8BC6 3 KB
1 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 18:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14716
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Aug 2023 18:53:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 8BC6 20 KB
8 KB 46ms
42ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55764
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Aug 2023 07:29:28 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8BC6 0
0 49ms
47ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTh7o9ZG8A_4oeL0xl7L4QoWS-CN2uG9HyZQZWDByED8phOb5qOhhQVU_d5gDhrQymrCY3Oz8bveNrqfwWxy74yRP8cpg
Requested by: Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame 8BC6 33 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 09:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 392354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:28:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 09:59:38 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 4B43
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

48ms
47ms

Image
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H2
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Redirect headers

date: Sun, 13 Aug 2023 22:58:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E1FE 2 KB
2 KB 40ms
40ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 04:40:07 GMT
x-content-type-options: nosniff
server: cafe
age: 65925
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 14 Aug 2023 04:40:07 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E1FE 295 B
319 B 40ms
39ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 27453
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 14 Aug 2023 15:21:19 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8BC6 0
54 B 47ms
45ms Ping
image/gif 2a00:1450:400e:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lla1s7p3&c=7415283400779&slotId=3707641700389.5&qqid=CIT7pp3e2oADFevRuwgdPGEJLQ&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1&ua_e=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3e881cad55383437c91698a17d09f133.js?tag=video_mra/web_raspberry_ms_cta_adjustment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:80f::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11845074295767615406/ Frame 8BC6 927 B
954 B 39ms
39ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11845074295767615406/14763004658117789537?w=100&h=100

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7582de85ba13e92e3e34c23ed002b60023d07f897c670f1967e7663b7cc3d875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 09:40:50 GMT
x-content-type-options: nosniff
age: 220682
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 927
x-xss-protection: 0
last-modified: Sun, 26 Jun 2022 03:40:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 10 Aug 2024 09:40:50 GMT

GET
DATA 200
OK truncated
/ Frame 8BC6 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/10220976235389914201/ Frame 8BC6 108 KB
108 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10220976235389914201/14763004658117789537

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41217485eabe11079f62262cd7efb86ef5c2fe2886f9fc34e6cf433732206863

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 01:50:07 GMT
x-content-type-options: nosniff
age: 162525
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111018
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 06:49:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 11 Aug 2024 01:50:07 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
75ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308030102&jk=2789975722667140&bg=!EBOlE0fNAAaiGN5Pghg7ADkAdvg8WuBmCsk_ZVn9zORX2s6ihaBNopKGfjGsRfjCGy8zZmZ9iNc9twCP-UaikABnFx9KvBo8bcQCAAAAY1IAAAAHaAEHmQLNRPWUxGcYSUUb7HU--zbBjEH1DwM4kNJr9v31DsJiq_Pd3t92-LtDIzyyIqjeSdPLWDBPwjjT5XOl4Qnso8V9ZXz1kcxFZmqj7MauWL9Ao9tZ3bDoECdGfY0rv5H5WQh9o1BL867FP5GOiRqGTs9qHwC_JK2ZqPMdbTn80iVqGpiRXT4lFEc4g1VjekrGXbzyWVkDo1LmWCq5_FI-ZRGsHoo-Vv7cDz_EfxK-bBx-Qxiv6C4RtiigEHxK195gfJmn5pfoo8Wr-aRRe163eCWsDsv9SHGRkgfSDM04sqvtV-x6QFiRv_kqaYN6FsWbo81gYpzroQljo8y0xz6aWetmN1OQMjCGGvuk4ZiSpfKuilzKnjFfpI4qubveJaGJoZJSWf52KJhCE7bBpwGbHyfYY0qqq4zQPfLXmcWkHnMSDC3nepODEX8Ca7dm9TU1ibI558WpRy5jG0yrdqekJIn6g93koxjrPEPbDZ_QXvQT9eGkADvyfkLfi1zNc44vzRSLZafsDT2a4QMON8K6ksnsR65CUu8NOn1qJVVeU7H1y7wfrjVkmYrx-7gdldJrCJOBOzJYD8pAy9rXQ0O22v1zLsEsBQBSCbf6oS56QahgjcvY1npY3F6SWCvsfnFRrf1laV1bt-oV5DdpkFHBpRkpi3jzihZBrhj5DXEH4g8GPv2q0FJvEhyxDQhkRmJaRXlTTSLVOo2eq22bWo1B_u8qHp7ZU4merSCBnUfErxX073MsKJen66kjeay21n8cKKFGzgCVgCs3xyqTdaPewlRWyymN8Nve2e9EL9Zc9FuHWAiwtoX1DbzQNdcWU-MG68vugK7TtvpwJaRUXrmgbAoQXTgFrXEvaS6ICKdpAbdpkEWRF78N0fs30L3PpXNQliDVktT4iYcAlyHvwzrYd46rrL-N_W20x2ntOaKEzxwqEx2BvEa546uUeSlR5RW7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3

206

videoplayback
r4---sn-4g5edndz.gvt1.com/ Frame 8BC6
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=a393081ecb024f96&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1691974732&sparams=ip,ipbits,expire,id,...
https://r4---sn-4g5edndz.gvt1.com/videoplayback?id=a393081ecb024f96&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1691974732&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

789 KB
789 KB

276ms
189ms

Media
video/mp4

2a00:1450:4001:1a::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5edndz.gvt1.com/videoplayback?id=a393081ecb024f96&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1691974732&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=31B63502AF8634EFBDD7388325EEDF1A88E609D0.3E5B5AE9927A12BDB58D24E210093D41A356F43A&key=cms1&cms_redirect=yes&mh=ju&mip=2a01:4a0:1338:92::9&mm=28&mn=sn-4g5edndz&ms=nvh&mt=1691967148&mv=u&mvi=4&pl=36

