paletton.com Open in urlscan Pro
67.20.76.187 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.colorschemedesigner.com/
Effective URL:
http://paletton.com/
Submission: On February 17 via api (February 17th 2020, 2:35:33 pm UTC) from US

Summary HTTP 199 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 54 IPs in 7 countries across 43 domains to perform 199 HTTP transactions. The main IP is 67.20.76.187, located in Provo, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is paletton.com.

This is the only time paletton.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 28	67.20.76.187 67.20.76.187	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
2	152.195.132.202 152.195.132.202	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::681c:1be7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
3 6	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2606:4700:20:... 2606:4700:20::681a:b64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	143.204.90.242 143.204.90.242	16509 (AMAZON-02) (AMAZON-02)
9	54.76.246.227 54.76.246.227	16509 (AMAZON-02) (AMAZON-02)
4	67.202.110.22 67.202.110.22	32748 (STEADFAST) (STEADFAST)
1	213.19.147.210 213.19.147.210	26120 (RHYTHMONE) (RHYTHMONE)
22 55	152.199.22.24 152.199.22.24	15133 (EDGECAST) (EDGECAST)
4	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
1	23.210.249.164 23.210.249.164	16625 (AKAMAI-AS) (AKAMAI-AS)
4	69.173.144.143 69.173.144.143	26667 (RUBICONPR...) (RUBICONPROJECT)
2	35.156.238.40 35.156.238.40	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	52.49.211.59 52.49.211.59	16509 (AMAZON-02) (AMAZON-02)
2	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	23.210.250.213 23.210.250.213	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	91.228.74.179 91.228.74.179	27281 (QUANTCAST) (QUANTCAST)
1 1	2a00:1450:400... 2a00:1450:4001:815::2014	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2014	15169 (GOOGLE) (GOOGLE)
1 2	2600:9000:215... 2600:9000:2156:b200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3 5	91.228.74.148 91.228.74.148	27281 (QUANTCAST) (QUANTCAST)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
7	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
2	129.146.196.240 129.146.196.240	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
13	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE)
2	68.183.31.14 68.183.31.14	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::681a:b9c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE)
1	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	74.214.194.133 74.214.194.133	59940 (PULSEPOIN...) (PULSEPOINT-EU)
1	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
4	208.100.17.176 208.100.17.176	32748 (STEADFAST) (STEADFAST)
2	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
1	23.37.55.184 23.37.55.184	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.210.249.92 23.210.249.92	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	52.57.106.47 52.57.106.47	16509 (AMAZON-02) (AMAZON-02)
4	52.29.22.127 52.29.22.127	16509 (AMAZON-02) (AMAZON-02)
2	52.215.109.156 52.215.109.156	16509 (AMAZON-02) (AMAZON-02)
1	74.214.194.140 74.214.194.140	59940 (PULSEPOIN...) (PULSEPOINT-EU)
199	54

28 67.20.76.187 (Provo, United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: host2027.hostmonster.com

www.colorschemedesigner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
paletton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.195.132.202 (United States)

ASN15133 (EDGECAST, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::681c:1be7 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adapex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.210.248.44 (Netherlands) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:b64 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mrb.upapi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.90.242 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-90-242.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.76.246.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-246-227.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 67.202.110.22 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-110.static.steadfastdns.net

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.210 (United Kingdom)

ASN26120 (RHYTHMONE, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 152.199.22.24 (United States) 22 redirects

ASN15133 (EDGECAST, US)

adserver-us.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.249 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.249.164 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.238.40 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-238-40.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.211.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-211-59.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.250.213 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-213.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.179 (United Kingdom) 1 redirects

ASN27281 (QUANTCAST, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2014 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ajaxhttpheaders.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajaxhttpheaders2.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:b200:6:44e3:f8c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 91.228.74.148 (United Kingdom) 3 redirects

ASN27281 (QUANTCAST, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 129.146.196.240 (United States)

ASN31898 (ORACLE-BMC-31898, US)

api-public-oci-origin.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.183.31.14 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

served-by.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:b9c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.120.147 (United States)

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com

pixfuture2-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.135.78 (United States)

ASN13335 (CLOUDFLARENET, US)

prebid.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.194.133 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

bid.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 208.100.17.176 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip176.208-100-17.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.55.184 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-55-184.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.249.92 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-92.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.57.106.47 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-106-47.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.29.22.127 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-22-127.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.109.156 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-109-156.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.194.140 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	advertising.com 26 redirects adserver-us.adtech.advertising.com pixel.advertising.com	15 KB
27	paletton.com paletton.com	409 KB
23	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	469 KB
13	ampproject.org cdn.ampproject.org	296 KB
13	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	102 KB
9	gumgum.com g2.gumgum.com	6 KB
8	33across.com ssc.33across.com ssc-cms.33across.com	1 KB
7	quantserve.com 4 redirects edge.quantserve.com pixel.quantserve.com	9 KB
7	addthis.com 3 redirects s7.addthis.com api-public.addthis.com api-public-oci-origin.addthis.com	190 KB
6	adnxs.com ib.adnxs.com acdn.adnxs.com	5 KB
5	pixfuture.com served-by.pixfuture.com cdn.pixfuture.com	120 KB
5	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com	7 KB
4	yahoo.com ups.analytics.yahoo.com	496 B
3	googletagservices.com www.googletagservices.com	69 KB
3	google.com 2 redirects adservice.google.com www.google.com	717 B
3	amazon-adsystem.com c.amazon-adsystem.com	29 KB
3	googleapis.com ajax.googleapis.com fonts.googleapis.com	59 KB
2	adsrvr.org match.adsrvr.org	528 B
2	contextweb.com bid.contextweb.com bh.contextweb.com	368 B
2	openx.net pixfuture2-d.openx.net eu-u.openx.net	550 B
2	gstatic.com fonts.gstatic.com	31 KB
2	facebook.com graph.facebook.com	2 KB
2	quantcount.com 1 redirects rules.quantcount.com	783 B
2	appspot.com 1 redirects ajaxhttpheaders.appspot.com ajaxhttpheaders2.appspot.com	1 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	districtm.io dmx.districtm.io cdn.districtm.io	437 B
2	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	113 B
2	sharethrough.com btlr.sharethrough.com	220 B
2	upapi.net 1 redirects mrb.upapi.net	223 KB
2	paypalobjects.com www.paypalobjects.com	2 KB
2	cookielaw.org cdn.cookielaw.org	20 KB
1	mgid.com prebid.mgid.com	583 B
1	addthisedge.com v1.addthisedge.com	674 B
1	moatads.com z.moatads.com	1 KB
1	google.de adservice.google.de	171 B
1	yieldmo.com ads.yieldmo.com	34 B
1	casalemedia.com as-sec.casalemedia.com	984 B
1	1rx.io tag.1rx.io	266 B
1	onetrust.com geolocation.onetrust.com	221 B
1	googletagmanager.com www.googletagmanager.com	20 KB
1	jquery.com code.jquery.com	30 KB
1	adapex.io cdn.adapex.io	85 KB
1	colorschemedesigner.com 1 redirects www.colorschemedesigner.com	214 B
199	43

	Domain	Requested by
55	adserver-us.adtech.advertising.com	22 redirects paletton.com
27	paletton.com	paletton.com cdn.adapex.io ajax.googleapis.com
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net paletton.com cdn.ampproject.org pagead2.googlesyndication.com tpc.googlesyndication.com
13	cdn.ampproject.org	securepubads.g.doubleclick.net
9	g2.gumgum.com	cdn.adapex.io cdn.pixfuture.com
9	pagead2.googlesyndication.com	paletton.com pagead2.googlesyndication.com
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net paletton.com
5	pixel.quantserve.com	3 redirects paletton.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com paletton.com
4	ups.analytics.yahoo.com
4	pixel.advertising.com	4 redirects
4	ssc-cms.33across.com	cdn.adapex.io
4	fastlane.rubiconproject.com	cdn.adapex.io
4	ib.adnxs.com	cdn.adapex.io cdn.pixfuture.com
4	ssc.33across.com	cdn.adapex.io
3	cdn.pixfuture.com	served-by.pixfuture.com cdn.pixfuture.com
3	www.googletagservices.com	pagead2.googlesyndication.com paletton.com securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	cdn.adapex.io c.amazon-adsystem.com
3	s7.addthis.com	1 redirects paletton.com s7.addthis.com
2	match.adsrvr.org	cdn.pixfuture.com
2	acdn.adnxs.com	cdn.adapex.io cdn.pixfuture.com
2	www.google.com	2 redirects
2	fonts.gstatic.com	paletton.com
2	served-by.pixfuture.com	securepubads.g.doubleclick.net paletton.com
2	api-public-oci-origin.addthis.com	paletton.com
2	api-public.addthis.com	2 redirects
2	graph.facebook.com	s7.addthis.com
2	rules.quantcount.com	1 redirects paletton.com
2	edge.quantserve.com	1 redirects paletton.com
2	www.google-analytics.com	paletton.com
2	btlr.sharethrough.com	cdn.adapex.io
2	mrb.upapi.net	1 redirects paletton.com
2	www.paypalobjects.com	paletton.com
2	ajax.googleapis.com	paletton.com
2	cdn.cookielaw.org	paletton.com cdn.cookielaw.org
1	bh.contextweb.com	cdn.pixfuture.com
1	eu-u.openx.net	cdn.pixfuture.com
1	ads.pubmatic.com	cdn.adapex.io
1	eus.rubiconproject.com	cdn.adapex.io
1	cdn.districtm.io	cdn.adapex.io
1	bid.contextweb.com	cdn.pixfuture.com
1	prebid.mgid.com	cdn.pixfuture.com
1	pixfuture2-d.openx.net	cdn.pixfuture.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	paletton.com
1	ajaxhttpheaders2.appspot.com	paletton.com
1	ajaxhttpheaders.appspot.com	1 redirects
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	dmx.districtm.io	cdn.adapex.io
1	ads.yieldmo.com	cdn.adapex.io
1	hbopenbid.pubmatic.com	cdn.adapex.io
1	as-sec.casalemedia.com	cdn.adapex.io
1	tag.1rx.io	cdn.adapex.io
1	geolocation.onetrust.com	code.jquery.com
1	www.googletagmanager.com	paletton.com
1	code.jquery.com	cdn.cookielaw.org
1	cdn.adapex.io	paletton.com
1	www.colorschemedesigner.com	1 redirects
199	61

This site contains links to these domains. Also see Links.

Domain
cookiepedia.co.uk
onetrust.com
pixy.cz

Subject Issuer	Validity	Valid
sa437gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2018-05-17` - `2020-08-19`	2 years	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2019-12-09` - `2021-12-13`	2 years	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2019-10-10` - `2020-09-04`	a year	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-05` - `2020-10-09`	a year	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.onetrust.com DigiCert SHA2 Secure Server CA	`2018-03-12` - `2020-06-14`	2 years	crt.sh
*.gumgum.com Amazon	`2019-07-31` - `2020-08-31`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh
*.adtech.advertising.com DigiCert SHA2 High Assurance Server CA	`2018-05-22` - `2020-05-26`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-07-17` - `2020-03-09`	8 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.sharethrough.com Amazon	`2019-10-07` - `2020-11-07`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.yieldmo.com Amazon	`2019-09-20` - `2020-10-20`	a year	crt.sh
districtm.io CloudFlare Inc ECC CA-2	`2019-03-26` - `2020-03-26`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
*.appspot.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.addthis.com DigiCert SHA2 Secure Server CA	`2019-02-04` - `2021-02-03`	2 years	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
ssl382684.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-07` - `2020-05-15`	6 months	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2018-07-07` - `2020-06-03`	2 years	crt.sh
served-by.pixfuture.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-15` - `2021-04-24`	2 years	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2019-05-16` - `2020-05-16`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-10-30` - `2020-04-27`	6 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh

This page contains 22 frames:

Primary Page: http://paletton.com/
Frame ID: 8B32577F89FFEB2DCD99BB66C6CA0C4A
Requests: 125 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200212/r20190131/zrt_lookup.html
Frame ID: E495747F8F0BDD9526901B949291FE1A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3730271461974795&output=html&h=15&slotname=3692792068&adk=945085698&adf=2671766170&w=728&lmt=1573463324&psa=0&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fpaletton.com%2F&flash=0&wgl=1&adsid=NT&dt=1581950111752&bpp=17&bdt=848&fdt=153&idt=153&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6588269858399&frm=20&pv=2&ga_vid=1591886775.1581950112&ga_sid=1581950112&ga_hid=127874135&ga_fc=0&iag=0&icsg=34376512160&dssz=33&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=391&ady=245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=1006780386306090&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&xpc=cJmvyOvMgG&p=http%3A//paletton.com&dtd=168
Frame ID: 555FFC951AF71E5F4524137A1B1A7602
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3730271461974795&output=html&adk=1812271804&adf=3025194257&lmt=1573463324&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fpaletton.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1581950111830&bpp=6&bdt=926&fdt=139&idt=139&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=3692792068&nras=1&correlator=6588269858399&frm=20&pv=1&ga_vid=1591886775.1581950112&ga_sid=1581950112&ga_hid=127874135&ga_fc=0&iag=0&icsg=35218748600992&dssz=34&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=1006780386306090&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&dtd=144
Frame ID: 204681F38A789D4F084AE4249F7B7BB4
Requests: 1 HTTP requests in this frame

Frame: http://paletton.com/preview/default.html
Frame ID: 007F9B7C8714CF6A078AF6843805C851
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032002112037430/amp4ads-v0.js
Frame ID: 5A2652EF7278D75AF970769AB3EB865B
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032002112037430/amp4ads-v0.js
Frame ID: D3C79EF763C05E158353485C9F58572E
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032002112037430/amp4ads-v0.js
Frame ID: 16592C1CF1AB3932B3D42190F92080EE
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstry_fieA7rbm8JdKp2PqFrC9Yp1BijJD8hFVU-ptU9O6p91VZVNjA_9meqv8YsVGLxeIHC0BjadOZAGQEsJpdWL_jrGq0vWjiLoL5Giqigop3mGyGK8oYO_Na5y_s8SFN34ywWI6cPm5PNPm4BNCG-ngaP4oPm_gBU5sWnX9lHv7hrkHxt59aQ8GU_IG4Xc5HCJl1WgNN37BrApeQXU4JH1MX4sHxAeGGB8FgSn4AS1T-ip6uAeZka6LoSZ5I1ke76r6JxOeJk5oTa2ug&sig=Cg0ArKJSzDCm2JzvzwjAEAE&urlfix=1&adurl=
Frame ID: 4EC9CADE0604B6DD72F6B38B5040BABE
Requests: 4 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/djax.js
Frame ID: 2BFFAF8489D3D660100C23F97EBFC255
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html
Frame ID: 4386175B69958226799A3662E630EE49
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=a5OAvyipCr6QqaaKlId8sQ&gdpr_consent=undefined
Frame ID: E795F2D2989A4309513397F49EB1539B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 540BBE67C59FAFAF4AFFB9025D15DF09
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 41A4665B5A7C301D6CC57F00D11A82C5
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bdaUuWipCr6QqaaKlId8sQ&gdpr_consent=undefined
Frame ID: 05D821E4864C5C624484179B9A7946BD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4E3073837E964A14D1E2FACA8544BE51
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=a-jbSKipCr6QqaaKlId8sQ&gdpr_consent=undefined
Frame ID: 03C7029BFA7093E1850A243DB53E946C
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=a1qoh-ipCr6QqaaKlId8sQ&gdpr_consent=undefined
Frame ID: 93D8DED0CC36C8EDFD5E2CC768C410F9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 1965B33AE582FC6863DD9FA904496B59
Requests: 1 HTTP requests in this frame

Frame: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 4ABEE6440986B94672766AAA10C26B16
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Frame ID: B0FF8856AB107DDED3EE7658907C1B37
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: B0B54ED24EBB78BB3F46BE2D6B5F7572
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.colorschemedesigner.com/ HTTP 301
http://paletton.com/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /require.*\.js/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery-ui.*\.js/i

Page Statistics

199
Requests

80 %
HTTPS

41 %
IPv6

43
Domains

61
Subdomains

54
IPs

7
Countries

2214 kB
Transfer

5683 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More Information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

URL: http://pixy.cz/index-en.html
Title: Petr Stan�cek

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.colorschemedesigner.com/ HTTP 301
http://paletton.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
https://s7.addthis.com/js/300/addthis_widget.js

Request Chain 14

http://mrb.upapi.net/code?w=5684516622434304&uponit=true HTTP 301
https://mrb.upapi.net/code?w=5684516622434304&uponit=true

Request Chain 37

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=88fc342031cd19c;misc=1581950111712; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=88fc342031cd19c;misc=1581950111712

Request Chain 38

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082493/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=89d400c3cee5a2f;misc=1581950111712; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082493/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=89d400c3cee5a2f;misc=1581950111712

Request Chain 39

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082627/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=903a3386240ee3e;misc=1581950111712; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082627/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=903a3386240ee3e;misc=1581950111712

Request Chain 40

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=910b3bddca11de6;misc=1581950111713; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=910b3bddca11de6;misc=1581950111713

Request Chain 41

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082489/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=922607fc2e1f7e8;misc=1581950111713; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082489/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=922607fc2e1f7e8;misc=1581950111713

Request Chain 42

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082628/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=931c0b44626ee62;misc=1581950111713; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082628/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=931c0b44626ee62;misc=1581950111713

Request Chain 43

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082494/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=94550dd2de02ef2;misc=1581950111713; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082494/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=94550dd2de02ef2;misc=1581950111713

Request Chain 44

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082491/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=957e7c066ef5688;misc=1581950111713; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082491/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=957e7c066ef5688;misc=1581950111713

Request Chain 45

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082490/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=96dc8b07eff58df;misc=1581950111713; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082490/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=96dc8b07eff58df;misc=1581950111713

Request Chain 46

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082488/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=9755fa31ee1ac24;misc=1581950111713; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082488/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=9755fa31ee1ac24;misc=1581950111713

Request Chain 65

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 67

http://edge.quantserve.com/quant.js HTTP 301
https://edge.quantserve.com/quant.js?https_upg=1

Request Chain 73

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082489/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=922607fc2e1f7e8;misc=1581950111713 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082489/0/0/ADTECH;apid=1Ab44a1b16-5192-11ea-b950-12724de64e5e;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=922607fc2e1f7e8;misc=1581950111713

Request Chain 74

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=88fc342031cd19c;misc=1581950111712 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;apid=1Ab449e9ac-5192-11ea-b235-126de4777bf4;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=88fc342031cd19c;misc=1581950111712

Request Chain 75

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=910b3bddca11de6;misc=1581950111713 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;apid=1Ab44a5c34-5192-11ea-a94b-12ae2f50edf6;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=910b3bddca11de6;misc=1581950111713

Request Chain 76

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082627/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=903a3386240ee3e;misc=1581950111712 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082627/0/0/ADTECH;apid=1Ab44a401e-5192-11ea-bb6c-1283af18fee8;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=903a3386240ee3e;misc=1581950111712

Request Chain 77

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082628/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=931c0b44626ee62;misc=1581950111713 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082628/0/0/ADTECH;apid=1Ab449d908-5192-11ea-b728-1200a56dfbc2;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=931c0b44626ee62;misc=1581950111713

Request Chain 78

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082493/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=89d400c3cee5a2f;misc=1581950111712 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082493/0/0/ADTECH;apid=1Ab449ad70-5192-11ea-9d3c-120d915f11b6;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=89d400c3cee5a2f;misc=1581950111712

Request Chain 79

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082488/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=9755fa31ee1ac24;misc=1581950111713 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082488/0/0/ADTECH;apid=1Ab4712062-5192-11ea-8e99-12bf277b9278;cfp=1;rndc=1581950112;v=2;cmd=bid;cors=yes;alias=9755fa31ee1ac24;misc=1581950111713

Request Chain 80

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082491/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=957e7c066ef5688;misc=1581950111713 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082491/0/0/ADTECH;apid=1Ab449dc28-5192-11ea-be94-12795fd23bd8;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=957e7c066ef5688;misc=1581950111713

Request Chain 81

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082490/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=96dc8b07eff58df;misc=1581950111713 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082490/0/0/ADTECH;apid=1Ab44a2156-5192-11ea-99ad-122675b00be4;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=96dc8b07eff58df;misc=1581950111713

Request Chain 82

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082494/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=94550dd2de02ef2;misc=1581950111713 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082494/0/0/ADTECH;apid=1Ab44a59aa-5192-11ea-89f4-121ea8d7377c;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=94550dd2de02ef2;misc=1581950111713

Request Chain 84

http://ajaxhttpheaders.appspot.com/?callback=jQuery210012371402609862314_1581950111426&_=1581950111427 HTTP 302
https://ajaxhttpheaders2.appspot.com/?callback=jQuery210012371402609862314_1581950111426

Request Chain 95

http://rules.quantcount.com/rules-p-2BE0Kd0wKmfYD.js HTTP 301
https://rules.quantcount.com/rules-p-2BE0Kd0wKmfYD.js

Request Chain 97

http://pixel.quantserve.com/pixel;r=545498096;rf=0;a=p-2BE0Kd0wKmfYD;url=http%3A%2F%2Fpaletton.com%2F;fpan=1;fpa=P0-1465918661-1581950112334;ns=0;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1581950112334;tzo=-60;ogl= HTTP 301
https://pixel.quantserve.com/pixel?https_upg=1&r=545498096;rf=0;a=p-2BE0Kd0wKmfYD;url=http%3A%2F%2Fpaletton.com%2F;fpan=1;fpa=P0-1465918661-1581950112334;ns=0;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1581950112334;tzo=-60;ogl=

Request Chain 108

http://www.google-analytics.com/collect?v=1&_v=j81&a=127874135&t=pageview&_s=1&dl=http%3A%2F%2Fpaletton.com%2F&dp=%2Fview%2Fdefault&ul=en-us&de=UTF-8&dt=App%20(default)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KChAgAAB~&jid=195036291&gjid=896594991&cid=1591886775.1581950112&tid=UA-51179325-1&_gid=1865696587.1581950112&cd1=en&cd2=mono&cd3=&z=480399899 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j81&a=127874135&t=pageview&_s=1&dl=http%3A%2F%2Fpaletton.com%2F&dp=%2Fview%2Fdefault&ul=en-us&de=UTF-8&dt=App%20(default)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KChAgAAB~&jid=195036291&gjid=896594991&cid=1591886775.1581950112&tid=UA-51179325-1&_gid=1865696587.1581950112&cd1=en&cd2=mono&cd3=&z=480399899

Request Chain 121

http://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fpaletton.com%2F&callback=_ate.cbs.rcb_2as90 HTTP 308
https://api-public-oci-origin.addthis.com/url/shares.json?url=http%3A%2F%2Fpaletton.com%2F&callback=_ate.cbs.rcb_2as90

Request Chain 123

http://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fpaletton.com%2F&callback=_ate.cbs.rcb_hl2f0 HTTP 308
https://api-public-oci-origin.addthis.com/url/shares.json?url=https%3A%2F%2Fpaletton.com%2F&callback=_ate.cbs.rcb_hl2f0

Request Chain 154

http://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 155

http://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 162

http://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif HTTP 307
https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Request Chain 170

https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=13e96a09afcddf3;misc=1581950115604; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;cfp=1;rndc=1581950115;v=2;cmd=bid;cors=yes;alias=13e96a09afcddf3;misc=1581950115604

Request Chain 174

https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;cfp=1;rndc=1581950115;v=2;cmd=bid;cors=yes;alias=13e96a09afcddf3;misc=1581950115604 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;apid=1Ab68758a8-5192-11ea-8b54-12fd82435158;cfp=1;rndc=1581950115;v=2;cmd=bid;cors=yes;alias=13e96a09afcddf3;misc=1581950115604

Request Chain 190

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1Ab68758a8-5192-11ea-8b54-12fd82435158

Request Chain 192

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=m53x2c_MpI6DwPCJyMDojc3P_YCDnPbcz8mIYscB HTTP 302
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=m53x2c_MpI6DwPCJyMDojc3P_YCDnPbcz8mIYscB&apid=1Ab68758a8-5192-11ea-8b54-12fd82435158

Request Chain 197

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=m53x2c_MpI6DwPCJyMDojc3P_YCDnPbcz8mIYscB HTTP 302
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=m53x2c_MpI6DwPCJyMDojc3P_YCDnPbcz8mIYscB&apid=1Ab68758a8-5192-11ea-8b54-12fd82435158

Request Chain 198

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1Ab68758a8-5192-11ea-8b54-12fd82435158

199 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
paletton.com/
Redirect Chain

http://www.colorschemedesigner.com/
http://paletton.com/

21 KB
8 KB

420ms
375ms

Document
text/html

67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://paletton.com/
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 254e63edea574f9e1b451f8607cac6d2875a79ebd01e91313388419116b0263f

Request headers

Host: paletton.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:10 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 11 Nov 2019 09:08:44 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8026
Keep-Alive: timeout=5, max=75
Content-Type: text/html

Redirect headers

Date: Mon, 17 Feb 2020 14:35:10 GMT
Server: nginx/1.17.6
Content-Type: text/html; charset=iso-8859-1
Content-Length: 305
Location: http://paletton.com/
X-Server-Cache: false

GET
H/1.1 200
OK jquery-ui-1.10.4.custom.css
paletton.com/css/jqui/ 31 KB
8 KB 208ms
206ms Stylesheet
text/css 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://paletton.com/css/jqui/jquery-ui-1.10.4.custom.css
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 9275fc6aca0d205550d5dac655167f97ab867ac8d9daf3d809168a0cb1367e95

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Apr 2014 02:06:09 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 7455

GET
H/1.1 200
OK default2.css
paletton.com/css/css/ 40 KB
10 KB 374ms
359ms Stylesheet
text/css 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://paletton.com/css/css/default2.css?v=20180422-2
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: bb19a8170961c6177dcd5b1230737ee312e831994bc48272248b7bb464da4c11

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Nov 2019 10:23:04 GMT
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Cache-Control: max-age=3600, public, must-revalidate
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=75
Content-Length: 9437

GET
H2 200 0bd03cd2-b6e9-46b6-8759-aa6e795985d6.js Show response
cdn.cookielaw.org/consent/ 58 KB
14 KB 83ms
21ms Script
application/x-javascript 152.195.132.202
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/consent/0bd03cd2-b6e9-46b6-8759-aa6e795985d6.js
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.132.202 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8B33) /
Resource Hash: 73d7ea3d0a15f6d653a23bc31e35d81c6d75cb99cf2cc77ec3eeaa6907066044

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Feb 2020 14:35:10 GMT
content-encoding: gzip
content-md5: aRcU9MjsWVJzLd4DRoTEXg==
age: 281
x-cache: HIT
status: 200
content-length: 13918
x-ms-lease-status: unlocked
last-modified: Wed, 15 May 2019 16:25:11 GMT
server: ECAcc (ama/8B33)
etag: 0x8D6D951E74E7626
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 00e639ef-101e-0102-389e-e59c49000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Mon, 17 Feb 2020 18:35:10 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.0/ 82 KB
29 KB 13ms
6ms Script
text/javascript 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 00:30:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 1519504
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 29478
X-XSS-Protection: 0
Expires: Sat, 30 Jan 2021 00:30:06 GMT

GET
H/1.1 200
OK jquery-ui-1.10.4.custom.min.js Show response
paletton.com/js/lib/ 223 KB
80 KB 387ms
372ms Script
application/javascript 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://paletton.com/js/lib/jquery-ui-1.10.4.custom.min.js
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 9a21963af0fc87d11e1deac7b030915e75fddf4378d2fa2eb55b8d6f6f453b44

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Apr 2014 02:08:15 GMT
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Cache-Control: max-age=3600, public, must-revalidate
Transfer-Encoding: chunked
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=75

GET
H/1.1 200
OK jquery.observehashchange.js Show response
paletton.com/js/lib/ 3 KB
2 KB 396ms
380ms Script
application/javascript 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://paletton.com/js/lib/jquery.observehashchange.js
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: a7fb846925485c1510f4e2aabb7d00e0e61cac8da30d5026ad73fcfec7a62351

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Apr 2014 02:08:18 GMT
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Cache-Control: max-age=3600, public, must-revalidate
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=75
Content-Length: 1190

GET
H/1.1 200
OK jquery.cookie.js Show response
paletton.com/js/lib/ 3 KB
2 KB 372ms
357ms Script
application/javascript 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://paletton.com/js/lib/jquery.cookie.js
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Apr 2014 02:08:17 GMT
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Cache-Control: max-age=3600, public, must-revalidate
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=75
Content-Length: 1425

GET
H/1.1 200
OK en.js Show response
paletton.com/js/lang/ 12 KB
4 KB 374ms
359ms Script
application/javascript 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://paletton.com/js/lang/en.js
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 39b8196df8565826ec39b8d848e26405d874f03ffe238ccfa8f253594f3393dc

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Nov 2016 22:01:55 GMT
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Cache-Control: max-age=3600, public, must-revalidate
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=75
Content-Length: 3867

GET
H/1.1 200
OK require.js Show response
paletton.com/js/lib/ 13 KB
7 KB 403ms
195ms Script
application/javascript 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://paletton.com/js/lib/require.js
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: dcdcd0277e3c5f2c9c4e7109b03ca071a9778bf73d147cbaac01af65d494fb3c

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Apr 2014 02:08:23 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 6723

GET
H/1.1 200
OK aaw.plt.js Show response
cdn.adapex.io/hb/ 269 KB
85 KB 25ms
18ms Script
application/javascript 2606:4700:3036::681c:1be7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.adapex.io/hb/aaw.plt.js
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::681c:1be7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77d7bc51e075befdd4abd0d954cf332032e2d8508f0451f7885ec2f48a340310

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:10 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 25512
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
Last-Modified: Fri, 14 Feb 2020 08:07:19 GMT
Server: cloudflare
ETag: W/"5e465537-4343a"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
CF-RAY: 56687c813802dfbb-FRA
Expires: Tue, 18 Feb 2020 07:29:16 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 107 KB
38 KB 26ms
19ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63d544164b501354efc7b4a4654d5ae42ad6f70b9b6019280744099793d1347d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 12624081927940835341
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 38676
X-XSS-Protection: 0
Expires: Mon, 17 Feb 2020 14:35:10 GMT

GET
H2 200 btn_donate_SM.gif
www.paypalobjects.com/en_US/i/btn/ 1 KB
2 KB 65ms
22ms Image
image/gif 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/btn/btn_donate_SM.gif

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

b14234740394e59287bce1f6f3a594a8f221b382552b35658f1ef15d16ee662b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 14:35:10 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 2627287
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 7188
strict-transport-security: max-age=31557600
content-encoding: br
x-served-by: cache-sjc10022-SJC, cache-hhn4056-HHN
last-modified: Fri, 16 Aug 2019 04:57:33 GMT
server: Apache
x-timer: S1581950111.997972,VS0,VE0
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=7776000
accept-ranges: none
expires: Sun, 17 May 2020 14:35:10 GMT

GET
H2 200 pixel.gif
www.paypalobjects.com/en_US/i/scr/ 43 B
219 B 23ms
23ms Image
image/gif 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 14:35:11 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 2716827
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 101140
strict-transport-security: max-age=31557600
content-encoding: br
x-served-by: cache-sjc10042-SJC, cache-hhn4056-HHN
last-modified: Fri, 16 Aug 2019 04:57:34 GMT
server: Apache
x-timer: S1581950111.023845,VS0,VE0
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=7776000
accept-ranges: none
expires: Sun, 17 May 2020 14:35:11 GMT

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/300/
Redirect Chain

http://s7.addthis.com/js/300/addthis_widget.js
https://s7.addthis.com/js/300/addthis_widget.js

349 KB
113 KB

27ms
26ms

Script
application/javascript

23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 21 Jan 2020 20:57:37 GMT
server: nginx/1.15.8
etag: W/"5e2765c1-57446"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Mon, 17 Feb 2020 14:35:11 GMT
x-host: s7.addthis.com
content-length: 114924

Redirect headers

Date: Mon, 17 Feb 2020 14:35:10 GMT
Server: nginx/1.15.8
X-Distribution: 99
Content-Type: text/html
Location: https://s7.addthis.com/js/300/addthis_widget.js
X-Host: s7.addthis.com
Connection: keep-alive
Content-Length: 171

GET
H2

200

code Show response
mrb.upapi.net/
Redirect Chain

http://mrb.upapi.net/code?w=5684516622434304&uponit=true
https://mrb.upapi.net/code?w=5684516622434304&uponit=true

702 KB
222 KB

42ms
22ms

Script
application/javascript

2606:4700:20::681a:b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrb.upapi.net/code?w=5684516622434304&uponit=true
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b1e5385e2bd0e9ee99b3d6620f8e543c94be7c2a51b8de9c9aec18dc6049b1b

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 17 Feb 2020 14:35:11 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 3468
etag: W/"4b1b98de45161292a8545376fe16a99a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
content-encoding: br
cache-control: public, max-age=1800, must-revalidate
cf-ray: 56687c826952634d-FRA
access-control-allow-origin: *

Redirect headers

Date: Mon, 17 Feb 2020 14:35:11 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://mrb.upapi.net/code?w=5684516622434304&uponit=true
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 56687c820abddfff-FRA
Expires: Mon, 17 Feb 2020 15:35:11 GMT

GET
H2 200 optanon.css
cdn.cookielaw.org/skins/4.9.0/default_flat_bottom_two_button_black/v2/css/ 23 KB
6 KB 22ms
21ms Stylesheet
text/css 152.195.132.202
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/skins/4.9.0/default_flat_bottom_two_button_black/v2/css/optanon.css
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/0bd03cd2-b6e9-46b6-8759-aa6e795985d6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.132.202 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8ADC) /
Resource Hash: 0bd0bc4edd5e4b256b9c40ce082680ad16a78ac5faf4d3337d39cf9605518bfe