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:1a::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

cfe1f77b12ef6f3b2459d4e59c87f7aee1747943d643b1e1f132be26de5f8bd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

client-protocol: quic
date: Sun, 13 Aug 2023 22:58:53 GMT
x-content-type-options: nosniff
last-modified: Sat, 29 Jul 2023 12:56:36 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-807895/807896
cache-control: private, max-age=6899
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 807896
expires: Sun, 13 Aug 2023 22:58:53 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:53 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r4---sn-4g5edndz.gvt1.com/videoplayback?id=a393081ecb024f96&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1691974732&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=31B63502AF8634EFBDD7388325EEDF1A88E609D0.3E5B5AE9927A12BDB58D24E210093D41A356F43A&key=cms1&cms_redirect=yes&mh=ju&mip=2a01:4a0:1338:92::9&mm=28&mn=sn-4g5edndz&ms=nvh&mt=1691967148&mv=u&mvi=4&pl=36
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 706
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7602 1 KB
643 B 44ms
39ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50042
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 09:04:50 GMT
etag: 48472445140208031
expires: Mon, 14 Aug 2023 09:04:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 84D6 0
45 B 45ms
44ms Ping
image/gif 2a00:1450:400e:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lla1s6p7&c=2410795139106&slotId=1205397569553&qqid=CLPc2Zze2oADFVuI_QcdbK4JRQ&umsem=0&ape=1&ple=1&met.4=vil.lla1s6vf~vfl.lla1s6yc
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3e881cad55383437c91698a17d09f133.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:80f::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8BC6 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1c567bb011dd03e0f82ca59e8587304f837fb21213d08f767d7d134da7e5b70

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4B43 0
0 85ms
85ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cr6lCK2DZZMG5Buuj7_UPvMKl6ALPwML7cZi3oafAEWQQASDI_YgeYJX6roK4B6ABo-yixwPIAQGpAqg9X-FuXrI-4AIAqAMByAMKqgSoAk_Qx2IR38vY2xMqzyV4qi_EsFmEkE9S2vcqghTVnzD2aCIy88kJuSL7-2dmm4Is9iU9_dzuChySnF4u8o129xn2kQVv3WWK_6X9FN-i7BEUlzFyPCsppQOcZzsw-p1CYGB1MVh0yLUrlU4xQngKakNilGteHBtBcLP5Ts4HCY3U70Q2iI6DUBvVEaNiUlJZUbPnGJQrdFXnzk-Dth7vi-v8ve3IIYTTkGZnFhTbEr8U07rkUfSXg-dQnop81E40-FGrI8dIOdwFxAUQmueJpQc1nnVL1PT4V1r16hAwjq4cLdRA3rSQWWPut32LU_R-YTgn0U0QIBNPljpJMbl9g67zErJgFAMYts3Axe8GS5Uej6-NG-a2_QRehRhIwJiqIEqKivu8BPqPwASA9LbOkATgBAGSBQQIBBgBkgUECAUYBIAHxZPdOKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEN7da9IIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCShodHRwczovL3d3dy5rYWJzLmRlL2FrdGlvbi9zdW1tZXItc2FsZS9hgAoByAsBogwIKgYKBMOwsQLYEw7QFQGYFgGAFwGyFx4KHAgAEhRwdWItNTE0NDM4OTY1Nzc4NTU2NRiwmBU&sigh=6TMW--QtxLI&uach_m=[]&ase=2&cid=CAQSPABpAlJWOvE1-Y5OSOOpzLG7UEpQb0KAF0C2E6Vs7AhnQQimFYZbSYGfSjtRHkbYf4kuN5Sh8XlWFK0lzhgB&cbvp=2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/dry-vs-dehydrated-skin/?mpcampaignid=10061339
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 74ms
74ms Preflight
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=C-S7bK2DZZMS5Buuj7_UPvMKl6ALPwML7ccC8oafAEf6C0ryNDhABIMj9iB5glfqugrgHoAGj7KLHA8gBCakCqD1f4W5esj7gAgCoAwHIAwqqBLoCT9Aowax1DcGE27sf3U9mXiQdHf9DCMzvLHJrg-nI85ThcOHraZlQqVJ-Zjl1t-UtJtFXkV1NQOxQtSWEtNWARuf8rxXF6p9B9_TPeUBmCmqHdoe5XH8SReNk_1vBWYUDpgMb66EDy3IP4pEXzs2keGSHz85ISHDvwndPbsg9uewDg27qv8x2c6TYInUDZ5bbwYbvQw-QL70jMlVrdfubtpr2jeoMSIX9O9uC1cPQIDu5ZohXlah1wD_fSOH8vZiyMh0di9IHJWzj37CbsqNZUWo9fYqKUNzcvTRkbLV4l_XKoVupzy980hhvZpKuFu_4W1eiMdop2q8fU1zfhUh0d6Qj3D3QOYvD50Xr74jNS50TyZPG9B_EATZiUJIIVdmHzkCQ9o1YCdymdi9p7S5HecuU34Hktu8hR7XABJaIwK2UBOAEAZIFBAgEGAGSBQQIBRgEoAYugAfFk904qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ3oYx0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJKGh0dHBzOi8vd3d3LmthYnMuZGUvYWt0aW9uL3N1bW1lci1zYWxlL2GACgHICwGiDAgqBgoEw7CxArgTnBvYEw7QFQGYFgGAFwGyFx4KHAgAEhRwdWItNTE0NDM4OTY1Nzc4NTU2NRiwmBU&sigh=BJrBgTPDrrk&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWOvE1-Y5OSOOpzLG7UEpQb0KAF0C2E6Vs7AhnQQimFYZbSYGfSjtRHkbYf4kuN5Sh8XlWFK0lzhgB&template_id=3484&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 13 Aug 2023 22:58:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8BC6
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=C-S7bK2DZZMS5Buuj7_UPvMKl6ALPwML7ccC8oafAEf6C0ryNDhABIMj9iB5glfqugrgHoAGj7KLHA8gBCakCqD1f4W5esj7gAgCoAwHIAwqqBLoCT9Aowax1DcGE27sf3U9mXiQdHf9D...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229922138169422423864%22,%22debug_reporting%22:true,%22destination%22:%22https://kabs.de%22,%22event_report_window%22:%22259...