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: style

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Feb 2020 14:35:11 GMT
content-encoding: gzip
content-md5: jzLE25vmrDR3ZmMxTSa8+w==
age: 6939
x-cache: HIT
status: 200
content-length: 5556
x-ms-lease-status: unlocked
last-modified: Thu, 19 Sep 2019 20:24:30 GMT
server: ECAcc (ama/8ADC)
etag: 0x8D73D3F60459E1C
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: d0ff0fb3-e01e-0171-7a8f-e5ec8a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Mon, 17 Feb 2020 18:35:11 GMT

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 33ms
7ms Script
application/javascript 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/0bd03cd2-b6e9-46b6-8759-aa6e795985d6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:11 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Jan 2018 17:26:44 GMT
Server: nginx
ETag: W/"5a637bd4-1538f"
Vary: Accept-Encoding
X-HW: 1581950111.dop162.fr8.t,1581950111.cds088.fr8.shn,1581950111.cds088.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 30288

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 54 KB
20 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TQW4RL7

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d76a8e2d992422c26e0b586d8cc3a53afe86aadf0c2dd4a34607e1e7d5cf27d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 14:35:11 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 20555
x-xss-protection: 0
last-modified: Mon, 17 Feb 2020 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 Feb 2020 14:35:11 GMT

GET
H2 200 EU Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ 32 B
221 B 23ms
23ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery33104887950084064654_1581950111471&_=1581950111472

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 14:35:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 56687c84bc039790-FRA
content-length: 32

GET
H/1.1 200
OK app.compiled.js Show response
paletton.com/js/ 120 KB
43 KB 203ms
202ms Script
application/javascript 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://paletton.com/js/app.compiled.js
Requested by: Host: paletton.com
URL: http://paletton.com/js/lib/require.js
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 3177a76aadf4fe5c7ee7fba5823116009ca3bfd09a18671788aceb2d8ce46395

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Nov 2016 22:01:58 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600, public, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74

GET
H/1.1 200
OK noise.png
paletton.com/img/ 40 KB
41 KB 194ms
194ms Image
image/png 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://paletton.com/img/noise.png
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: c138155605cc246182faa0e74f267845732eff694ba80165b50e2a8f8e8cd8a3

Request headers

Referer: http://paletton.com/css/css/default2.css?v=20180422-2
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:11 GMT
Last-Modified: Mon, 14 Apr 2014 02:06:31 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 41339

GET
H/1.1 200
OK apstag.js Show response
c.amazon-adsystem.com/aax2/ 87 KB
25 KB 43ms
28ms Script
application/javascript 143.204.90.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: HTTP/1.1
Server: 143.204.90.242 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-90-242.fra50.r.cloudfront.net
Software: Server /
Resource Hash: ac2a58f9d55c4642121cfb6f7e213cbc882bbdd75ef171ca8a07ed982ef693ce

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 02:32:07 GMT
Content-Encoding: gzip
Server: Server
Age: 43384
ETag: 1dcfbf3986ee8b9c3abbc67eb808ab43
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
X-Amz-Cf-Pop: FRA50-C1
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Id: gViA2F51Kc_Y55Z3v2BQ6rW18YdS7HBPYqjW4HHhM_3jqNU4YNQing==

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 122 B
647 B 167ms
86ms XHR
application/json 54.76.246.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=35160&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fpaletton.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=9728&
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.246.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-246-227.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6feced225f1134e94b6f9b778013ea0e927b9ce58d3a7f8720af8930f742575e

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:11 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: http://paletton.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 122 B
648 B 127ms
46ms XHR
application/json 54.76.246.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=35161&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fpaletton.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=9728&
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.246.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-246-227.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0f9f3fd866f3844f9550519224ecd823d0e3b73f777a8dcd5a19b4e23086f0ff

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:11 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: http://paletton.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 122 B
647 B 159ms
79ms XHR
application/json 54.76.246.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=35162&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fpaletton.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=9728&
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.246.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-246-227.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ea679045dd07561623dc846f2cbe551e6e8b55215eba6a7f8277b5e4eb4bb350

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:11 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: http://paletton.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 122 B
649 B 185ms
105ms XHR
application/json 54.76.246.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=35163&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fpaletton.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=9728&
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.246.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-246-227.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6ef54cf7a14f28fa73ff16e2cf2c2c80a6ce3e7f7a7d50ca23536bf75cd9f0cb

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:11 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: http://paletton.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 122 B
651 B 127ms
47ms XHR
application/json 54.76.246.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=35164&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fpaletton.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=9728&
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.246.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-246-227.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cc1fb95027df07a44101766dce45818613ef71bb303cc01048db64bdc67247b6

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:11 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: http://paletton.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 122 B
648 B 182ms
102ms XHR
application/json 54.76.246.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=35165&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fpaletton.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=9728&
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.246.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-246-227.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0eef079fb017d308068b0016fe100dc714602ce0c4c35ada89198d61779fedb9

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:11 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: http://paletton.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 122 B
648 B 183ms
103ms XHR
application/json 54.76.246.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=35166&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fpaletton.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=9728&
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.246.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-246-227.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6e73a1c94f5b4f766aadfc4ab8ebe4c3f7c1df0da7e1ac52fbb6f045ef84e174

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:11 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: http://paletton.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 122 B
648 B 166ms
87ms XHR
application/json 54.76.246.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=35167&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fpaletton.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=9728&
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.246.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-246-227.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f45da9f3a4ea415dfee866003bcf6e20779b9d0f204d374772d50df7e3e78e1f

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:11 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: http://paletton.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H/1.1 200
OK bg-header.png
paletton.com/img/ 262 B
557 B 205ms
204ms Image
image/png 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://paletton.com/img/bg-header.png
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: c2b27caef0bf2dfca09290ec03af3d78a112724a6884d34c7b4a7350dc843f3e

Request headers

Referer: http://paletton.com/css/css/default2.css?v=20180422-2
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:11 GMT
Last-Modified: Wed, 16 Apr 2014 13:20:43 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 262

GET
H/1.1 200
OK sprites.png
paletton.com/img/ 21 KB
21 KB 207ms
207ms Image
image/png 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://paletton.com/img/sprites.png
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 9e4e025c7f5a11e3c38a0a628d90e86f5abe8bedd33474cc56eecbbd531d41ad

Request headers

Referer: http://paletton.com/css/css/default2.css?v=20180422-2
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:11 GMT
Last-Modified: Fri, 22 Aug 2014 11:12:19 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 21448

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
341 B 343ms
115ms XHR
application/json 67.202.110.22
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.22 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-110.static.steadfastdns.net
Software: / 33Across
Resource Hash: a7377883880a8df1adbcd3832b0eb7fb7a278e17bf7b188fe17696a4ed2f4a4c

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Feb 2020 14:35:11 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://paletton.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
341 B 343ms
116ms XHR
application/json 67.202.110.22
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.22 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-110.static.steadfastdns.net
Software: / 33Across
Resource Hash: 639d90e83e2304ecd2182757c1334a7cddd30c940926f2097ce9fb8f6909c9fc

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Feb 2020 14:35:09 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://paletton.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
350 B 343ms
116ms XHR
application/json 67.202.110.22
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.22 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-110.static.steadfastdns.net
Software: / 33Across
Resource Hash: f982ed9dde0cb3c4459457f68bb6ccacab227bbb40349240146d72dd3b6f2434

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Feb 2020 14:35:11 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://paletton.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
350 B 340ms
114ms XHR
application/json 67.202.110.22
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.22 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-110.static.steadfastdns.net
Software: / 33Across
Resource Hash: 20d67897997d5d90d4dc40fc59dda0f221f2eaa2475d0c2d4b910d4c72d375e3

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Feb 2020 14:35:11 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://paletton.com
access-control-allow-credentials: true

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/78930/0/ 0
266 B 124ms
31ms XHR
text/plain 213.19.147.210
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/78930/0/mvo?z=1r&hbv=3.7.0-pre,2.1
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://paletton.com
Pragma: no-cache
Date: Mon, 17 Feb 2020 14:35:11 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive

GET
H2

302

ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=88fc342031cd19c;misc=1581950111712 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=88fc342031cd19c;misc=1581950111712;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=88fc342031cd19c;misc=1581950111712

0
-1 B

205ms
113ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=88fc342031cd19c;misc=1581950111712
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:11 GMT
server: nginx
access-control-allow-origin: http://paletton.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=88fc342031cd19c;misc=1581950111712
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:11 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=88fc342031cd19c;misc=1581950111712
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=89d400c3cee5a2f;misc=1581950111712 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082493/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082493/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=89d400c3cee5a2f;misc=1581950111712;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082493/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=89d400c3cee5a2f;misc=1581950111712

0
-1 B

205ms
113ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082493/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=89d400c3cee5a2f;misc=1581950111712
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:11 GMT
server: nginx
access-control-allow-origin: http://paletton.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082493/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=89d400c3cee5a2f;misc=1581950111712
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:11 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082493/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=89d400c3cee5a2f;misc=1581950111712
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=903a3386240ee3e;misc=1581950111712 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082627/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082627/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=903a3386240ee3e;misc=1581950111712;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082627/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=903a3386240ee3e;misc=1581950111712

0
-1 B

204ms
113ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082627/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=903a3386240ee3e;misc=1581950111712
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:11 GMT
server: nginx
access-control-allow-origin: http://paletton.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082627/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=903a3386240ee3e;misc=1581950111712
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:11 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082627/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=903a3386240ee3e;misc=1581950111712
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=910b3bddca11de6;misc=1581950111713 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=910b3bddca11de6;misc=1581950111713;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=910b3bddca11de6;misc=1581950111713

0
-1 B

204ms
113ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=910b3bddca11de6;misc=1581950111713
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:11 GMT
server: nginx
access-control-allow-origin: http://paletton.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=910b3bddca11de6;misc=1581950111713
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:11 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=910b3bddca11de6;misc=1581950111713
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=922607fc2e1f7e8;misc=1581950111713 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082489/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082489/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=922607fc2e1f7e8;misc=1581950111713;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082489/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=922607fc2e1f7e8;misc=1581950111713

0
-1 B

200ms
108ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082489/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=922607fc2e1f7e8;misc=1581950111713
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:11 GMT
server: nginx
access-control-allow-origin: http://paletton.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082489/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=922607fc2e1f7e8;misc=1581950111713
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:11 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082489/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=922607fc2e1f7e8;misc=1581950111713
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=931c0b44626ee62;misc=1581950111713 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082628/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082628/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=931c0b44626ee62;misc=1581950111713;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082628/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=931c0b44626ee62;misc=1581950111713

0
-1 B

204ms
113ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082628/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=931c0b44626ee62;misc=1581950111713
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:11 GMT
server: nginx
access-control-allow-origin: http://paletton.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082628/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=931c0b44626ee62;misc=1581950111713
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:11 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082628/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=931c0b44626ee62;misc=1581950111713
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=94550dd2de02ef2;misc=1581950111713 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082494/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082494/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=94550dd2de02ef2;misc=1581950111713;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082494/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=94550dd2de02ef2;misc=1581950111713

0
-1 B

218ms
127ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082494/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=94550dd2de02ef2;misc=1581950111713
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:11 GMT
server: nginx
access-control-allow-origin: http://paletton.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082494/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=94550dd2de02ef2;misc=1581950111713
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:11 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082494/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=94550dd2de02ef2;misc=1581950111713
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=957e7c066ef5688;misc=1581950111713 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082491/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082491/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=957e7c066ef5688;misc=1581950111713;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082491/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=957e7c066ef5688;misc=1581950111713

0
-1 B

205ms
114ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082491/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=957e7c066ef5688;misc=1581950111713
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:11 GMT
server: nginx
access-control-allow-origin: http://paletton.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082491/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=957e7c066ef5688;misc=1581950111713
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:11 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082491/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=957e7c066ef5688;misc=1581950111713
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=96dc8b07eff58df;misc=1581950111713 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082490/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082490/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=96dc8b07eff58df;misc=1581950111713;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082490/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=96dc8b07eff58df;misc=1581950111713

0
-1 B

215ms
124ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082490/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=96dc8b07eff58df;misc=1581950111713
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:11 GMT
server: nginx
access-control-allow-origin: http://paletton.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082490/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=96dc8b07eff58df;misc=1581950111713
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:11 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082490/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=96dc8b07eff58df;misc=1581950111713
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=9755fa31ee1ac24;misc=1581950111713 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082488/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082488/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=9755fa31ee1ac24;misc=1581950111713;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082488/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=9755fa31ee1ac24;misc=1581950111713

0
-1 B

203ms
113ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082488/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=9755fa31ee1ac24;misc=1581950111713
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:11 GMT
server: nginx
access-control-allow-origin: http://paletton.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082488/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=9755fa31ee1ac24;misc=1581950111713
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:11 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082488/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=9755fa31ee1ac24;misc=1581950111713
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 50 B
738 B 123ms
35ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Feb 2020 14:35:13 GMT
X-Proxy-Origin: 82.102.19.132; 82.102.19.132; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.106:80
AN-X-Request-Uuid: 6f42e02a-6d04-4a61-82d2-e3f69d5f3da3
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://paletton.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 495 B
1 KB 130ms
42ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

66b67780851498cdfe10c8ff6a2322326d56b14b4e3ea8598b6147a07065f6f1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Feb 2020 14:35:13 GMT
X-Proxy-Origin: 82.102.19.132; 82.102.19.132; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.244:80
AN-X-Request-Uuid: 0f749746-93e9-4be6-8b3b-e42c8145a726
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://paletton.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 495
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
984 B 383ms
324ms XHR
application/json 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=337263&v=7.2&r=%7B%22id%22%3A%22417984674af65c3%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22428188eb4aadaf4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337263%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224348e7dd61d65a8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337263%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2244f56070781e45e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337263%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22457c3d8b8374f0c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337263%22%2C%22sid%22%3A%22320x100%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22468a0d8606a0729%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337264%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2247b078288c90bc6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337264%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22485dd576cf418aa%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337264%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224936613db7982a6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337264%22%2C%22sid%22%3A%22320x100%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22503baae2a03d381%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337265%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2251d086f3ba9a548%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337265%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2252bef362abbe0c2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337266%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2253e5022716ef022%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337266%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fpaletton.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5fd0a4029ecb9a197bdb46fcd35aaefe266f9b62d2bc69f2019f4d80d005aea0

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Feb 2020 14:35:12 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: http://paletton.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Mon, 17 Feb 2020 14:35:12 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 267 B
2 KB 369ms
277ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=209282&zone_id=1029704&size_id=2&alt_size_ids=43%2C55%2C117&rf=http%3A%2F%2Fpaletton.com%2F&tk_flint=pbjs_lite_v3.7.0-pre&x_source.tid=ce51c625-82fb-48e1-ab98-57a212862446&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6616320759381644
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 2570c8ef06dfff787078ccd450a31833e8ddbda05499e0443bb285141d8b39b5

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Feb 2020 14:35:11 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://paletton.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=159
Content-Length: 267
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 267 B
2 KB 376ms
279ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=209282&zone_id=1029706&size_id=2&alt_size_ids=43%2C55%2C117&rf=http%3A%2F%2Fpaletton.com%2F&tk_flint=pbjs_lite_v3.7.0-pre&x_source.tid=928e3839-9019-4157-a826-942a98589490&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.34588583003106876
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: d7a04ab7be45ccb5887b846970f070f05ad6f16353d3ad22c67624283a0788ca

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Feb 2020 14:35:11 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://paletton.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=393
Content-Length: 267
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 259 B
2 KB 209ms
113ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=209282&zone_id=1029708&size_id=9&alt_size_ids=8&rf=http%3A%2F%2Fpaletton.com%2F&tk_flint=pbjs_lite_v3.7.0-pre&x_source.tid=f6205fb7-268f-4ead-97de-0a0e03e906de&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8198161275145257
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 2416e68f0c97764abc941e8aa4ea584a81e9b7d5c9e41a3c769fe418770a1f80

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Feb 2020 14:35:11 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://paletton.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=223
Content-Length: 259
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 259 B
2 KB 205ms
104ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=209282&zone_id=1029710&size_id=9&alt_size_ids=8&rf=http%3A%2F%2Fpaletton.com%2F&tk_flint=pbjs_lite_v3.7.0-pre&x_source.tid=489341be-fa4b-434f-92d1-d9d348ae456c&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5975799642906572
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 536c4d0849b347b369efee44f46dea61412c4d074d64836a56859a91338238b2

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Feb 2020 14:35:11 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://paletton.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=286
Content-Length: 259
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 496 B
1 KB 153ms
69ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

c36d043cc13a6a995a9f92a107e748d3728f3fb8f21f4c4514bcfb78a9a2fdbd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Feb 2020 14:35:13 GMT
X-Proxy-Origin: 82.102.19.132; 82.102.19.132; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.42:80
AN-X-Request-Uuid: c7590c3e-9f84-4104-88ef-97ab7e07ea6f
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://paletton.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 496
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
110 B 107ms
57ms XHR
text/plain 35.156.238.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=tN4Arb9GkMNhhgit8KqovNUg&bidId=650cb3cfe0d8eac&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.7.0-pre&strVersion=3.2.0&secure=false&
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.238.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-238-40.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 17 Feb 2020 14:35:11 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://paletton.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
110 B 115ms
65ms XHR
text/plain 35.156.238.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=gCdAjVCTGnETBTUUg7Eztsya&bidId=66ed436e1293634&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.7.0-pre&strVersion=3.2.0&secure=false&
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.238.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-238-40.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 17 Feb 2020 14:35:11 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://paletton.com
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 74ms
34ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 17 Feb 2020 14:35:11 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: http://paletton.com

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
34 B 127ms
40ms XHR
text/plain 52.49.211.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-PALET_1_970v%22%2C%22callback_id%22%3A%22791a5b5be38a26%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%2C%5B320%2C50%5D%2C%5B320%2C100%5D%5D%2C%22ym_placement_id%22%3A%222353779532734866045%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-PALET_2_970v%22%2C%22callback_id%22%3A%2280e86c64380ffed%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%2C%5B320%2C50%5D%2C%5B320%2C100%5D%5D%2C%22ym_placement_id%22%3A%222353779533003301504%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-PALET_2_120X654_Left%22%2C%22callback_id%22%3A%2281bd34989e07bcc%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%2C%5B120%2C600%5D%2C%5B120%2C240%5D%2C%5B120%2C654%5D%5D%2C%22ym_placement_id%22%3A%222353779532835529342%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-PALET_2_120X654_Right%22%2C%22callback_id%22%3A%2282eeb5ad77daf6a%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%2C%5B120%2C600%5D%2C%5B120%2C240%5D%2C%5B120%2C654%5D%5D%2C%22ym_placement_id%22%3A%222353779532919415423%22%7D%5D&page_url=http%3A%2F%2Fpaletton.com%2F&bust=1581950111723&pr=http%3A%2F%2Fpaletton.com%2F&scrd=1&dnt=false&e=0&description=In%20love%20with%20colors%2C%20since%202002.%20A%20designer%20tool%20for%20creating%20color%20combinations%20that%20work%20together%20well.%20Formerly%20known%20as%20Color%20Scheme%20Designer.%20Use%20the%20color%20wheel%20to%20create%20great%20color%20palettes.&title=Paletton%20-%20The%20Color%20Scheme%20Designer&w=1600&h=1200&userConsent=%7B%7D&us_privacy=undefined&pubcid=50423b1b-65a4-4b20-a501-58fb2cf06b49&
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.211.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-211-59.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 17 Feb 2020 14:35:11 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
437 B 329ms
35ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Feb 2020 14:35:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: http://paletton.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 56687c883aa0d915-AMS
access-control-allow-headers: origin, content-type

GET
H/1.1 200
OK loader.gif
paletton.com/img/ 7 KB
8 KB 193ms
193ms Image
image/gif 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://paletton.com/img/loader.gif
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 5f527ad94f536aea3fd9f50b3401e7e5a677f4cf4bc7fc40d3cd01d5e73e3d0a

Request headers

Referer: http://paletton.com/css/css/default2.css?v=20180422-2
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:11 GMT
Last-Modified: Mon, 14 Apr 2014 02:06:29 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 7389

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 17ms
17ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=paletton.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 14:35:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=paletton.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 14:35:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/ 252 KB
91 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2940fd5410266278b49250a1b2afdc5be955676657dc1f9f0b5c20dcf902aba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 14:35:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 93263
x-xss-protection: 0
server: cafe
etag: 5596272101604601780
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Feb 2020 14:35:11 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200212/r20190131/ Frame E495 0
0 14ms
10ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200212/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200212/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://paletton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://paletton.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 13 Feb 2020 01:43:32 GMT
expires: Thu, 27 Feb 2020 01:43:32 GMT
content-type: text/html; charset=UTF-8
etag: 17772678075199185246
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4496
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 391899
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

44 KB
18 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 99
date: Mon, 17 Feb 2020 14:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Mon, 17 Feb 2020 16:33:32 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 40ms
40ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 17 Feb 2020 14:35:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Nov 2019 20:13:52 GMT
Server: AmazonS3
x-amz-request-id: FBAF69B7861DE212
ETag: "f14b4e1f799b14f798a195f43cf58376"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=53940
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 948
x-amz-id-2: mINJDBnKUfP83RzDJ6hQaYSGPvMPOM770jd+gXVSD8LFScfPdVPaVzI4W2IwmrtEKhDna93Nv9A=

GET
H/1.1

200
OK

quant.js Show response
edge.quantserve.com/
Redirect Chain

http://edge.quantserve.com/quant.js
https://edge.quantserve.com/quant.js?https_upg=1

13 KB
6 KB

360ms
31ms

Script
application/x-javascript

91.228.74.179
QUANTCAST

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.quantserve.com/quant.js?https_upg=1

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.179 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17-Feb-2020 14:35:12 GMT
Server: QS
Etag: M0-56c8c653
Vary: Accept-Encoding
Strict-Transport-Security: max-age=86400
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5651
Expires: Mon, 24 Feb 2020 14:35:12 GMT

Redirect headers

Location: https://edge.quantserve.com/quant.js?https_upg=1
Date: Mon, 17 Feb 2020 14:35:11 GMT
Cache-Control: private, no-transform, max-age=86400
Server: QS
Connection: keep-alive
Content-Length: 0
Expires: Tue, 18 Feb 2020 14:35:11 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-4fcbb0414b3d9e9d/ 1 KB
674 B 209ms
208ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-4fcbb0414b3d9e9d/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3451f26a836acb1af177f2cbebba4570190e41943f59fbdc5d360f3d33628286

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 14:35:12 GMT
content-encoding: gzip
etag: 1756799755--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=55, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 498

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
369 B 115ms
67ms XHR
text/javascript 143.204.90.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fpaletton.com%2F&pid=jAQiCOtSrZfXL&cb=0&ws=1600x1200&v=7.47.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%2C%22120x240%22%2C%22120x654%22%5D%2C%22sn%22%3A%22232881841%2FPALET_2_120X654_Right%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%2C%22120x240%22%2C%22120x654%22%5D%2C%22sn%22%3A%22232881841%2FPALET_2_120X654_Left%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22320x50%22%2C%22320x100%22%5D%2C%22sn%22%3A%22232881841%2FPALET_2_970v%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22320x50%22%2C%22320x100%22%5D%2C%22sn%22%3A%22232881841%2FPALET_1_970v%22%7D%5D&cfgv=0&pubid=aae5fce7-148c-42d1-b4a2-3be1a1ffbd25&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.90.242 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-90-242.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 17 Feb 2020 14:35:11 GMT
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://paletton.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: L4Lsq99OkTCQtvZ3lmCT5fTMKF-cX4w9Z29XRb3zrWVPkx2kbOc0gQ==

GET
H/1.1 200
OK aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 292ms
27ms XHR
application/javascript 143.204.90.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Server: 143.204.90.242 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-90-242.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Origin: http://paletton.com
Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 13:07:39 GMT
Content-Encoding: gzip
Vary: Origin
Age: 5254
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 08 Jan 2020 04:09:03 GMT
Server: AmazonS3
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: 0vuInIxDxFVvZWznJGsbc9v84plzdTkXGsAk8Hthm-PPLp_lkX8R2Q==

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 555F 0
0 134ms
134ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3730271461974795&output=html&h=15&slotname=3692792068&adk=945085698&adf=2671766170&w=728&lmt=1573463324&psa=0&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fpaletton.com%2F&flash=0&wgl=1&adsid=NT&dt=1581950111752&bpp=17&bdt=848&fdt=153&idt=153&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6588269858399&frm=20&pv=2&ga_vid=1591886775.1581950112&ga_sid=1581950112&ga_hid=127874135&ga_fc=0&iag=0&icsg=34376512160&dssz=33&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=391&ady=245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=1006780386306090&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&xpc=cJmvyOvMgG&p=http%3A//paletton.com&dtd=168

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3730271461974795&output=html&h=15&slotname=3692792068&adk=945085698&adf=2671766170&w=728&lmt=1573463324&psa=0&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fpaletton.com%2F&flash=0&wgl=1&adsid=NT&dt=1581950111752&bpp=17&bdt=848&fdt=153&idt=153&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6588269858399&frm=20&pv=2&ga_vid=1591886775.1581950112&ga_sid=1581950112&ga_hid=127874135&ga_fc=0&iag=0&icsg=34376512160&dssz=33&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=391&ady=245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=1006780386306090&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&xpc=cJmvyOvMgG&p=http%3A//paletton.com&dtd=168
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://paletton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://paletton.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 17 Feb 2020 14:35:12 GMT
server: cafe
content-length: 5563
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 17-Feb-2020 14:50:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Mon, 17 Feb 2020 14:35:12 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 14:35:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27884
x-xss-protection: 0
expires: Mon, 17 Feb 2020 14:35:11 GMT

GET
H2

302

ADTECH;apid=1Ab44a1b16-5192-11ea-b950-12724de64e5e;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=922607fc2e1f7e8;misc=1581950111713 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082489/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082489/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=922607fc2e1f7e8;misc=1581950111713
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082489/0/0/ADTECH;apid=1Ab44a1b16-5192-11ea-b950-12724de64e5e;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=922607fc2e1f7e8;misc=15...

0
-1 B

111ms
111ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082489/0/0/ADTECH;apid=1Ab44a1b16-5192-11ea-b950-12724de64e5e;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=922607fc2e1f7e8;misc=1581950111713
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: nginx
access-control-allow-origin: http://paletton.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082489/0/0/ADTECH;apid=1Ab44a1b16-5192-11ea-b950-12724de64e5e;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=922607fc2e1f7e8;misc=1581950111713
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082489/0/0/ADTECH;apid=1Ab44a1b16-5192-11ea-b950-12724de64e5e;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=922607fc2e1f7e8;misc=1581950111713
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;apid=1Ab449e9ac-5192-11ea-b235-126de4777bf4;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=88fc342031cd19c;misc=1581950111712 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=88fc342031cd19c;misc=1581950111712
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;apid=1Ab449e9ac-5192-11ea-b235-126de4777bf4;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=88fc342031cd19c;misc=15...

0
-1 B

110ms
110ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;apid=1Ab449e9ac-5192-11ea-b235-126de4777bf4;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=88fc342031cd19c;misc=1581950111712
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: nginx
access-control-allow-origin: http://paletton.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;apid=1Ab449e9ac-5192-11ea-b235-126de4777bf4;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=88fc342031cd19c;misc=1581950111712
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;apid=1Ab449e9ac-5192-11ea-b235-126de4777bf4;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=88fc342031cd19c;misc=1581950111712
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;apid=1Ab44a5c34-5192-11ea-a94b-12ae2f50edf6;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=910b3bddca11de6;misc=1581950111713 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=910b3bddca11de6;misc=1581950111713
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;apid=1Ab44a5c34-5192-11ea-a94b-12ae2f50edf6;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=910b3bddca11de6;misc=15...

0
-1 B

113ms
112ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;apid=1Ab44a5c34-5192-11ea-a94b-12ae2f50edf6;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=910b3bddca11de6;misc=1581950111713
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: nginx
access-control-allow-origin: http://paletton.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;apid=1Ab44a5c34-5192-11ea-a94b-12ae2f50edf6;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=910b3bddca11de6;misc=1581950111713
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;apid=1Ab44a5c34-5192-11ea-a94b-12ae2f50edf6;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=910b3bddca11de6;misc=1581950111713
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;apid=1Ab44a401e-5192-11ea-bb6c-1283af18fee8;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=903a3386240ee3e;misc=1581950111712 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082627/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082627/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=903a3386240ee3e;misc=1581950111712
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082627/0/0/ADTECH;apid=1Ab44a401e-5192-11ea-bb6c-1283af18fee8;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=903a3386240ee3e;misc=15...

0
-1 B

111ms
111ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082627/0/0/ADTECH;apid=1Ab44a401e-5192-11ea-bb6c-1283af18fee8;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=903a3386240ee3e;misc=1581950111712
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: nginx
access-control-allow-origin: http://paletton.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082627/0/0/ADTECH;apid=1Ab44a401e-5192-11ea-bb6c-1283af18fee8;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=903a3386240ee3e;misc=1581950111712
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082627/0/0/ADTECH;apid=1Ab44a401e-5192-11ea-bb6c-1283af18fee8;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=903a3386240ee3e;misc=1581950111712
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;apid=1Ab449d908-5192-11ea-b728-1200a56dfbc2;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=931c0b44626ee62;misc=1581950111713 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082628/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082628/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=931c0b44626ee62;misc=1581950111713
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082628/0/0/ADTECH;apid=1Ab449d908-5192-11ea-b728-1200a56dfbc2;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=931c0b44626ee62;misc=15...

0
-1 B

108ms
108ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082628/0/0/ADTECH;apid=1Ab449d908-5192-11ea-b728-1200a56dfbc2;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=931c0b44626ee62;misc=1581950111713
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: nginx
access-control-allow-origin: http://paletton.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082628/0/0/ADTECH;apid=1Ab449d908-5192-11ea-b728-1200a56dfbc2;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=931c0b44626ee62;misc=1581950111713
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082628/0/0/ADTECH;apid=1Ab449d908-5192-11ea-b728-1200a56dfbc2;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=931c0b44626ee62;misc=1581950111713
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;apid=1Ab449ad70-5192-11ea-9d3c-120d915f11b6;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=89d400c3cee5a2f;misc=1581950111712 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082493/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082493/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=89d400c3cee5a2f;misc=1581950111712
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082493/0/0/ADTECH;apid=1Ab449ad70-5192-11ea-9d3c-120d915f11b6;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=89d400c3cee5a2f;misc=15...

0
-1 B

106ms
106ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082493/0/0/ADTECH;apid=1Ab449ad70-5192-11ea-9d3c-120d915f11b6;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=89d400c3cee5a2f;misc=1581950111712
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: nginx
access-control-allow-origin: http://paletton.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082493/0/0/ADTECH;apid=1Ab449ad70-5192-11ea-9d3c-120d915f11b6;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=89d400c3cee5a2f;misc=1581950111712
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082493/0/0/ADTECH;apid=1Ab449ad70-5192-11ea-9d3c-120d915f11b6;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=89d400c3cee5a2f;misc=1581950111712
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;apid=1Ab4712062-5192-11ea-8e99-12bf277b9278;cfp=1;rndc=1581950112;v=2;cmd=bid;cors=yes;alias=9755fa31ee1ac24;misc=1581950111713 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082488/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082488/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=9755fa31ee1ac24;misc=1581950111713
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082488/0/0/ADTECH;apid=1Ab4712062-5192-11ea-8e99-12bf277b9278;cfp=1;rndc=1581950112;v=2;cmd=bid;cors=yes;alias=9755fa31ee1ac24;misc=15...

0
-1 B

365ms
365ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082488/0/0/ADTECH;apid=1Ab4712062-5192-11ea-8e99-12bf277b9278;cfp=1;rndc=1581950112;v=2;cmd=bid;cors=yes;alias=9755fa31ee1ac24;misc=1581950111713
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: nginx
access-control-allow-origin: http://paletton.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082488/0/0/ADTECH;apid=1Ab4712062-5192-11ea-8e99-12bf277b9278;cfp=1;rndc=1581950112;v=2;cmd=bid;cors=yes;alias=9755fa31ee1ac24;misc=1581950111713
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082488/0/0/ADTECH;apid=1Ab4712062-5192-11ea-8e99-12bf277b9278;cfp=1;rndc=1581950112;v=2;cmd=bid;cors=yes;alias=9755fa31ee1ac24;misc=1581950111713
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;apid=1Ab449dc28-5192-11ea-be94-12795fd23bd8;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=957e7c066ef5688;misc=1581950111713 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082491/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082491/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=957e7c066ef5688;misc=1581950111713
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082491/0/0/ADTECH;apid=1Ab449dc28-5192-11ea-be94-12795fd23bd8;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=957e7c066ef5688;misc=15...

0
-1 B

107ms
107ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082491/0/0/ADTECH;apid=1Ab449dc28-5192-11ea-be94-12795fd23bd8;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=957e7c066ef5688;misc=1581950111713
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: nginx
access-control-allow-origin: http://paletton.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082491/0/0/ADTECH;apid=1Ab449dc28-5192-11ea-be94-12795fd23bd8;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=957e7c066ef5688;misc=1581950111713
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082491/0/0/ADTECH;apid=1Ab449dc28-5192-11ea-be94-12795fd23bd8;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=957e7c066ef5688;misc=1581950111713
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;apid=1Ab44a2156-5192-11ea-99ad-122675b00be4;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=96dc8b07eff58df;misc=1581950111713 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082490/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082490/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=96dc8b07eff58df;misc=1581950111713
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082490/0/0/ADTECH;apid=1Ab44a2156-5192-11ea-99ad-122675b00be4;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=96dc8b07eff58df;misc=15...