0
0

78ms
78ms

Fetch
text/css

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229922138169422423864%22,%22debug_reporting%22:true,%22destination%22:%22https://kabs.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22954775075%22],%224%22:[%2208-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221693098600457203745%22}&andc=true

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:53 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"9922138169422423864","debug_reporting":true,"destination":"https://kabs.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["954775075"],"4":["08-13"],"6":["true"]},"priority":"500","source_event_id":"1693098600457203745"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 13 Aug 2023 22:58:53 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 13 Aug 2023 22:58:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9922138169422423864","debug_reporting":true,"destination":"https://kabs.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["954775075"],"4":["08-13"],"6":["true"]},"priority":"500","source_event_id":"1693098600457203745"}&andc=true
access-control-allow-origin: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6662 0
0 89ms
89ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CHQOBK2DZZMK5Buuj7_UPvMKl6ALPwML7cZi3oafAEWQQASDI_YgeYJX6roK4B6ABo-yixwPIAQmpAqg9X-FuXrI-4AIAqAMByAMKqgStAk_Qris125yDNJ5IFsOFnR15uHJXacL6SIYZYA2BjwTzy6EPtETd2L7TY89kbuMUB7OiYL68mZDTT2nd4SrW2t-sfYM3CyHN4OD4px-S2tYiSpJOyvNt2xV_twMAH0scCKkt_yoJBG0xtSe-n07UNqisJ0Kie-JJl70OEIj9hWHETbklliayME1yxm6-TbD9kKwx7i3WjY4NYy3aNJsfsHgvKAbD7LboGaIVjiYxGQjlzeJaJqKmTzqVLioMamgfkfp0vy6TtTwWPc6TIKH7cCV_a3FZLWhmgVYPPcx9CW_ZBNDXTMQqueETDLOY6dxBctVyQKa89eHdFn7N1s1o4Q8rIPG-1f9w1tHjnibXQLMFjClZidVWSRrofUF5lbHr8h9A-hTRr3UW6W9cfyXABID0ts6QBOAEAZIFBAgEGAGSBQQIBRgEoAYugAfFk904qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQ-4qIAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCShodHRwczovL3d3dy5rYWJzLmRlL2FrdGlvbi9zdW1tZXItc2FsZS9hgAoByAsBogwIKgYKBMOwsQLYEw7QFQGYFgGAFwGyFx4KHAgAEhRwdWItNTE0NDM4OTY1Nzc4NTU2NRiwmBU&sigh=0_ela7lnV_Y&uach_m=[]&ase=2&cid=CAQSPABpAlJWOvE1-Y5OSOOpzLG7UEpQb0KAF0C2E6Vs7AhnQQimFYZbSYGfSjtRHkbYf4kuN5Sh8XlWFK0lzhgB&template_id=5000&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E1FE 0
0 82ms
82ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C7HLZK2DZZMO5Buuj7_UPvMKl6ALPwML7ccC8oafAEf6C0ryNDhABIMj9iB5glfqugrgHoAGj7KLHA8gBCakCqD1f4W5esj7gAgCoAwHIAwqqBLACT9DAj4-sQtycW_Ntib5rTX-PdtYJJZD-PuuVFKgoNcYlIcaPrxcP1cOa5tyuyX6Z6s_0F55N6jX9jH8bLjRTuEp7-Q1jmkaSMNjmFipIAWJNfNDYz32d1Z_kRLl7eE35y9vIrgvbsnXw-vgxIRLBP361vA2Vsksyaz4nSFft6ieM14EvzIHaJg53C316b2tkOAzlW2DFDqS3lJmuYJvzsQlg7zTz3Q2gFwiCjgTqP0q1RnoylLlh8hrPkl0bN1jaADm16IYBIWfnkdfJTKFmpFHLGY3B0b-HldW1trsCiKsICU_Ta_LVC8acDHBthBiltjehOe1XvkFsT39xt8paM8aOXQq32vXylbxC7tTmnjFvvHMZkVm4cHXb-KnsK63OYU_z3BG84pKyAd_RBK5IgMAElojArZQE4AQBkgUECAQYAZIFBAgFGASgBi6AB8WT3TioB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCVw1PSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgkoaHR0cHM6Ly93d3cua2Ficy5kZS9ha3Rpb24vc3VtbWVyLXNhbGUvYYAKAcgLAaIMCCoGCgTDsLECuBPkA9gTDtAVAZgWAYAXAbIXHgocCAASFHB1Yi01MTQ0Mzg5NjU3Nzg1NTY1GLCYFQ&sigh=qYRhIHGw6k8&uach_m=[]&ase=2&cid=CAQSPABpAlJWOvE1-Y5OSOOpzLG7UEpQb0KAF0C2E6Vs7AhnQQimFYZbSYGfSjtRHkbYf4kuN5Sh8XlWFK0lzhgB&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 8BC6 33 KB
33 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 07:13:42 GMT
x-content-type-options: nosniff
age: 402310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Aug 2024 07:13:42 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7602
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMEyxrWlp4anIfmjPNkSMM4&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=enlKTFk1R00xUXZrMlQ1&google_gid=CAESEMEyxrWlp4anIfmjPNkSMM4&google_cver=1&google_push=AXcoOmS3FDMbDLY78ojHM4eUv5cwL259DmHnEUOA6e7wMcV...

170 B
188 B

51ms
50ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=enlKTFk1R00xUXZrMlQ1&google_gid=CAESEMEyxrWlp4anIfmjPNkSMM4&google_cver=1&google_push=AXcoOmS3FDMbDLY78ojHM4eUv5cwL259DmHnEUOA6e7wMcVE2J87n9-7SZ-OMkdIVo93G34NqArRBRIm9wBlklsirWRiWDgWciOKqTY

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 13 Aug 2023 22:58:52 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0310c9e42ac8c94ba@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=enlKTFk1R00xUXZrMlQ1&google_gid=CAESEMEyxrWlp4anIfmjPNkSMM4&google_cver=1&google_push=AXcoOmS3FDMbDLY78ojHM4eUv5cwL259DmHnEUOA6e7wMcVE2J87n9-7SZ-OMkdIVo93G34NqArRBRIm9wBlklsirWRiWDgWciOKqTY
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7602
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOAo0zOeRG8oA_YIKfygj2s&google_cver=1&google_push=AXcoOmQD1yOeJuUXqOioPpkq9dc5VI6yA0NNVcUrMq3yEwhQX-XDuodPhCxMiAdy2zUbWFQUxvYXpdHxMjLV5hKZ...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQD1yOeJuUXqOioPpkq9dc5VI6yA0NNVcUrMq3yEwhQX-XDuodPhCxMiAdy2zUbWFQUxvYXpdHxMjLV5hKZEPxwq8-P6svB55g