0
-1 B

106ms
106ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082490/0/0/ADTECH;apid=1Ab44a2156-5192-11ea-99ad-122675b00be4;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=96dc8b07eff58df;misc=1581950111713
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: nginx
access-control-allow-origin: http://paletton.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082490/0/0/ADTECH;apid=1Ab44a2156-5192-11ea-99ad-122675b00be4;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=96dc8b07eff58df;misc=1581950111713
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082490/0/0/ADTECH;apid=1Ab44a2156-5192-11ea-99ad-122675b00be4;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=96dc8b07eff58df;misc=1581950111713
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;apid=1Ab44a59aa-5192-11ea-89f4-121ea8d7377c;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=94550dd2de02ef2;misc=1581950111713 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082494/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082494/0/0/ADTECH;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=94550dd2de02ef2;misc=1581950111713
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082494/0/0/ADTECH;apid=1Ab44a59aa-5192-11ea-89f4-121ea8d7377c;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=94550dd2de02ef2;misc=15...

0
-1 B

108ms
107ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082494/0/0/ADTECH;apid=1Ab44a59aa-5192-11ea-89f4-121ea8d7377c;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=94550dd2de02ef2;misc=1581950111713
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: nginx
access-control-allow-origin: http://paletton.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082494/0/0/ADTECH;apid=1Ab44a59aa-5192-11ea-89f4-121ea8d7377c;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=94550dd2de02ef2;misc=1581950111713
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082494/0/0/ADTECH;apid=1Ab44a59aa-5192-11ea-89f4-121ea8d7377c;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=94550dd2de02ef2;misc=1581950111713
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 2046 0
0 52ms
52ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3730271461974795&output=html&adk=1812271804&adf=3025194257&lmt=1573463324&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fpaletton.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1581950111830&bpp=6&bdt=926&fdt=139&idt=139&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=3692792068&nras=1&correlator=6588269858399&frm=20&pv=1&ga_vid=1591886775.1581950112&ga_sid=1581950112&ga_hid=127874135&ga_fc=0&iag=0&icsg=35218748600992&dssz=34&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=1006780386306090&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&dtd=144

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3730271461974795&output=html&adk=1812271804&adf=3025194257&lmt=1573463324&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fpaletton.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1581950111830&bpp=6&bdt=926&fdt=139&idt=139&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=3692792068&nras=1&correlator=6588269858399&frm=20&pv=1&ga_vid=1591886775.1581950112&ga_sid=1581950112&ga_hid=127874135&ga_fc=0&iag=0&icsg=35218748600992&dssz=34&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=1006780386306090&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&dtd=144
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://paletton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://paletton.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 17 Feb 2020 14:35:12 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 17-Feb-2020 14:50:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Mon, 17 Feb 2020 14:35:12 GMT
cache-control: private

GET
H2

200

/ Show response
ajaxhttpheaders2.appspot.com/
Redirect Chain

http://ajaxhttpheaders.appspot.com/?callback=jQuery210012371402609862314_1581950111426&_=1581950111427
https://ajaxhttpheaders2.appspot.com/?callback=jQuery210012371402609862314_1581950111426

658 B
764 B

260ms
127ms

Script
application/javascript

2a00:1450:4001:81f::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ajaxhttpheaders2.appspot.com/?callback=jQuery210012371402609862314_1581950111426
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 24cc20eb5e732bccb2b298c085756d3a083a9c56d4fa05b26af0f3902b915bf4

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 17 Feb 2020 14:35:12 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
x-cloud-trace-context: 9a67a0624b8945f4fcd4d7818beef744
cache-control: no-cache
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 449

Redirect headers

Date: Mon, 17 Feb 2020 14:35:12 GMT
Content-Encoding: gzip
Server: Google Frontend
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Location: https://ajaxhttpheaders2.appspot.com?callback=jQuery210012371402609862314_1581950111426
X-Cloud-Trace-Context: 95cf2dc33913a29e5def64507146c209
Cache-Control: private
Content-Length: 125

GET
H2 200 layers.ab5cd98fe1b9a38a4a9f.js Show response
s7.addthis.com/static/ 263 KB
76 KB 30ms
29ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.ab5cd98fe1b9a38a4a9f.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 14:16:17 GMT
server: nginx/1.15.8
etag: W/"5d823c31-41b9f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Mon, 17 Feb 2020 14:35:12 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77528

GET
H2 200 ADTECH;apid=1Ab449ad70-5192-11ea-9d3c-120d915f11b6;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=89d400c3cee5a2f;misc=1581950111712 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082493/0/0/ 606 B
737 B 171ms
170ms XHR
application/json 152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082493/0/0/ADTECH;apid=1Ab449ad70-5192-11ea-9d3c-120d915f11b6;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=89d400c3cee5a2f;misc=1581950111712
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 9cc027948842b7ec5f1bcc45a5cfd795efe293b8c238aff5208a5b80d2efa906

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 606
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;apid=1Ab449d908-5192-11ea-b728-1200a56dfbc2;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=931c0b44626ee62;misc=1581950111713 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082628/0/0/ 605 B
736 B 400ms
398ms XHR
application/json 152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082628/0/0/ADTECH;apid=1Ab449d908-5192-11ea-b728-1200a56dfbc2;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=931c0b44626ee62;misc=1581950111713
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: b54c1b5e6d890a225aecec44900fc681584b1d857ea55875aa964cfc6fca42f3

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 605
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;apid=1Ab449dc28-5192-11ea-be94-12795fd23bd8;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=957e7c066ef5688;misc=1581950111713 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082491/0/0/ 604 B
735 B 140ms
138ms XHR
application/json 152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082491/0/0/ADTECH;apid=1Ab449dc28-5192-11ea-be94-12795fd23bd8;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=957e7c066ef5688;misc=1581950111713
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 020d7c2c7814d3cef2f88c6d47d2e5d7d9567e68d81793b3b934795cc176adb4

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 604
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;apid=1Ab449e9ac-5192-11ea-b235-126de4777bf4;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=88fc342031cd19c;misc=1581950111712 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ 606 B
737 B 149ms
148ms XHR
application/json 152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;apid=1Ab449e9ac-5192-11ea-b235-126de4777bf4;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=88fc342031cd19c;misc=1581950111712
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 2decbd876939b0b940cb5d7636ebc31931d7f40dc38954d1f2e12c1554a39942

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 606
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;apid=1Ab44a1b16-5192-11ea-b950-12724de64e5e;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=922607fc2e1f7e8;misc=1581950111713 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082489/0/0/ 606 B
737 B 143ms
142ms XHR
application/json 152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082489/0/0/ADTECH;apid=1Ab44a1b16-5192-11ea-b950-12724de64e5e;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=922607fc2e1f7e8;misc=1581950111713
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 78f8576adbc1a45958e8e81f28d5d1b87baf961e9fe6d1f3fdae9902a0ea7f40

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 606
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;apid=1Ab44a2156-5192-11ea-99ad-122675b00be4;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=96dc8b07eff58df;misc=1581950111713 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082490/0/0/ 606 B
761 B 136ms
136ms XHR
application/json 152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082490/0/0/ADTECH;apid=1Ab44a2156-5192-11ea-99ad-122675b00be4;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=96dc8b07eff58df;misc=1581950111713
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: da6f3590ab76e27ef219fb9914de30b50b8e21da18fa00a07aac35762f107929

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 606
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;apid=1Ab44a401e-5192-11ea-bb6c-1283af18fee8;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=903a3386240ee3e;misc=1581950111712 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082627/0/0/ 606 B
737 B 137ms
137ms XHR
application/json 152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082627/0/0/ADTECH;apid=1Ab44a401e-5192-11ea-bb6c-1283af18fee8;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=903a3386240ee3e;misc=1581950111712
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 482485ca0a18e184c8aad916ff16d779e7e901cdbb89621b0a578a9e9e26fa6a

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 606
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;apid=1Ab44a59aa-5192-11ea-89f4-121ea8d7377c;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=94550dd2de02ef2;misc=1581950111713 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082494/0/0/ 605 B
736 B 136ms
136ms XHR
application/json 152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082494/0/0/ADTECH;apid=1Ab44a59aa-5192-11ea-89f4-121ea8d7377c;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=94550dd2de02ef2;misc=1581950111713
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 6b38924eaf240be5dc69da86f6241f948331fa8e8fd373b5a08a7feccf27c2de

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 605
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;apid=1Ab44a5c34-5192-11ea-a94b-12ae2f50edf6;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=910b3bddca11de6;misc=1581950111713 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ 606 B
737 B 139ms
139ms XHR
application/json 152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;apid=1Ab44a5c34-5192-11ea-a94b-12ae2f50edf6;cfp=1;rndc=1581950111;v=2;cmd=bid;cors=yes;alias=910b3bddca11de6;misc=1581950111713
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: dc61e9970853f2757ef73d02ad4b8eea174a3e1f28b4a5ee77103b0114c3525c

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 606
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

200

rules-p-2BE0Kd0wKmfYD.js Show response
rules.quantcount.com/
Redirect Chain

http://rules.quantcount.com/rules-p-2BE0Kd0wKmfYD.js
https://rules.quantcount.com/rules-p-2BE0Kd0wKmfYD.js

3 B
356 B

30ms
7ms

Script
application/x-javascript

2600:9000:2156:b200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-2BE0Kd0wKmfYD.js
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:b200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sun, 16 Feb 2020 19:50:58 GMT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 19:47:59 GMT
server: AmazonS3
age: 67455
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: 2Y1-5X0H2BXHs2aJpPoP9yshaNvdGo9_f0XDUFJ_Pi1TzK4tvym1hA==

Redirect headers

Date: Mon, 17 Feb 2020 14:35:12 GMT
Via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://rules.quantcount.com/rules-p-2BE0Kd0wKmfYD.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: 168xjdJzxbLNOAZyUkEA9myW0qnZ-FR3knl0utUuMAWyjALrLWmyCA==

GET
H2 200 ADTECH;apid=1Ab4712062-5192-11ea-8e99-12bf277b9278;cfp=1;rndc=1581950112;v=2;cmd=bid;cors=yes;alias=9755fa31ee1ac24;misc=1581950111713 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082488/0/0/ 606 B
737 B 157ms
156ms XHR
application/json 152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082488/0/0/ADTECH;apid=1Ab4712062-5192-11ea-8e99-12bf277b9278;cfp=1;rndc=1581950112;v=2;cmd=bid;cors=yes;alias=9755fa31ee1ac24;misc=1581950111713
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: efab5780ccb906d347ca4db2d1422ede57f92fa867eb3530a1e7cce897f65c06

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:12 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 606
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1

200
OK

pixel
pixel.quantserve.com/
Redirect Chain

http://pixel.quantserve.com/pixel;r=545498096;rf=0;a=p-2BE0Kd0wKmfYD;url=http%3A%2F%2Fpaletton.com%2F;fpan=1;fpa=P0-1465918661-1581950112334;ns=0;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=;ref=;je=0;...
https://pixel.quantserve.com/pixel?https_upg=1&r=545498096;rf=0;a=p-2BE0Kd0wKmfYD;url=http%3A%2F%2Fpaletton.com%2F;fpan=1;fpa=P0-1465918661-1581950112334;ns=0;ce=1;qjs=1;qv=0e9a7da-20191205140709;c...

35 B
658 B

126ms
36ms

Image
image/gif

91.228.74.148
QUANTCAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel?https_upg=1&r=545498096;rf=0;a=p-2BE0Kd0wKmfYD;url=http%3A%2F%2Fpaletton.com%2F;fpan=1;fpa=P0-1465918661-1581950112334;ns=0;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1581950112334;tzo=-60;ogl=

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.148 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Feb 2020 14:35:12 GMT
Server: QS
Strict-Transport-Security: max-age=86400
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Location: https://pixel.quantserve.com/pixel?https_upg=1&r=545498096;rf=0;a=p-2BE0Kd0wKmfYD;url=http%3A%2F%2Fpaletton.com%2F;fpan=1;fpa=P0-1465918661-1581950112334;ns=0;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1581950112334;tzo=-60;ogl=
Date: Mon, 17 Feb 2020 14:35:12 GMT
Cache-Control: private, no-transform, max-age=86400
Server: QS
Connection: keep-alive
Content-Length: 0
Expires: Tue, 18 Feb 2020 14:35:12 GMT

GET
H/1.1 200
OK default.html Show response
paletton.com/preview/ Frame 007F 3 KB
1 KB 340ms
189ms Document
text/html 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://paletton.com/preview/default.html
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: ce339d9a4b54d3059f621cfe4e76235aa61312b6e28895a02b409ce2493b7f03

Request headers

Host: paletton.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://paletton.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: OptanonConsent=landingPath=http%3A%2F%2Fpaletton.com%2F&datestamp=Mon+Feb+17+2020+15%3A35%3A11+GMT%2B0100+(Central+European+Standard+Time)&version=4.9.0&EU=true; _aaw_sesdepth=1; _pubcid=50423b1b-65a4-4b20-a501-58fb2cf06b49; __atuvc=1%7C8; __atuvs=5e4aa49fe7332425000; _ga=GA1.2.1591886775.1581950112; _gid=GA1.2.1865696587.1581950112; testcookie=1; Paletton=%7B%22LNG%22%3A%22en%22%2C%22PRV%22%3A%22def%22%7D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Referer: http://paletton.com/

Response headers

Date: Mon, 17 Feb 2020 14:35:12 GMT
Server: Apache
Last-Modified: Thu, 31 Jul 2014 12:29:29 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 776
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK bg-pane.png
paletton.com/img/ 351 B
646 B 189ms
189ms Image
image/png 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://paletton.com/img/bg-pane.png
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 03a81e8d1eb1ade2a13d541d80ef1919d56b30e7839773c26f6ab84928ba06be

Request headers

Referer: http://paletton.com/css/css/default2.css?v=20180422-2
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:12 GMT
Last-Modified: Wed, 16 Apr 2014 13:20:46 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 351

GET
H/1.1 200
OK ui-bg_flat_0_282828_40x100.png
paletton.com/css/jqui/images/ 230 B
525 B 204ms
203ms Image
image/png 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://paletton.com/css/jqui/images/ui-bg_flat_0_282828_40x100.png
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 2a11c3cacfbded7041489b3c0e3656c809c54ea434ba85f0b5b1c3a814238632

Request headers

Referer: http://paletton.com/css/jqui/jquery-ui-1.10.4.custom.css
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:12 GMT
Last-Modified: Mon, 14 Apr 2014 02:05:56 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71
Content-Length: 230

GET
H/1.1 200
OK ui-bg_glass_0_303030_1x400.png
paletton.com/css/jqui/images/ 207 B
502 B 192ms
191ms Image
image/png 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://paletton.com/css/jqui/images/ui-bg_glass_0_303030_1x400.png
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 39067599e3398209915689830a0ae6562c493905b2ba52e4e4f51e62d7f69f13

Request headers

Referer: http://paletton.com/css/jqui/jquery-ui-1.10.4.custom.css
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:12 GMT
Last-Modified: Mon, 14 Apr 2014 02:05:59 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 207

GET
H/1.1 200
OK wheel_1.png
paletton.com/img/ 19 KB
20 KB 198ms
197ms Image
image/png 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://paletton.com/img/wheel_1.png
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: f0450e0d9069c0dc6ca8ae95f039f5e804fd7677abb488539a501c75a2937452

Request headers

Referer: http://paletton.com/css/css/default2.css?v=20180422-2
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:12 GMT
Last-Modified: Mon, 14 Apr 2014 02:06:43 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 19680

GET
H/1.1 200
OK wheel_2.png
paletton.com/img/ 18 KB
18 KB 197ms
197ms Image
image/png 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://paletton.com/img/wheel_2.png
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 6679c20efcce098f1228e4cedf3021692f0b284115b040dda592bd0173ff8739

Request headers

Referer: http://paletton.com/css/css/default2.css?v=20180422-2
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:12 GMT
Last-Modified: Mon, 14 Apr 2014 02:06:45 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 18313

GET
H/1.1 200
OK wheel_3.png
paletton.com/img/ 20 KB
20 KB 187ms
186ms Image
image/png 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://paletton.com/img/wheel_3.png
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 3e83640841db25203191361f884ae3396f0ca41611d61c83e7b7f8ecbbff59ba

Request headers

Referer: http://paletton.com/css/css/default2.css?v=20180422-2
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:12 GMT
Last-Modified: Mon, 14 Apr 2014 02:06:49 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 20045

GET
H/1.1 200
OK wheel_4.png
paletton.com/img/ 18 KB
18 KB 374ms
184ms Image
image/png 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://paletton.com/img/wheel_4.png
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: cadb948cbbfeee8fce2ae36727c6fabc3fdd55ff4fc10998553a1b8e2e72a963

Request headers

Referer: http://paletton.com/css/css/default2.css?v=20180422-2
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:12 GMT
Last-Modified: Mon, 14 Apr 2014 02:06:52 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 18489

GET
H/1.1 200
OK wheel-over.png
paletton.com/img/ 7 KB
7 KB 379ms
191ms Image
image/png 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://paletton.com/img/wheel-over.png
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: c5dc61f3b52dd55dd71e5e57efbf5e2d9273654abc821aa419043f054d9e6b66

Request headers

Referer: http://paletton.com/css/css/default2.css?v=20180422-2
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:12 GMT
Last-Modified: Fri, 22 Aug 2014 11:12:28 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=70
Content-Length: 7324

GET
H/1.1 200
OK eye.png
paletton.com/img/ 373 B
668 B 197ms
191ms Image
image/png 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://paletton.com/img/eye.png
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: b591532ea43780c27ee2f59079c4ad5f0389197b204c6ce269c8591db9681cdd

Request headers

Referer: http://paletton.com/css/css/default2.css?v=20180422-2
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:12 GMT
Last-Modified: Mon, 14 Apr 2014 02:06:28 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 373

GET
H2

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j81&a=127874135&t=pageview&_s=1&dl=http%3A%2F%2Fpaletton.com%2F&dp=%2Fview%2Fdefault&ul=en-us&de=UTF-8&dt=App%20(default)&sd=24-bit&sr=1600x1200&vp=16...
https://www.google-analytics.com/collect?v=1&_v=j81&a=127874135&t=pageview&_s=1&dl=http%3A%2F%2Fpaletton.com%2F&dp=%2Fview%2Fdefault&ul=en-us&de=UTF-8&dt=App%20(default)&sd=24-bit&sr=1600x1200&vp=1...

35 B
109 B

6ms
6ms

Image
image/gif

2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=127874135&t=pageview&_s=1&dl=http%3A%2F%2Fpaletton.com%2F&dp=%2Fview%2Fdefault&ul=en-us&de=UTF-8&dt=App%20(default)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KChAgAAB~&jid=195036291&gjid=896594991&cid=1591886775.1581950112&tid=UA-51179325-1&_gid=1865696587.1581950112&cd1=en&cd2=mono&cd3=&z=480399899

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 17:03:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1114326
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j81&a=127874135&t=pageview&_s=1&dl=http%3A%2F%2Fpaletton.com%2F&dp=%2Fview%2Fdefault&ul=en-us&de=UTF-8&dt=App%20(default)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KChAgAAB~&jid=195036291&gjid=896594991&cid=1591886775.1581950112&tid=UA-51179325-1&_gid=1865696587.1581950112&cd1=en&cd2=mono&cd3=&z=480399899
Non-Authoritative-Reason: HSTS

GET
H2 200 collect
stats.g.doubleclick.net/r/ 35 B
102 B 15ms
15ms Image
image/gif 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-51179325-1&cid=1591886775.1581950112&jid=195036291&gjid=896594991&_gid=1865696587.1581950112&_u=KChAgAAB~&z=225749351

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Mon, 17 Feb 2020 14:35:12 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 43 KB
15 KB 20ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da5938edc872a3bb592689c64b4e09e5dad48fe5f280fc714636a0c405bcc0a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "430 / 751 of 1000 / last-modified: 1581701607"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 14535
X-XSS-Protection: 0
Expires: Mon, 17 Feb 2020 14:35:12 GMT

GET
H2 200 pubads_impl_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ 167 KB
61 KB 105ms
56ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

06349254c3a3832ea81973863ce5873ab441c1b8006ee1cb553425d152fabf88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 14:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62230
x-xss-protection: 0
expires: Mon, 17 Feb 2020 14:35:12 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 104 KB
17 KB 427ms
427ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1006780386306090&correlator=3064196616814241&output=ldjh&impl=fifs&adsid=NT&eid=21065305&vrg=2020013001&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200217&iu_parts=232881841%2CPALET_1_970v%2CPALET_2_970v%2CPALET_2_120X654_Left%2CPALET_2_120X654_Right&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=320x50%7C728x90%7C970x90%7C320x50%7C320x100%2C320x50%7C728x90%7C970x90%7C320x50%7C320x100%2C320x50%7C160x600%7C120x240%7C120x654%2C320x50%7C160x600%7C120x240%7C120x654&fluid=height%2Cheight%2Cheight%2Cheight&prev_scp=nogoogle%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cnogoogle%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cnogoogle%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cnogoogle%3Dfalse%26amznbid%3D2%26amznp%3D2&cust_params=referrer%3D_none%26refreshIteration%3D0%26refresh_count%3D0%26sesDepth%3D1%26roxot-group-id%3D10001%26roxot-sector-id%3D101%26roxot-deep%3D101%26roxot-event-group-id%3D35%26roxot-event%3D38%26roxot-event-deep%3D41%26roxot-minutes%3D35%26roxot-hours%3D14%26roxot-day%3D1%26adxTest%3DId&cookie_enabled=1&bc=23&abxe=1&lmt=1573463324&dt=1581950112700&dlt=1581950110904&idt=1777&frm=20&biw=1600&bih=1200&oid=3&adxs=110%2C325%2C1295%2C145&adys=10%2C825%2C125%2C125&adks=2191718088%2C127599192%2C2713070885%2C798936416&ucis=1%7C2%7C3%7C4&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&dssz=37&icsg=563499977615520&std=0&vis=1&scr_x=0&scr_y=0&psz=1490x25%7C950x25%7C160x600%7C160x600&msz=1490x90%7C950x90%7C160x600%7C160x600&ga_vid=1591886775.1581950112&ga_sid=1581950112&ga_hid=127874135&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

0b8d30406abfe35cba0695b2af0dfbeb1521ec0d937bea77d9007de022339086

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 17 Feb 2020 14:35:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16426
x-xss-protection: 0
google-lineitem-id: -1,-1,4877791424,4923115386
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,138259530998,138265217286
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://paletton.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ 66 KB
24 KB 56ms
56ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

ebe54c2b4cdb3fc0bd7bd45b2ce574428f0e970bdd1e9395f50916bce1628cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 14:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24903
x-xss-protection: 0
expires: Mon, 17 Feb 2020 14:35:12 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H/1.1 200
OK jquery-ui-1.10.4.custom.css
paletton.com/css/jqui/ Frame 007F 31 KB
8 KB 201ms
199ms Stylesheet
text/css 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://paletton.com/css/jqui/jquery-ui-1.10.4.custom.css
Requested by: Host: paletton.com
URL: http://paletton.com/preview/default.html
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 9275fc6aca0d205550d5dac655167f97ab867ac8d9daf3d809168a0cb1367e95

Request headers

Referer: http://paletton.com/preview/default.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Apr 2014 02:06:09 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71
Content-Length: 7455

GET
H/1.1 200
OK common.css
paletton.com/preview/ Frame 007F 183 B
476 B 194ms
193ms Stylesheet
text/css 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://paletton.com/preview/common.css
Requested by: Host: paletton.com
URL: http://paletton.com/preview/default.html
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 0044309d787293331cf7c18367115d0126a51f6a4107ea8479fcef7c4c091f58

Request headers

Referer: http://paletton.com/preview/default.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Jul 2014 12:29:27 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 135

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.0/ Frame 007F 82 KB
29 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js

Requested by

Host: paletton.com
URL: http://paletton.com/preview/default.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/preview/default.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Fri, 31 Jan 2020 00:30:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 1519506
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 29478
X-XSS-Protection: 0
Expires: Sat, 30 Jan 2021 00:30:06 GMT

GET
H/1.1 200
OK jquery-ui-1.10.4.custom.min.js Show response
paletton.com/js/lib/ Frame 007F 223 KB
80 KB 214ms
201ms Script
application/javascript 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://paletton.com/js/lib/jquery-ui-1.10.4.custom.min.js
Requested by: Host: paletton.com
URL: http://paletton.com/preview/default.html
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 9a21963af0fc87d11e1deac7b030915e75fddf4378d2fa2eb55b8d6f6f453b44

Request headers

Referer: http://paletton.com/preview/default.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Apr 2014 02:08:15 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600, public, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72

GET
H/1.1 200
OK init.js Show response
paletton.com/preview/ Frame 007F 692 B
736 B 212ms
195ms Script
application/javascript 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://paletton.com/preview/init.js
Requested by: Host: paletton.com
URL: http://paletton.com/preview/default.html
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: ee821f0f1edcccad109280a2ae9279957f8373d81b612421c3a263f280de5444

Request headers

Referer: http://paletton.com/preview/default.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Jul 2014 12:29:30 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71
Content-Length: 381

GET
H/1.1 200
OK / Show response
graph.facebook.com/ 223 B
883 B 54ms
47ms Script
text/javascript 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: http://graph.facebook.com/?id=http%3A%2F%2Fpaletton.com%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_d32r0
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: HTTP/1.1
Server: 2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 62b16e452b8d01877512f973bdb2fbd045d7abe157e5dfcdc788af12b841c508

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:12 GMT
Content-Encoding: gzip
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
x-fb-rev: 1001721132
Connection: keep-alive
Alt-Svc: h3-24=":443"; ma=3600
Content-Length: 169
Pragma: no-cache
X-FB-Debug: YrYAJpjatZFnNtQ8+I1ZdMzC/HpLKxF2+8q6dWJM1ST2s9HgJowhvD5GlX6wiSlhEMEduTZ68tyXXYirchTDMA==
x-fb-trace-id: C83gv2g6uM2
ETag: "5c57718ebc3856ba24872b7f044d7ce941d2c1fa"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
x-fb-request-id: AEl0tL_cC4QarfKH8Yg9m7s
Cache-Control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.12
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

shares.json Show response
api-public-oci-origin.addthis.com/url/
Redirect Chain

http://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fpaletton.com%2F&callback=_ate.cbs.rcb_2as90
https://api-public-oci-origin.addthis.com/url/shares.json?url=http%3A%2F%2Fpaletton.com%2F&callback=_ate.cbs.rcb_2as90

36 B
288 B

2576ms
2269ms

Script
application/json

129.146.196.240
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public-oci-origin.addthis.com/url/shares.json?url=http%3A%2F%2Fpaletton.com%2F&callback=_ate.cbs.rcb_2as90

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.146.196.240 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

nginx/1.15.8 /

Resource Hash

043d10838d5d7f914382d256d4f58b44ff2bc3f5103c61bcc93f3dfe52f6a699

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 17 Feb 2020 14:35:15 GMT
surrogate-key: paletton.com/
last-modified: Mon, 17 Feb 2020 14:35:15 GMT
server: nginx/1.15.8
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 36

Redirect headers

Location: https://api-public-oci-origin.addthis.com/url/shares.json?url=http%3A%2F%2Fpaletton.com%2F&callback=_ate.cbs.rcb_2as90
Date: Mon, 17 Feb 2020 14:35:13 GMT
Server: nginx/1.15.8
Connection: keep-alive
Content-Length: 171
Content-Type: text/html

GET
H/1.1 200
OK / Show response
graph.facebook.com/ 222 B
881 B 103ms
97ms Script
text/javascript 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: http://graph.facebook.com/?id=https%3A%2F%2Fpaletton.com%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_2er00
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: HTTP/1.1
Server: 2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 411b3b6cd8d439beb0ff23e362f6e88f7bb2b64ee65f8b67a0dc5c901c2c8049

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:13 GMT
Content-Encoding: gzip
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
x-fb-rev: 1001721132
Connection: keep-alive
Alt-Svc: h3-24=":443"; ma=3600
Content-Length: 167
Pragma: no-cache
X-FB-Debug: MkyRimW6vw8y/79HKO0TS7Ihcb4Uu8IjJJVCFpr50kSMFu7caZiJt1SFiwE7bfhtgWuRJrqwO2S2Nvsp+dhJQA==
x-fb-trace-id: EGB8DFmOMae
ETag: "456453e0c08caa7f048f339cf7c6ab82c3fbcbd9"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
x-fb-request-id: A3zxVBtQJr-hfcUOJCFpGs9
Cache-Control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.12
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

shares.json Show response
api-public-oci-origin.addthis.com/url/
Redirect Chain

http://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fpaletton.com%2F&callback=_ate.cbs.rcb_hl2f0
https://api-public-oci-origin.addthis.com/url/shares.json?url=https%3A%2F%2Fpaletton.com%2F&callback=_ate.cbs.rcb_hl2f0

36 B
289 B

341ms
155ms

Script
application/json

129.146.196.240
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public-oci-origin.addthis.com/url/shares.json?url=https%3A%2F%2Fpaletton.com%2F&callback=_ate.cbs.rcb_hl2f0

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.146.196.240 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

nginx/1.15.8 /

Resource Hash

38f2f25c4ec09153bf1ab04988d530b051503dd6d9abdc09fbe49c5ee071278c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 17 Feb 2020 14:35:13 GMT
surrogate-key: paletton.com/
last-modified: Mon, 17 Feb 2020 14:35:13 GMT
server: nginx/1.15.8
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 36

Redirect headers

Location: https://api-public-oci-origin.addthis.com/url/shares.json?url=https%3A%2F%2Fpaletton.com%2F&callback=_ate.cbs.rcb_hl2f0
Date: Mon, 17 Feb 2020 14:35:13 GMT
Server: nginx/1.15.8
Connection: keep-alive
Content-Length: 171
Content-Type: text/html

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/032002112037430/ 20 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032002112037430/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3186a55bc67271424c17f202a5797f96d54a851d12249ff7ec152854e4017eb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 14541
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7145
x-xss-protection: 0
server: sffe
date: Mon, 17 Feb 2020 10:32:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "161ad10f491d4c28"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Feb 2021 10:32:52 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/032002112037430/ Frame 5A26 201 KB
55 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032002112037430/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92779ff589443c701d72a2f35d9c22cc7890a12e0d9898e5d8bd9c995e7cf67b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 280890
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55784
x-xss-protection: 0
server: sffe
date: Fri, 14 Feb 2020 08:33:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2dbded748a3109c2"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Feb 2021 08:33:43 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/032002112037430/v0/ Frame 5A26 15 KB
6 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032002112037430/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ec28887939746f16ae8e7ce9541ee66dd7d76f80350a09ee4677ac6ba41a64b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 280827
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5592
x-xss-protection: 0
server: sffe
date: Fri, 14 Feb 2020 08:34:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "819606326e90ab5d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Feb 2021 08:34:46 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/032002112037430/v0/ Frame 5A26 91 KB
27 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032002112037430/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dec9dba8e7c23f46e9b3bca2287a7d6e2d59ad57cc9e8389b7fc00f268b71ca

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 280885
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27980
x-xss-protection: 0
server: sffe
date: Fri, 14 Feb 2020 08:33:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1fae760e2b8d4fc0"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Feb 2021 08:33:48 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/032002112037430/v0/ Frame 5A26 3 KB
1 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032002112037430/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe26c5e572ef1a563fb95169f7640146a21368e5c1873331e387159fc35477e9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 280894
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1399
x-xss-protection: 0
server: sffe
date: Fri, 14 Feb 2020 08:33:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b97660e69041e328"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Feb 2021 08:33:39 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/032002112037430/v0/ Frame 5A26 46 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032002112037430/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c470d799d052d3867006566c0a177e3f8290bc64781f45f1d6efd89b16128f56

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 280878
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14831
x-xss-protection: 0
server: sffe
date: Fri, 14 Feb 2020 08:33:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cfc894590e2c4834"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Feb 2021 08:33:55 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5A26 5 KB
770 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b8a2f5f87bf888d48311aba7d4010ea01bef84f9e0b51d003e016391ddfed29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Feb 2020 14:35:13 GMT
server: ESF
date: Mon, 17 Feb 2020 14:35:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Feb 2020 14:35:13 GMT