170 B
188 B

50ms
50ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQD1yOeJuUXqOioPpkq9dc5VI6yA0NNVcUrMq3yEwhQX-XDuodPhCxMiAdy2zUbWFQUxvYXpdHxMjLV5hKZEPxwq8-P6svB55g

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 13 Aug 2023 22:58:53 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x13 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQD1yOeJuUXqOioPpkq9dc5VI6yA0NNVcUrMq3yEwhQX-XDuodPhCxMiAdy2zUbWFQUxvYXpdHxMjLV5hKZEPxwq8-P6svB55g
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 13 Aug 2023 22:58:52 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 7602 0
173 B 135ms
47ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEO1Q46KhvPOsfRjQE-tq4Og&google_cver=1&google_push=AXcoOmSMY2cfrpmBFB1ATf5SsO--Mt7doaIuTTr5L7M31WPullqggtLfazpQ-qwgPFkMRAv6QJoMVLCyj-t-8XVYSV29ukfuqF3Pb3A
Requested by: Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:53 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7602
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBAGCENmqG-FlAzlc0TSMlc&google_cver=1&google_push=AXcoOmRpJ_s6OzEOfmaUEu3mlmQUIZrs4bzC3gpc-PMta_GwNOQ0rjn6xEGKAQ2QbU_E1xMPO95Mo05Au-VqG8CsugDFn6D...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRpJ_s6OzEOfmaUEu3mlmQUIZrs4bzC3gpc-PMta_GwNOQ0rjn6xEGKAQ2QbU_E1xMPO95Mo05Au-VqG8CsugDFn6DA9B6k1KY&google_hm=eS1qYjdMZktKRTJwRXB...

170 B
188 B

49ms
49ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRpJ_s6OzEOfmaUEu3mlmQUIZrs4bzC3gpc-PMta_GwNOQ0rjn6xEGKAQ2QbU_E1xMPO95Mo05Au-VqG8CsugDFn6DA9B6k1KY&google_hm=eS1qYjdMZktKRTJwRXB0Zjlna1poekFSemozNDVDUXhrRX5B

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 13 Aug 2023 22:58:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRpJ_s6OzEOfmaUEu3mlmQUIZrs4bzC3gpc-PMta_GwNOQ0rjn6xEGKAQ2QbU_E1xMPO95Mo05Au-VqG8CsugDFn6DA9B6k1KY&google_hm=eS1qYjdMZktKRTJwRXB0Zjlna1poekFSemozNDVDUXhrRX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7602
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEA45VOn4SeqTnFD-TwUi_n0&google_cver=1&google_push=AXcoOmQS-VhcyDr67SA7T4n-yQ2OC5j5qpZYPDs1ILOlm2xfO91AE-s4cpCBKt-3ny6-lpImHrDKXC-CLJnZaqM6UIcsPLx...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQS-VhcyDr67SA7T4n-yQ2OC5j5qpZYPDs1ILOlm2xfO91AE-s4cpCBKt-3ny6-lpImHrDKXC-CLJnZaqM6UIcsPLxg8eQ7aMI

170 B
188 B

49ms
49ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQS-VhcyDr67SA7T4n-yQ2OC5j5qpZYPDs1ILOlm2xfO91AE-s4cpCBKt-3ny6-lpImHrDKXC-CLJnZaqM6UIcsPLxg8eQ7aMI

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQS-VhcyDr67SA7T4n-yQ2OC5j5qpZYPDs1ILOlm2xfO91AE-s4cpCBKt-3ny6-lpImHrDKXC-CLJnZaqM6UIcsPLxg8eQ7aMI
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 7602 43 B
363 B 148ms
42ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT3KoAoNyVTLLBaVUqzLfR0KXvCykODaNSdhM_Bd5WzSwOfjzsKVb621tpPd8E9ug9xxE97tXxWtQ2tHO5pMUa-3fKMyD3C5g&google_gid=CAESENU5RGxjQd_q5CUBLPQEI0A&google_cver=1

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:52 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 228068
expires: Sun, 13 Aug 2023 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 7602
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGTiGeaTGIi-...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRxqWfo5vJGCoZ9chk3HejRmlEUnp7aD7mPInt2a32df5MKga2S2YPhgsZhR_SV7OG0Qks5JAGNyQ6BqKdHd_NNiycXddSZtKuL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

64ms
64ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Sun, 13 Aug 2023 22:58:53 GMT
pragma: no-cache
date: Sun, 13 Aug 2023 22:58:53 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7602 0
12 B 47ms
47ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IBvSRyhkTc9-vbqXemBYVNHWcWqPiQiE5mRXrzCJzqAsCOD_sAUEX9lE6W78j20KFq-oNVzQ

Requested by

Host: dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
URL: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:58:52 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 74ms
74ms Preflight
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 13 Aug 2023 22:58:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4B43 42 B
64 B 128ms
127ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssdtvMmxjDFE-66_MECkGjDCSZgBmOjSHF8AYToUIjiH0wD9BKHJ8hPDjkDu8TvA9iKrtiImPA0DQcFzadU7Zu2SYw85FpTMypZn_MI7WIT2JJetkjlu6CbhkjBW60XdE6ex4_fbivPBJ8UZL91Z67rnXAnTSpughUlcZr89Qc&sai=AMfl-YTk6Fc4PGsJZ-oBirRlw71k-q9IawlWpRcuJttFX9I5YVgzdHI50i7-DxC7Kbk4qewKeODkDwVMHw8Wm-qxRbCutw0RYF9vQDWmJU6YWZUmMjnq86fcmzF852yw&sig=Cg0ArKJSzMWm3Vk-YHpJEAE&cid=CAQSPABpAlJWOvE1-Y5OSOOpzLG7UEpQb0KAF0C2E6Vs7AhnQQimFYZbSYGfSjtRHkbYf4kuN5Sh8XlWFK0lzhgB&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=357&tls=1357&g=100&h=100&tt=1357&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6662 42 B
64 B 95ms
94ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstdb0C4JYM3gSIb7GH5LfY0_s6aV7wdBir3lY84fB_8qcnKB6rUHul2AnrQLrq7g3K9lJeC-aqotlmsvy4t1dv8x2QkMZ27VTSC2JI7RGdTzYqR-jhYAIaMISAnIx54qv7RNeK74aXKGBC5M9PWXuIQX1fr1vVLnfet2NyanTw&sai=AMfl-YTKkUI5ZgfpGiXPs8J6X9l3DEtcyBoRQsDWeaJlvIBnl2o_88Hgm8-iRifLbrzzqRHsiqFXy0c-aW0ubjp11cKdrRDs2aOkFKuw4THOGSR1W6n0UUPta-VBoiVw&sig=Cg0ArKJSzPND_BkjvImGEAE&cid=CAQSPABpAlJWOvE1-Y5OSOOpzLG7UEpQb0KAF0C2E6Vs7AhnQQimFYZbSYGfSjtRHkbYf4kuN5Sh8XlWFK0lzhgB&id=ampim&o=315,341&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=375&tls=1376&g=100&h=100&tt=1376&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 8BC6 0
17 B 45ms
45ms Ping
image/gif 2a00:1450:400e:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lla1s7pc&c=7415283400779&slotId=3707641700389.5&qqid=CIT7pp3e2oADFevRuwgdPGEJLQ&umsem=0&ape=1&ple=1&met.4=vil.lla1s887~vfl.lla1s8cx
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3e881cad55383437c91698a17d09f133.js?tag=video_mra/web_raspberry_ms_cta_adjustment
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400e:80f::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:54 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
373 B 157ms
65ms XHR
application/json 35.186.241.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1691967534802

Requested by

Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

51.241.186.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Sun, 13 Aug 2023 22:58:54 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://blog.paleohacks.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 17
access-control-allow-headers: X-Requested-With
content-length: 25
alt-svc: clear

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 46ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RWB4GYKC4G&_ono=1&gtm=45je3890&_p=1298519277&ul=en-us&sr=1600x1200&cid=1384739232.1691967530&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=2&dl=https%3A%2F%2Fblog.paleohacks.com%2Fdry-vs-dehydrated-skin%2F%3Fmpcampaignid%3D10061339&dt=Dry%20Vs.%20Dehydrated%20Skin%3A%20The%20Difference%20%26%20Treatments&sid=1691967530&sct=1&seg=0&en=show&_ee=1&ep.event_category=leadbox&ep.event_label=Skin%20Care%20Lead%20Magnet&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RWB4GYKC4G&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 22:58:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.ipify.org
URL: https://api.ipify.org/?format=json

Domain: api.ipify.org
URL: https://api.ipify.org/?format=json

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
blog.paleohacks.com/dry-vs-dehydrated-skin	1969-12-31 23:59:59	Name: phvid Value: 156781585
links.paleohacks-mailing.com/	1970-01-20 14:00:10	Name: _session_id Value: 2d0b83e54e0a0d34b4e364329a7e0cf9
.paleohacks.com/	1970-01-20 23:35:27	Name: _ga_QMKQQWEFHC Value: GS1.1.1691967529.1.0.1691967529.60.0.0
.paleohacks.com/	1970-01-20 22:45:03	Name: mp_094f94d6c32bfa82583bca2dbfc9eb1a_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A189f11fa34bebe-0fc80dfe5578ff-6e3e5154-1d4c00-189f11fa34bebe%22%2C%22%24device_id%22%3A%20%22189f11fa34bebe-0fc80dfe5578ff-6e3e5154-1d4c00-189f11fa34bebe%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.paleohacks.com/	1970-01-20 23:35:27	Name: _ga Value: GA1.2.1384739232.1691967530
.paleohacks.com/	1970-01-20 14:00:53	Name: _gid Value: GA1.2.1610327124.1691967530
.paleohacks.com/	1970-01-20 13:59:27	Name: _gat_UA-42752472-1 Value: 1
blog.paleohacks.com/	1970-01-20 13:59:29	Name: session_depth Value: blog.paleohacks.com%3D1%7C726657258%3D1
.paleohacks.com/	1970-01-20 13:59:27	Name: _dc_gtm_UA-81910700-1 Value: 1
.paleohacks.com/	1970-01-20 16:09:03	Name: _fbp Value: fb.1.1691967529952.1468753089
.blog.paleohacks.com/	1970-01-20 22:45:03	Name: _pin_unauth Value: dWlkPVltRmxaRFU1WldZdFlqaGlOeTAwTmpFMkxUazRaRFV0WWpnMk9ERTNaVEJpTURZeA
.paleohacks.com/	1970-01-20 23:35:27	Name: _ga_RWB4GYKC4G Value: GS1.2.1691967530.1.0.1691967530.60.0.0
.paleohacks.com/	1970-01-20 23:35:27	Name: __attentive_id Value: 425b64f38d5a4889b919e086dcc153fb
.paleohacks.com/	1970-01-20 23:35:27	Name: _attn_ Value: eyJ1Ijoie1wiY29cIjoxNjkxOTY3NTMwMTY5LFwidW9cIjoxNjkxOTY3NTMwMTY5LFwibWFcIjoyMTkwMCxcImluXCI6ZmFsc2UsXCJ2YWxcIjpcIjQyNWI2NGYzOGQ1YTQ4ODliOTE5ZTA4NmRjYzE1M2ZiXCJ9In0=
blog.paleohacks.com/	1970-01-20 23:35:27	Name: __attentive_cco Value: 1691967530170
.paleohacks.com/	1970-01-20 13:59:29	Name: __attentive_pv Value: 1
.paleohacks.com/	1970-01-20 13:59:29	Name: __attentive_ss_referrer Value: ORGANIC
.paleohacks.com/	1970-01-20 14:00:53	Name: __attentive_dv Value: 1
blog.paleohacks.com/	1970-01-20 14:42:39	Name: advanced_ads_pro_server_info Value: %7B%22vc_cache_reset%22%3A0%7D
blog.paleohacks.com/	1970-01-20 14:42:39	Name: ph-popup Value: shown
.adform.net/	1970-01-20 14:44:05	Name: C Value: 1
.de17a.com/	1970-01-20 22:37:51	Name: guid Value: 1.2775814189766089073
.w55c.net/	1970-01-20 23:31:08	Name: wfivefivec Value: zyJLY5GM1Qvk2T5
.adform.net/	1970-01-20 15:25:51	Name: uid Value: 2497802338827888352
.w55c.net/	1970-01-20 14:42:39	Name: matchgoogle Value: 5
.everesttech.net/	1970-01-20 22:45:03	Name: everest_g_v2 Value: g_surferid~ZNlgKwAAA_aHUQAb
.turn.com/	1970-01-20 18:18:39	Name: uid Value: 7676750679235105919
.googleadservices.com/	1970-01-20 16:09:03	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 23:21:03	Name: IDE Value: AHWqTUk_ro2M1ZmucTXUMtdlwYHm0SFqYCpT6spNdFcyGoi_MTLHL4vHJn9wKpyGvy0
.paleohacks.com/	1970-01-20 23:21:03	Name: __gads Value: ID=dd3b14bdd2582605:T=1691967531:RT=1691967531:S=ALNI_MZMlHWljYMF-DHy2G3U5tV4qu-Glw
.paleohacks.com/	1970-01-20 23:21:03	Name: __gpi Value: UID=00000c5fd8baaa12:T=1691967531:RT=1691967531:S=ALNI_MaL-VlxnygdiwkPV6xqdaenCQ2yCg
.doubleclick.net/	1970-01-20 13:59:31	Name: DSID Value: NO_DATA
.blismedia.com/	1970-01-20 22:45:07	Name: b Value: 64D9602D1470EAD38C21CAB0BLIS
.mathtag.com/	1970-01-20 14:42:39	Name: mt_mop Value: 4:1691967534
.yahoo.com/	1970-01-20 22:45:25	Name: A3 Value: d=AQABBC1g2WQCECzwgW3zZ8uRdwMgobCkkYIFEgEBAQGx2mTjZAAAAAAA_eMAAA&S=AQAAAhVdkoG3suNfVgXbLu_ClcY