GET
H2 200 4959313858934574607
tpc.googlesyndication.com/simgad/ Frame 5A26 6 KB
6 KB 11ms
11ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4959313858934574607?w=300&h=300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da9ed7b3df7e03261300d4d82ecc90b0eb4420ec3fc5b046a76ca8daa596dbe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 04 Feb 2020 17:40:34 GMT
x-content-type-options: nosniff
age: 1112079
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5680
x-xss-protection: 0
last-modified: Mon, 26 Mar 2018 10:47:30 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 17:40:34 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5A26 2 KB
3 KB 10ms
8ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 16 Feb 2020 23:33:44 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 54089
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 17 Feb 2020 23:33:44 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5A26 295 B
425 B 10ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 16 Feb 2020 21:53:21 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 60112
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 17 Feb 2020 21:53:21 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5A26 0
0 40ms
38ms Image
text/html 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CbCnNoKRKXvnNL8mcgAfisL_gDNPmsptbm7KxoOMIv-EeEAEghveGJmC56L6A1AGgAfbZwqIDyAEB4AIAqAMBqgTaAU_QKyunGYkJjayQACyn55I7fXxzoAylBOk3dchVMUbYwr9lziGwzohTOg-Bcn8ySkgE6lRzK7QjHJBuCEGStnc3VQTHB_EVyk6N5YDM5AG_tNTZDnIv0LHY8zcLnTTM99ZbWBis_EB2f0PhdzywTml7MC7QyIowLspe5Q2mnnUMKXddCeT65P1AjlkCi5miIEHEDclaZVlebTdQDKG4XyiBVGH3zOkORNQDQz0hKnmM0Ck4f5h5wIwmpbQHwYH-4qkSHcSCz_1P54u7nZ0SEJA-JdCWRJPSOATswATEnKqHlwLgBAGSBQQIBBgBkgUECAUYBIAH8qW9XagHjs4bqAfVyRuoB5PYG6gHugaoB_LZG6gHpr4bqAfs1RvYBwHyBwQQousx0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi00NjE3NjIwNTIyMDE2MjgxgAoDyAsB2BMCiBQB&sigh=5xK0rZhd8rw&template_id=5001&tpd=AGWhJmvUIV4G3jiQmkL4GWV9vXJZtfMJW33f0C_QWy54lnWlWA
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s29-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/032002112037430/ Frame D3C7 201 KB
55 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032002112037430/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92779ff589443c701d72a2f35d9c22cc7890a12e0d9898e5d8bd9c995e7cf67b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 280890
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55784
x-xss-protection: 0
server: sffe
date: Fri, 14 Feb 2020 08:33:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2dbded748a3109c2"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Feb 2021 08:33:43 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/032002112037430/v0/ Frame D3C7 15 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032002112037430/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ec28887939746f16ae8e7ce9541ee66dd7d76f80350a09ee4677ac6ba41a64b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 280827
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5592
x-xss-protection: 0
server: sffe
date: Fri, 14 Feb 2020 08:34:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "819606326e90ab5d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Feb 2021 08:34:46 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/032002112037430/v0/ Frame D3C7 91 KB
27 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032002112037430/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dec9dba8e7c23f46e9b3bca2287a7d6e2d59ad57cc9e8389b7fc00f268b71ca

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 280885
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27980
x-xss-protection: 0
server: sffe
date: Fri, 14 Feb 2020 08:33:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1fae760e2b8d4fc0"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Feb 2021 08:33:48 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/032002112037430/v0/ Frame D3C7 3 KB
1 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032002112037430/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe26c5e572ef1a563fb95169f7640146a21368e5c1873331e387159fc35477e9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 280894
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1399
x-xss-protection: 0
server: sffe
date: Fri, 14 Feb 2020 08:33:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b97660e69041e328"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Feb 2021 08:33:39 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/032002112037430/v0/ Frame D3C7 46 KB
15 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032002112037430/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c470d799d052d3867006566c0a177e3f8290bc64781f45f1d6efd89b16128f56

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 280878
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14831
x-xss-protection: 0
server: sffe
date: Fri, 14 Feb 2020 08:33:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cfc894590e2c4834"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Feb 2021 08:33:55 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D3C7 2 KB
3 KB 10ms
9ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 16 Feb 2020 23:33:44 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 54089
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 17 Feb 2020 23:33:44 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D3C7 295 B
362 B 10ms
10ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 16 Feb 2020 21:53:21 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 60112
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 17 Feb 2020 21:53:21 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/032002112037430/ Frame 1659 201 KB
55 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032002112037430/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92779ff589443c701d72a2f35d9c22cc7890a12e0d9898e5d8bd9c995e7cf67b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 280890
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55784
x-xss-protection: 0
server: sffe
date: Fri, 14 Feb 2020 08:33:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2dbded748a3109c2"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Feb 2021 08:33:43 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/032002112037430/v0/ Frame 1659 91 KB
27 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032002112037430/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dec9dba8e7c23f46e9b3bca2287a7d6e2d59ad57cc9e8389b7fc00f268b71ca

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 280885
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27980
x-xss-protection: 0
server: sffe
date: Fri, 14 Feb 2020 08:33:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1fae760e2b8d4fc0"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Feb 2021 08:33:48 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4EC9 0
0 36ms
34ms Fetch
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstry_fieA7rbm8JdKp2PqFrC9Yp1BijJD8hFVU-ptU9O6p91VZVNjA_9meqv8YsVGLxeIHC0BjadOZAGQEsJpdWL_jrGq0vWjiLoL5Giqigop3mGyGK8oYO_Na5y_s8SFN34ywWI6cPm5PNPm4BNCG-ngaP4oPm_gBU5sWnX9lHv7hrkHxt59aQ8GU_IG4Xc5HCJl1WgNN37BrApeQXU4JH1MX4sHxAeGGB8FgSn4AS1T-ip6uAeZka6LoSZ5I1ke76r6JxOeJk5oTa2ug&sig=Cg0ArKJSzDCm2JzvzwjAEAE&urlfix=1&adurl=

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Mon, 17 Feb 2020 14:35:13 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK headerbid.php Show response
served-by.pixfuture.com/www/delivery/ Frame 4EC9 5 KB
6 KB 247ms
225ms Script
text/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://served-by.pixfuture.com/www/delivery/headerbid.php?dat=359x160x600x78x90274
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js
Protocol: HTTP/1.1
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 68038bf31c67a07774934911ad22664116c7d408aa379f41a167e223f649d206

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Feb 2020 14:35:13 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *, *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4EC9 72 KB
27 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bbe4d4e1a168926c878be73ce8e09b71e70f3823575de43e0623a4e2dfb609d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 14:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27600
x-xss-protection: 0
expires: Mon, 17 Feb 2020 14:35:13 GMT

GET
H2 200 14618461570972660739
tpc.googlesyndication.com/simgad/ Frame D3C7 64 KB
64 KB 9ms
5ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14618461570972660739?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlNDbZKflW8L4EVUu5MaLFqk-36Zg

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7896b6f179ee2ca8ec335a1f39bbd22ef4891ea0d56426a4dee36a21caffb6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 01 Feb 2020 10:31:03 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Nov 2017 06:09:56 GMT
server: sffe
age: 1397050
content-type: image/png
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 65668
x-xss-protection: 0
expires: Sun, 31 Jan 2021 10:31:03 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D3C7 0
0 36ms
32ms Image
text/html 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CEzZdoKRKXpzQL8mcgAfisL_gDIbUv5BX-42H5YAHp6v0_QgQASCG94YmYLnovoDUAaAB-ZKVuQPIAQLgAgCoAwHIAwiqBNwBT9CRcnYa2CHL1bTRaUm57XyknO3dT_x8eUgj1ZLTy_KhKtGzTeKAHbOPakR2FD9t51LGI27HEsjSfRjEoWWdd1jmZbD1gDR1B-Uirszq3GbkC9fsFUAGHOBuXpQxzbeKaIQDcBNiNLZ-vMHiQ7JaHYIrEty4YytUuvxultBe2IT20KCfny1_GOWR8kdxFKVZ7Snm4k0dSvKpD5Bx3pQI_1OnntttJELIPEI6pklYJmyojyYnUwsX0vDb4k7v9KBjtHv_3FuALaOLiS7bNC0QeRLD7cDL0Tdd6nd0m8AE7-uvoMgB4AQBkgUECAQYAZIFBAgFGASgBgKAB-_s6kaoB47OG6gH1ckbqAeT2BuoB7oGqAfy2RuoB6a-G6gH7NUb2AcB8gcEEImQJNIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDYxNzYyMDUyMjAxNjI4MYAKA8gLAdgTDA&sigh=Vo6JmyzzNs8&tpd=AGWhJms40aC5rrFsl9t6d6__fkuRm16ZXPp4obkVfYxR0TM0bA
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s29-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
60 B 17ms
13ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=1006780386306090&r=320x50%7C160x600%7C120x240%7C120x654&w=160&h=600

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:13 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2659162601919364577
tpc.googlesyndication.com/simgad/ Frame 1659 91 KB
91 KB 9ms
5ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2659162601919364577

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35b38352f5082cc78e337213fee6fae8be605e96720891d92a7fc945a80ae8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 04 Feb 2020 19:53:05 GMT
x-content-type-options: nosniff
age: 1104128
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 93154
x-xss-protection: 0
last-modified: Sat, 09 Feb 2019 17:07:02 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 19:53:05 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1659 0
57 B 41ms
37ms Image
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPo2Zh_fx8EnejnXKrOVnuznTWsfNjykPkdc4P60e8L7lQCL3Rga7WzA3UssPvDOlRe6JN6-HQHmrOyB0hefXGuuZVNTJnT1DjKHRwBw0JusmSAhYZvQwn3A4EuicYPUSK1GaQyoUDggg69so5rGpV8y7M4t4HXAfV5UmvCsxDq8tN-zpD7NhaV7fmqT3953w2ioOGXAlGjdJfz2IhATMkXfmSAYaZnpJuWQ16CLTJNzTM3hq5X5aIND8bWY541CuN59EY3xWRmcDwuIyHp8MCw1tQ0QMMWgJaras&sig=Cg0ArKJSzIQFwp_BLIXrEAE&adurl=

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 14:35:13 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 5A26 16 KB
16 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap
Origin: http://paletton.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Sat, 18 Jan 2020 01:18:48 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 2639785
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 15872
x-xss-protection: 0
expires: Sun, 17 Jan 2021 01:18:48 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 5A26 15 KB
15 KB 18ms
18ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap
Origin: http://paletton.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 18:49:40 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 2144733
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 15736
x-xss-protection: 0
expires: Fri, 22 Jan 2021 18:49:40 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 5A26
Redirect Chain

http://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

16ms
15ms

Image
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Redirect headers

Date: Mon, 17 Feb 2020 14:35:13 GMT
X-Content-Type-Options: nosniff
Server: safe
Content-Type: text/html; charset=UTF-8
Location: https://googleads.g.doubleclick.net/pagead/drt/si
Cache-Control: private
Content-Length: 246
X-XSS-Protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame D3C7
Redirect Chain

http://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
15ms

Image
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Redirect headers

Date: Mon, 17 Feb 2020 14:35:13 GMT
X-Content-Type-Options: nosniff
Server: safe
Content-Type: text/html; charset=UTF-8
Location: https://googleads.g.doubleclick.net/pagead/drt/si
Cache-Control: private
Content-Length: 246
X-XSS-Protection: 0

GET
H2 200 14618461570972660739
tpc.googlesyndication.com/simgad/ Frame D3C7 64 KB
64 KB 6ms
5ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14618461570972660739?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlNDbZKflW8L4EVUu5MaLFqk-36Zg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032002112037430/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7896b6f179ee2ca8ec335a1f39bbd22ef4891ea0d56426a4dee36a21caffb6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 01 Feb 2020 10:31:03 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Nov 2017 06:09:56 GMT
server: sffe
age: 1397050
content-type: image/png
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 65668
x-xss-protection: 0
expires: Sun, 31 Jan 2021 10:31:03 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D3C7 2 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032002112037430/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 16 Feb 2020 23:33:44 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 54089
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 17 Feb 2020 23:33:44 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D3C7 295 B
363 B 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032002112037430/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 16 Feb 2020 21:53:21 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 60112
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 17 Feb 2020 21:53:21 GMT

GET
H2 200 2659162601919364577
tpc.googlesyndication.com/simgad/ Frame 1659 91 KB
91 KB 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2659162601919364577

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032002112037430/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35b38352f5082cc78e337213fee6fae8be605e96720891d92a7fc945a80ae8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 04 Feb 2020 19:53:05 GMT
x-content-type-options: nosniff
age: 1104128
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 93154
x-xss-protection: 0
last-modified: Sat, 09 Feb 2019 17:07:02 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 19:53:05 GMT

GET
H2 200 djax.js Show response
cdn.pixfuture.com/ Frame 2BFF 17 KB
5 KB 1444ms
1419ms Script
application/javascript 2606:4700:20::681a:b9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/djax.js
Requested by: Host: served-by.pixfuture.com
URL: http://served-by.pixfuture.com/www/delivery/headerbid.php?dat=359x160x600x78x90274
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5533cd3afbd6bc28a5844b8a86fce59825bd29642a95c079b69ebace42d30c1

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 14:35:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 07 Feb 2020 19:13:08 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"5e3db6c4-4452"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
status: 200
access-control-allow-credentials: true
cf-ray: 56687c917df0c2f4-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 auc.js Show response
cdn.pixfuture.com/ Frame 2BFF 255 KB
77 KB 1552ms
1527ms Script
application/javascript 2606:4700:20::681a:b9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/auc.js
Requested by: Host: served-by.pixfuture.com
URL: http://served-by.pixfuture.com/www/delivery/headerbid.php?dat=359x160x600x78x90274
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 933cbd7706f8a1d0793d453baa9c3b155a037ddf02cd3b8fa01071b55789160f

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 14:35:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 07 Feb 2020 15:45:12 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"5e3d8608-3fc5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
status: 200
access-control-allow-credentials: true
cf-ray: 56687c917df4c2f4-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1

200
OK

p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 2BFF
Redirect Chain

http://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif
https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

35 B
334 B

31ms
30ms

Image
image/gif

91.228.74.148
QUANTCAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.148 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Feb 2020 14:35:13 GMT
Server: QS
Strict-Transport-Security: max-age=86400
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Location: https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif
Non-Authoritative-Reason: HSTS

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5A26 42 B
112 B 38ms
38ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9bOUJT8r4RvWogZNCGLA7ljbj29YViTCGCqPAREwaoTOzNozrM_zK9ImQQyAIBxeTh3WO9rBPVt7kaPzngdJyACMWCodtliL9KiYEybm97qizg9PXYFEW-kT8r5YTdz1j96YiCb3h73RBP3tTWSm6&sai=AMfl-YRFQN43hfL5FNrVhND5p8lFxbHK6MvwOl4h7MxerU3Onae4t_w-SNCBfU7EabaSbhQj4lABz1dNj9bORLLvmjbfLLlbxnnwU154GKGZi88WY9B9hmuR1ZLfBDc&sig=Cg0ArKJSzLVzSGq2GLhwEAE&cid=CAASF-RorkfE0sO9xcuI6IGbZPtf4IkMDeeK&id=ampim&o=370,10&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=155&tls=1155&g=100&h=100&tt=1155&r=v&adk=2191718088&avms=ampa

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:14 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D3C7 42 B
112 B 33ms
32ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUxeoJ9PNkO2XOU_I4Y_zwp4O981Ds7CVwyojgTxbW91szRMp1MKStR16bTI-srxr9mHNqCMrLOyhQQzyukQ2-mDFngsV0M8110UoCmBM7adZjKF5M84JZ5OOHpQ&sai=AMfl-YSY6H3vxE0lJfx30yR7frnKuu7Pt0vr7qGnkVy0qE-ZcjOkkJdezn41ci35nGZuiy4ETUyFoEDaFbst81guwaUO-W7fEHGfkCQvKuGb0FX7sVBod4U91cXwkdc&sig=Cg0ArKJSzJ-NOs1S6oqIEAE&cid=CAASF-Ro2b-n1BC2CW0BumJzRdZCpynh5qMR&id=ampim&o=325,825&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=133&tls=1133&g=100&h=100&tt=1133&r=v&adk=127599192&avms=ampa

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:14 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1659 42 B
112 B 15ms
14ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvPVjAcN1D4MraoBTt-AQL8qm94zUl8eLs6212ijhLnOzy6hiw5tpyekKAj5WtQJkEbuan1m1loSDTNafgZWh4WPIq5BFAeoue36aseiA&sig=Cg0ArKJSzF5KjDLqnRcfEAE&id=ampim&o=1295,125&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=131&tls=1131&g=100&h=100&tt=1131&r=v&adk=2713070885&avms=ampa

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:14 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4EC9 42 B
112 B 15ms
14ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvz-IdhRr2VbdTtSusZbpTxPlJbDfNauD0C72aVbEybctuSiB1LtPzjwT76koJ-HyoIYb3PSb_EuPBai3ozOSeaMMSJtp9cUV5C4RkT6Ro&sig=Cg0ArKJSzMti7GZw1WeiEAE&adk=798936416&tt=-1&bs=1600%2C1200&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&p=125,145,725,305&mcvt=1011&rs=0&ht=0&tfs=113&tls=1124&mc=1&lte=0&bas=0&bac=0&met=ce&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1581950113203&dlt&rpt=285&isd=0&msd=0&ext&xdi=0&ps=1600%2C680&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-7-11-11-0-0-0&tvt=1118&is=160%2C600&iframe_loc=http%3A%2F%2Fpaletton.com%2F&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200210

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:14 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery-1.2.3.js Show response
cdn.pixfuture.com/ Frame 2BFF 94 KB
29 KB 145ms
145ms Script
application/javascript 2606:4700:20::681a:b9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/jquery-1.2.3.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d977fc32dd4bdb0479604abf078f1045b0e922666313f2f42cd71ce7835e0061