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network	error	URL: https://api.ipify.org/?format=json Message: Failed to load resource: net::ERR_EMPTY_RESPONSE
network	error	URL: https://paleohacks.lpages.co/leadbox/144718873f72a2%3A13300845e746dc/5765867027562496/?lp-in-iframe=1&mpcampaignid=10061339&__fromjs=1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://paleohacks.lpages.co/leadbox/144718873f72a2%3A13300845e746dc/5765867027562496/?lp-in-iframe=1&mpcampaignid=10061339&__fromjs=1 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

178194.tracking.hyros.com
ad.turn.com
api-js.mixpanel.com
api.ipify.org
assets.pinterest.com
blog.paleohacks.com
c1.adform.net
cdn.ampproject.org
cdn.attn.tv
cdn.mxpnl.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
csi.gstatic.com
ct.pinterest.com
d5p.de17a.com
dclk-match.dotomi.com
dee61e78a938e48e47f030360dc4a053.safeframe.googlesyndication.com
dis.criteo.com
events.attentivemobile.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
lg3.media.net
links.paleohacks-mailing.com
log.pinterest.com
pagead2.googlesyndication.com
paleohacks.attn.tv
paleohacks.lpages.co
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
r4---sn-4g5edndz.gvt1.com
redirector.gvt1.com
region1.analytics.google.com
rr3---sn-4g5e6nzl.googlevideo.com
s.pinimg.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
track.mypaleorecipe.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
api.ipify.org
104.18.25.214
104.18.9.64
104.75.89.75
142.250.186.130
151.101.2.49
151.101.64.84
178.250.1.9
184.30.20.22
184.30.24.22
185.29.132.241
2001:4860:4802:34::36
213.155.156.166
216.58.212.130
2600:1901:0:498c::
2600:9000:2127:5e00:1c:9484:cec0:93a1
2606:4700:10::6816:12c
2a00:1450:4001:1a::9
2a00:1450:4001:3c::8
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9d
2a00:1450:400e:80f::2003
2a02:26f0:3500:892::1931
2a02:fa8:8806:12::1370
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a05:d018:d29:3601:c824:b680:78be:61ca
2a06:98c1:3121::3
3.122.33.96
34.96.105.8
35.169.181.77
35.186.241.51
35.202.21.90
35.238.129.105
37.157.4.29
46.228.164.11
64.185.227.156
0128e563cfdd4beabe1edf1488c57094072f85cec6219dd04a3fb2be5d37cf84
036292f3508c4bc501229b877bf4768d898b3cdf8739f2c1baa015158126c2cd
03b0df87eee4f790c240ab1d6bc59ce2295ce8773146dbe4b54c4a41f634beb9
05c1e5469741d286589a094c9fea2c1e5409ac1eca95013c43c65c781d170e2d
07b896a6d0efd4c2b706477a0f2c2ada2dff59d654a3cd4bf2ed84333a90d7c7
0a53bc33c39273359690f66fe69169c7f21746854db5a1541fb76bd1313e2122
0b4bb74c7f550162d688cef16db8298a8b697ed71082729828f0bfc3b6bbe4dd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d89b26e99cfe7ad5a1e2d031a25d02d71aceb92d6578b55922040799dbac710
11715aec7f7cf76332d464d65a2ce85ed2c12fc4a90cadf0e191418af2df3d7e
1222ceb8785b6542345167cb0dc4ec3c26b1d71ccf441ad9838946324e108e68
1414a599611253b31746e91b77f168573dbb42cc13a705fd72104a7eaca15e93
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
14569cb71a2d18408dcee2434292bb0bcfd8b78d791f01bb371d0f7e465b7c6b
150cbe5c514aa70efcd179127476f4f5451db2ed4d033c0608afabdf9d18ec92
159ec23a6b35726aca57348e6615a6db4fa63c8bb12490cca4d260c8e05f9434
15d7b13e7c438f4fb9c6b2f9940e9193c9a25c1bb1ed4625d1badbac8882db2f
1838efd1e3c2c5105de4c7fcac86ce290c80fedb89d4131e1d990ff4a9d4e83f
18dd8449dd7bd05b1b1a8a1640218993802b7e73a218b75c05acf5c9b47d6082
194388578fe16a8f6d0790e1af9f6f935a03b3ecb8d7620f0ebca642761ebc88
1a200068a281e0b98ad769df929a429a1fa5f940535f041ed511ab4944dbfc80
1a6778639759f20ac4c647b91f5620427756b3b59a3d1e05b544a90a75e4bf8c
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d16b3096152894da9540e7f1f5d908d906e1d7739731a350c049a626e0c3cd4
1e3082ac9be0c0a68fab5c0a3163d96bc63fe3cdcab1586f47c4bf1f56113f9b
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
21f25f7bc7b9666cbf2a6dff9d5e82c5f8ca9b60afda6726fa78e8f80ab32f56
222e024a119ff514e245cc07990f912a400c337efce19b567a6661d23c310938
285cf73c5e05e005d99708d895807383ba5f8f88ceae6cb091fc8e7d9601294f
2b47e2b5d041b401f4d6dc04b120f9ada18fdd87dc40f2c764879a7c7c5a2f93
2e3f35ef16137f3f87cd0cc493c1f4af4d7d757a3bb28601525d87c6520b899c
3065dea2a26b0929e91fae8e967374aac27b98fa39c302f4ae892b362f6c1ced
315c4601aeb913aecb4f659c9a9748bd163bb881867c5f6211578667bcc43cb7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
337548e5a49f9b0543f04e26958548f23cf9914ba71aecc4de6005597dd7a910
33938005cb281e0e6cc43620a4ceeada714e35377d95de4e311cf89b2a82cd6d
3537aca32fd9019a921a280a6cb8ee3ee9e7443dc14dd04ed24486a04704203d
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3c2208c5318a29b0fb705d081edb6ff22949ff544bce045fd5b8b05c0b70c114
3fa1b6a9b9523afaa550b74f38810b798e97a59b9c164ba67b4914c8dc493f50
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
4058e4f15caa39107c8f7e3de5c6779041c7b17a213d82c5c9743410e0484ab0
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
41217485eabe11079f62262cd7efb86ef5c2fe2886f9fc34e6cf433732206863
4390638e76d0b4b63b9c290db13a9ad38a82736135af43e86ee154491ccd2cd4
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4627a47f289fd2cc6035d7ceee7f885f6daeaf1ded69378f8283d27ec5712169
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a6d3380cf89ad6b678478ccb347dc3ddeadcf7ca344bfc842424aaf7bfd025
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49044643b4fe027dea5a7ca6abc8161d0f5fec5980dc1e66cbcd0762d4c182c2
49416531519583e597dccc3856da2fa093b5e739baf9fda442b7047309e7f51c
495d2f8c8b7f1bbd664c2c10c086a644e63e4934b9734813b27956a34709eea4
49c5d2055dbe6c02a4db8107cc4ca7f4660be1207bea0186374d5430647cd9c7
4d7044491640c5d370f9a42167408db62fc24ffa29f0b58040df07777138c9e5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
508c6c8665bb4da4b211a97cdc3b2e791109204f82265d6af2eb79c51b61e014
50d434eb90776c8fbb4f0e0cbcb2c1ad299bffe0a1930e587cc0347be64bb839
52d3e5c9fb15f3cfd863ca4b8d2144e308acbce5b319dee97f70661130c3878c
530699399fd7548a91ac3f2bb58609584569f0520fbaa67c6dbe625cde7a5e0f
53270b71935310d01091c385fb610d324d59e3cb15354e98762445f658cb64bb
5517acae2f83cb92cf756a98d0f93e094084763764a615d3c60f4a0ffa5d38da
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5891185bbadfceb49591b012abeeea967dca978a653930a6ca23863d9a3f4c92
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
643bfb352ed5d2963800037eddc5386b836177703ef9319b68d8b90e1ebc6896
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67443dc1fc8c2ff18fcedd8ec83f1a3fa78b594a2f5c70dde63a4fd899534ede
6878b4c04dcb447d6b39de2d0ebca089e6c3d8196af59c6aea6269b9b0996bee
68ecba078ab3e2da62ce4574f90f7fc83e6dd0e68bf04ad1726d44468e6db9b0
6ae0b0e74edee33dd3e9d91c15b595508fc05e1ced11a15dbe787d0f9862dfc2
6cf8215e45f379b63425323398429061d3ae9350a0e5dcc675e2a7c48019361d
6e5c40a4d24412d23dc4e4def2309b719ff2942504a2bd9c867944e66ad174cd
708970c58cd4f871a3f3ffb9309d7e696a537afd00fc7e0d78ccf21137032136
723df3c7d7a3d796cd19b2d214c09340b55cf08e08d26cdf29848731527239ce
72bce1d8441437e210c0a053e087f0444869afedab4bba9aaa2bcd4d3419da7c
735b305aadf14dd683363407e953b1eec091e541f8d6172d459454e40d7074c4
755313ac3cb953d818fd8f3344a3ebf9fd2101223dffa2278b5499e927f9a574
7582de85ba13e92e3e34c23ed002b60023d07f897c670f1967e7663b7cc3d875
77f9962a622a241decfe5721c5fd2a68f871f223088b4423b99a996679de7631
78d51876e19ed55833c73a4994bf979c4a40d4f028547ba81437b2b57eed120d
79148d3b353f75f4b122ec75e03dd4470a1878599a5f148123f103cfdae350ec
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
818c5c8303e1864eaeee7f50ec8b5eae3a1bae533d3077b43c388d43bd76e860
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83685ec127cc7475c7a3649e73986c90d87d037247409d80423f5caceed4681e
842c4861ef314ec1b74018e5cf21c3844d7a73e2ab77ccf118abbaba0e6b1535
843245d38197c1ae733406b6faeda0f9b53376d8853df5d513a880489c822166
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
869d3767805b1c7b11b2df755e7cb769ee1b450553d87c374e19cb535a6afd2e
87d0cc6bfa46d38da4abcbc18fb2d5c893c43add2ee2b0f04e0e805cf0455c3a
8a4e4d87eb5124ff8ace838e9e12db5b279607a0773d2b91cd079d85d426089b
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca
8db66be4622d44dabf5b23e0701217d2c0134ff49172c7bc3a69ccc6305c6938
8dfadec2fc0e69d74d56a705198080d59e6581a6730093e356f8cee9b801991e
8f1e6835411646996e70a522387d1dc1a3f649e23dea9716c733ca3e43c9f441
903d8d5de01ac0b9aedf5aecbf964498c581cbf6656751999560442e6cc700b9
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94de4f783ba7c57d7ce8932e3ef6b26f064e54d42c66ec30f43e5733a22faa7e
95c18c65e5a96cb0dd4ccc52832d3e99e98fd39933f8e95adb94507c5cc62d71
96c3109f17ea7187bfedfde17eae1283ef7e753787e05966e76145af2126312e
96e2c81ad267e34acb307e61ebfdfd18bf9d2943cf9e83e12ec0fe8856787b29
9771d928e37f1954111a1f3a72c184b97317783c06ec2b7ecd9f28863edea77f
97a24ab2121a3edfe321439c72a3895c337c957632c8d6d9f112c4c1e944eba9
9869bf7378443c517c75368aa8b6fa24787dc1d3b3a355daa7d2924564e9c320
9a626eea4812f44a7c5a81cb5390d4183fb2985c9572de359d49fe77d02d7f8d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a1c567bb011dd03e0f82ca59e8587304f837fb21213d08f767d7d134da7e5b70
a209db7abe7fb22fa70e8586572f09b80829da81a89dfcc1ee4132506d15b62d
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
a3c6048948c57aae55beef92d5a18abce757ad2783354a2eda068b14798e5a75
a42e49f14bfc0b40393b43f5e10483665b442bed4226ddac38e02a6fb200f8f8
a63284d0b07236a49f89dd197f9aa2ea595e314e750b5d42834fbda2f7cba411
a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
a85e412768c5b8acd35ab72de250395dd232a9b37b6f2a229397a4ee74b1f322
a9b1746c47e90b996aef35bc66950b04461453f2bc6e5eeb89bc7629bc447dbb
aa0d6c798742eedb9be8babd47ebaaace2c45e45d1bb86a4b1bf55a827980b91
aa575e81bbad973d7554e7c58ca906b97472bd692566c3e79f27385f08d63ca1
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac69914e2139f8eddaee80cb7e3a59b78356cf4a9c638af0cc6f0c147471a455
ac9539b6ef8138093d54518d316c0c1e154bdca5e65f2d3bf82ab3ea6e572f58
ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb
af96bd176c6eaa479ffaabedb2b14745bbbe5167067052301d874e690a5adc7f
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b3e0e5db2674fb727b63871f299ea9f146ce45e3e3ed0c583f4ffdfb6fafb7ab
b6d2bf98ba390942ed0ef88219651a9e8fb691b242057675f2bc6eebc7b51420
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
b7203ef7f18e8e70e9991515982b3bbd43524cf048e9591b7aab1e80db938774
b7eacd311c7864316020996ac805efb086bc5f9982ab93fd02032eb83450d31f
b8df34eb5ba6fce70650937c2483ea2de6fabfce0d1a464c13da3af0de333cdf
c0713ea500e4a6a33fbed93ce88ecfcc3333bbdce608f5f07fddf8ac74337f8f
c1be9f83e44f68ace4eee63b3dc6bb421dd413e0819bab3fccb484c3ed0dca87
c280a532f1bfe942302340b698487d9fc32c8f5f0916fb27b3dc528d43226802
c6e7fcc13e9fa0b4541bf314c25c54bf91807667df0a57d7cf30a554a7c00cae
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c79fa1e22ae47fd00860dad5c471b16c686c8373b4767145929fc1ff1e2dba07
c95177295b33675bd5c98332e83bd05b669dff217fd61dd19ecb2d18fdcbcd2d
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
cdef9d92aa1c5e9d8e409303f5ee38caceeecf3c1bdbf6e2f7bec8fe273dd596
ce7b37027a65f40822994651c0e09e78a474cda90f8ce1cee5b4010a60d8c206
cfc98d46b8948bdd10ecef95fe6292a8bfabac6782a441f6759b8bf9f5361af4
cfe1f77b12ef6f3b2459d4e59c87f7aee1747943d643b1e1f132be26de5f8bd5
d208e58d78460c136ccffd216d0785beab49bf2ac0ed23851ea622241ce9e677
d371a384b7bb8b79f2cfc828aa4d9dc61481834193c555bd37abd10ddb0bef7c
d7104243950b6eff64b0d4d1fa98d354ae07a9605bb31dab31a488c765b32d5c
d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a
dce9289b62262c4542d4d2528e4f512fc950e1f0cc0571cddf830647113bf5a4
dde3261ae85ead281a4f3120a5c4cee3bc7a1874c284c4a23874af1ada1f08ec
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e33a708ad9d04c864fdd86f9ccfdfbbdf24c3b2585bed619367ba4c4747c4e20
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c9181e83a24ce8fd1aedc13a573daded27c8677a50cf879fbee552798158be
e4c6a39cdb1f2dab900d10c83275e2e72e795325924c731d8fa0c49b9ec5ccb8
ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327
eda5c706167a9f28499ef545e40cdb6248e42e05aef57c52cc2584176a569dfb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7eefbcd3ff3357415aa7923cf3bdd685354269bf1be05d3711e77b0db9e32d9
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fb2032a0b90cb58dc7bae39580e26c34a7b44d3aad4fb088f965e32ae8196822
fb4030bfa42716d19ae274676604a4d4dec5277ab60c4dcd64e61d0df5f9c573
fc3707cf7ca24e2c53845265949af4ba2d3e0321a15850eda7535af9e6115471
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fd386afa44d059e6ca715a93b137ed3f3129d0256ee732ce7f7379646daebd87
fdc0768b7fd9802a34f8da85dd3c684200c839ac5239354f8d993c8b5c10d2a8
ffd9ceb54844f1a6800c24b87b30d1770fbc74b9dad31637b6a487f7e11c7031

blog.paleohacks.com Open in urlscan Pro 2606:4700:10::6816:12c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

274 Requests

94 %HTTPS

58 %IPv6

39 Domains

53 Subdomains

43 IPs

10 Countries

5235 kBTransfer

9698 kBSize

35 Cookies

19 Outgoing links

Page URL History

Redirected requests

274 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blog.paleohacks.com Open in urlscan Pro
2606:4700:10::6816:12c Public Scan

Screenshot
Live screenshot

Full Image

274
Requests

94 %
HTTPS

58 %
IPv6

39
Domains

53
Subdomains

43
IPs

10
Countries

5235 kB
Transfer

9698 kB
Size

35
Cookies

274 HTTP transactions
12 data transactions