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 14:35:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 06 Aug 2019 20:36:09 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"5d49e4b9-179fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
status: 200
access-control-allow-credentials: true
cf-ray: 56687c9baf86c2f4-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame 2BFF 122 B
648 B 102ms
101ms XHR
application/json 54.76.246.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?t=ticcez29&pi=3&si=28490&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=9728&
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.246.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-246-227.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a278d9fbbd8812da637127a4794e708a69c52149ad242589bbe81c3b1ac073e7

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:15 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: http://paletton.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 arj Show response
pixfuture2-d.openx.net/w/1.0/ Frame 2BFF 172 B
550 B 91ms
40ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=6405d196-bfe4-4bdd-bf74-bbe54ea4c156&nocache=1581950115604&aus=160x600&divIds=359x160x600x78x90274&auid=540580839&
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.174.5 /
Resource Hash: 8ca2df40b66e8866a15e2b55bdd6875a412451347166b3c01157c45cc51cc901

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:15 GMT
content-encoding: gzip
server: OXGW/16.174.5
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: http://paletton.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

302

ADTECH;cfp=1;rndc=1581950115;v=2;cmd=bid;cors=yes;alias=13e96a09afcddf3;misc=1581950115604 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ Frame 2BFF
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=13e96a09afcddf3;misc=1581950115604;
https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;cfp=1;rndc=1581950115;v=2;cmd=bid;cors=yes;alias=13e96a09afcddf3;misc=1581950115604

0
-1 B

105ms
105ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;cfp=1;rndc=1581950115;v=2;cmd=bid;cors=yes;alias=13e96a09afcddf3;misc=1581950115604
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:15 GMT
server: nginx
access-control-allow-origin: http://paletton.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;cfp=1;rndc=1581950115;v=2;cmd=bid;cors=yes;alias=13e96a09afcddf3;misc=1581950115604
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:15 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;cfp=1;rndc=1581950115;v=2;cmd=bid;cors=yes;alias=13e96a09afcddf3;misc=1581950115604
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 2BFF 144 B
1 KB 120ms
105ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js

Protocol

HTTP/1.1

Server

37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4923bebb14d7808232643bb9be86866dcd1cd5d392ce58f1916c85e9eab9b038

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Feb 2020 14:35:17 GMT
X-Proxy-Origin: 82.102.19.132; 82.102.19.132; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.117:80
AN-X-Request-Uuid: 4cc6f5aa-85b7-4775-acb1-bf1088344e03
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://paletton.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 2 Show response
prebid.mgid.com/prebid/ Frame 2BFF 0
583 B 138ms
81ms XHR
text/plain 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.mgid.com/prebid/2
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 204
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://paletton.com
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 56687c9ef8c4bde1-AMS
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

POST
H2 204 ortb Show response
bid.contextweb.com/header/ Frame 2BFF 0
368 B 74ms
27ms XHR
text/plain 74.214.194.133
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb?src=prebid
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Feb 2020 14:35:15 GMT
server: envoy
status: 204
cwdl: 22/120
access-control-allow-origin: http://paletton.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 8
cw-server: bid-deployment-5d67dcf799-gqz8l

GET
H2

302

ADTECH;apid=1Ab68758a8-5192-11ea-8b54-12fd82435158;cfp=1;rndc=1581950115;v=2;cmd=bid;cors=yes;alias=13e96a09afcddf3;misc=1581950115604 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ Frame 2BFF
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;cfp=1;rndc=1581950115;v=2;cmd=bid;cors=yes;alias=13e96a09afcddf3;misc=1581950115604
https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;apid=1Ab68758a8-5192-11ea-8b54-12fd82435158;cfp=1;rndc=1581950115;v=2;cmd=bid;cors=yes;alias=13e96a09afcddf3;misc=15819...

0
-1 B

106ms
106ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;apid=1Ab68758a8-5192-11ea-8b54-12fd82435158;cfp=1;rndc=1581950115;v=2;cmd=bid;cors=yes;alias=13e96a09afcddf3;misc=1581950115604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:15 GMT
server: nginx
access-control-allow-origin: http://paletton.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;apid=1Ab68758a8-5192-11ea-8b54-12fd82435158;cfp=1;rndc=1581950115;v=2;cmd=bid;cors=yes;alias=13e96a09afcddf3;misc=1581950115604
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:15 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;apid=1Ab68758a8-5192-11ea-8b54-12fd82435158;cfp=1;rndc=1581950115;v=2;cmd=bid;cors=yes;alias=13e96a09afcddf3;misc=1581950115604
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4

Request headers

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
5 KB 18ms
17ms XHR
application/json 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200212&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0eac974e81627ff5ee824b34e60c1b34c19522c5564a40f18de5c2468573dd38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 Feb 2020 14:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5167
x-xss-protection: 0

GET
H2 200 ADTECH;apid=1Ab68758a8-5192-11ea-8b54-12fd82435158;cfp=1;rndc=1581950115;v=2;cmd=bid;cors=yes;alias=13e96a09afcddf3;misc=1581950115604 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ Frame 2BFF 605 B
736 B 138ms
137ms XHR
application/json 152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344886/0/0/ADTECH;apid=1Ab68758a8-5192-11ea-8b54-12fd82435158;cfp=1;rndc=1581950115;v=2;cmd=bid;cors=yes;alias=13e96a09afcddf3;misc=1581950115604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 1396709b3d96bf102f136b9ac5f381f0fe85dc50e591a547e775eeaa6c0868dd

Request headers

Referer: http://paletton.com/
Origin: http://paletton.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:15 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 605
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK sodar2.js Show response
tpc.googlesyndication.com/sodar/ 21 KB
8 KB 20ms
13ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 14:35:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1580338855439378"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 8104
X-XSS-Protection: 0
Expires: Mon, 17 Feb 2020 14:35:15 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/206/ Frame 4386 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/206/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://paletton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://paletton.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4624
date: Mon, 17 Feb 2020 14:34:27 GMT
expires: Tue, 16 Feb 2021 14:34:27 GMT
last-modified: Tue, 19 Nov 2019 17:13:16 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 48
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK demo_track.js Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame 2BFF 3 KB
3 KB 289ms
97ms Script
application/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2968eb23e6fbf512721911a58cb0f10bd153e7be88ce5aec56d6655a0ef110fa

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 17 Feb 2020 14:35:16 GMT
Last-Modified: Mon, 20 Jan 2020 19:09:38 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5e25faf2-a1e"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2590

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
51 B 17ms
17ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=206&t=2&li=gda_r20200212&jk=1006780386306090&bg=!yMuly9NYdRTywx5Zu80CAAAAPVIAAAALmQFX3xFAX9H7zsRo7DC6LWthusPOvUNz82tPQajIY-tKQWLKhu9XayCAtEgpItL5Sd3UmRUDcGMBO3C2OsSKAMTKrJgEmNupz85a3-vxFgpHvRIOKzYi7uGnuGHdNWan_bQGEV_jYIm_Uxt_yOH1n_gvd2x80uVKIQsocVYkP499xItdZ5PptUiMMmKbPgts7T63mYTbbvNUxYgSgGpV9pAENFvkNT3vBAMgp7qyQrdu1JBeDnQkb5BT6z01bW4Y0RLZd-YTD9WxbBN628_NcG3xH-gayM9VKZmv8o4QlbYF3GUpuUCrkQU0QGzpnPMD1Hw3gzhM6nOzm25poqiyEzS9Bk2BhsAo1PCbvnWn18_lYN972lkWk4UvvTCktULXIsJ1TKWWKTDKbJnw1QmeVtUWJmqEUH9kpaePCGpeJ4KJ-a_qunN7n8-mboDfjwq0ahL_InV2B4KTfQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:16 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame E795 0
0 335ms
110ms Document
text/plain 208.100.17.176
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=a5OAvyipCr6QqaaKlId8sQ&gdpr_consent=undefined
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.176 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip176.208-100-17.static.steadfastdns.net
Software: 33XP005 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&ru=deb&id=a5OAvyipCr6QqaaKlId8sQ&gdpr_consent=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://paletton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://paletton.com/

Response headers

status: 204
x-33x-status: 2000208
server: 33XP005
date: Mon, 17 Feb 2020 14:35:17 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 540B 0
0 70ms
21ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: http://paletton.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://paletton.com/

Response headers

Server: nginx/1.9.13
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Fastly-Debug-Digest: e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length: 506
Accept-Ranges: bytes
Date: Mon, 17 Feb 2020 14:35:18 GMT
Age: 16865603
Connection: keep-alive
X-Served-By: cache-jfk8123-JFK, cache-hhn4046-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1276778, 2359473
X-Timer: S1581950119.574254,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 index.html
cdn.districtm.io/ids/ Frame 41A4 0
0 115ms
114ms Document
text/html 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.districtm.io/ids/index.html

Requested by

Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://paletton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://paletton.com/

Response headers

status: 200
date: Mon, 17 Feb 2020 14:35:18 GMT
content-type: text/html
set-cookie: __cfduid=d91521f1a6b6b6e115923eec0fb0f7f231581950118; expires=Wed, 18-Mar-20 14:35:18 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
cf-ray: 56687cb0caedd915-AMS
cache-control: s-maxage=1209600, max-age=14400
last-modified: Thu, 10 Jan 2019 16:50:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
content-encoding: br

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 05D8 0
0 323ms
111ms Document
text/plain 208.100.17.176
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bdaUuWipCr6QqaaKlId8sQ&gdpr_consent=undefined
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.176 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip176.208-100-17.static.steadfastdns.net
Software: 33XP005 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&ru=deb&id=bdaUuWipCr6QqaaKlId8sQ&gdpr_consent=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://paletton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://paletton.com/

Response headers

status: 204
x-33x-status: 2000208
server: 33XP005
date: Mon, 17 Feb 2020 14:35:17 GMT

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 4E30 0
0 76ms
23ms Document
text/html 23.37.55.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-55-184.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: http://paletton.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://paletton.com/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 12 Feb 2020 18:47:41 GMT
Content-Encoding: gzip
Content-Length: 7692
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=51613
Expires: Tue, 18 Feb 2020 04:55:31 GMT
Date: Mon, 17 Feb 2020 14:35:18 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 03C7 0
0 318ms
111ms Document
text/plain 208.100.17.176
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=a-jbSKipCr6QqaaKlId8sQ&gdpr_consent=undefined
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.176 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip176.208-100-17.static.steadfastdns.net
Software: 33XP003 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&ru=deb&id=a-jbSKipCr6QqaaKlId8sQ&gdpr_consent=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://paletton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://paletton.com/

Response headers

status: 204
x-33x-status: 2000208
server: 33XP003
date: Mon, 17 Feb 2020 14:35:18 GMT

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 93D8 0
0 315ms
111ms Document
text/plain 208.100.17.176
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=a1qoh-ipCr6QqaaKlId8sQ&gdpr_consent=undefined
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.176 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip176.208-100-17.static.steadfastdns.net
Software: 33XP004 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&ru=deb&id=a1qoh-ipCr6QqaaKlId8sQ&gdpr_consent=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://paletton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://paletton.com/

Response headers

status: 204
x-33x-status: 2000208
server: 33XP004
date: Mon, 17 Feb 2020 14:35:18 GMT

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 1965 0
0 93ms
39ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: http://paletton.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://paletton.com/

Response headers

Last-Modified: Tue, 04 Feb 2020 05:12:07 GMT
ETag: "13006b6-9f85-59db914d12ccf"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14955
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=104362
Expires: Tue, 18 Feb 2020 19:34:40 GMT
Date: Mon, 17 Feb 2020 14:35:18 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

204

sync
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1Ab68758a8-5192-11ea-8b54-12fd82435158

0
124 B

86ms
21ms

Image
text/plain

52.29.22.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1Ab68758a8-5192-11ea-8b54-12fd82435158

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.22.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-22-127.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

status: 204
date: Mon, 17 Feb 2020 14:35:18 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Mon, 17 Feb 2020 14:35:18 GMT
strict-transport-security: max-age=31536000
content-length: 0
location: https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1Ab68758a8-5192-11ea-8b54-12fd82435158
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
264 B 117ms
37ms Image
image/gif 52.215.109.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.109.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-109-156.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55965/
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=m53x2c_MpI6DwPCJyMDojc3P_YCDnPbcz8mIYscB
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=m53x2c_MpI6DwPCJyMDojc3P_YCDnPbcz8mIYscB&apid=1Ab68758a8-5192-11ea-8b54-12fd82435158

0
124 B

85ms
21ms

Image
text/plain

52.29.22.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=m53x2c_MpI6DwPCJyMDojc3P_YCDnPbcz8mIYscB&apid=1Ab68758a8-5192-11ea-8b54-12fd82435158

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.22.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-22-127.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

status: 204
date: Mon, 17 Feb 2020 14:35:18 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Mon, 17 Feb 2020 14:35:18 GMT
strict-transport-security: max-age=31536000
content-length: 0
location: https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=m53x2c_MpI6DwPCJyMDojc3P_YCDnPbcz8mIYscB&apid=1Ab68758a8-5192-11ea-8b54-12fd82435158
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 2BFF 70 B
264 B 37ms
37ms Image
image/gif 52.215.109.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=1&gdpr_consent=
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.109.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-109-156.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 14:35:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 4ABE 0
0 40ms
26ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: HTTP/1.1
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://paletton.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Referer: http://paletton.com/

Response headers

Server: nginx/1.9.13
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Fastly-Debug-Digest: e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length: 506
Accept-Ranges: bytes
Date: Mon, 17 Feb 2020 14:35:18 GMT
Age: 16865604
Connection: keep-alive
X-Served-By: cache-jfk8123-JFK, cache-hhn4062-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1276778, 2344400
X-Timer: S1581950119.995935,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame B0FF 0
0 38ms
36ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.174.5 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://paletton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=e0994773-4893-0b17-2c04-abf823afa6d6|1581950115
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://paletton.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=e0994773-4893-0b17-2c04-abf823afa6d6|1581950115; Version=1; Expires=Tue, 16-Feb-2021 14:35:18 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1581950118|mOgikimWiygu; Version=1; Expires=Tue, 03-Mar-2020 14:35:18 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.174.5
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 17 Feb 2020 14:35:18 GMT
content-type: text/html
content-length: 374
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 visitormatch
bh.contextweb.com/ Frame B0B5 0
0 61ms
20ms Document
text/html 74.214.194.140
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://bh.contextweb.com/visitormatch

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.214.194.140 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: bh.contextweb.com
:scheme: https
:path: /visitormatch
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://paletton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vf=1; V=HO6UrDZrbuwj; wf=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://paletton.com/

Response headers

status: 200
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-6c55bfb4dd-774rb
cache-control: private, max-age=0, no-cache, no-store
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-language: en-US
content-type: text/html;charset=iso-8859-1
set-cookie: V=;Path=/;Domain=.contextweb.com;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0 INGRESSCOOKIE=5dd924a504cd3cae; path=/; HttpOnly
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55965/ Frame 2BFF
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=m53x2c_MpI6DwPCJyMDojc3P_YCDnPbcz8mIYscB
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=m53x2c_MpI6DwPCJyMDojc3P_YCDnPbcz8mIYscB&apid=1Ab68758a8-5192-11ea-8b54-12fd82435158

0
124 B

22ms
22ms

Image
text/plain

52.29.22.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=m53x2c_MpI6DwPCJyMDojc3P_YCDnPbcz8mIYscB&apid=1Ab68758a8-5192-11ea-8b54-12fd82435158

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.22.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-22-127.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

status: 204
date: Mon, 17 Feb 2020 14:35:19 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Mon, 17 Feb 2020 14:35:19 GMT
strict-transport-security: max-age=31536000
content-length: 0
location: https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=m53x2c_MpI6DwPCJyMDojc3P_YCDnPbcz8mIYscB&apid=1Ab68758a8-5192-11ea-8b54-12fd82435158
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

sync
ups.analytics.yahoo.com/ups/56465/ Frame 2BFF
Redirect Chain

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1Ab68758a8-5192-11ea-8b54-12fd82435158

0
124 B

22ms
21ms

Image
text/plain

52.29.22.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1Ab68758a8-5192-11ea-8b54-12fd82435158

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.22.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-22-127.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

status: 204
date: Mon, 17 Feb 2020 14:35:19 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Mon, 17 Feb 2020 14:35:18 GMT
strict-transport-security: max-age=31536000
content-length: 0
location: https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1Ab68758a8-5192-11ea-8b54-12fd82435158
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.paletton.com/	1970-01-19 16:11:26	Name: OptanonConsent Value: groups=1%3A1%2C3%3A1%2C4%3A1%2C0_48433%3A1%2C0_48432%3A1%2C0_48435%3A1%2C0_48434%3A1%2C0_48437%3A1%2C0_48436%3A1%2C0_48439%3A1%2C0_48438%3A1%2C0_48440%3A1&datestamp=Mon+Feb+17+2020+15%3A35%3A15+GMT%2B0100+(Central+European+Standard+Time)&version=4.9.0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/032002112037430/amp4ads-v0.js(Line 409) Message: Powered by AMP ⚡ HTML – Version 2002112037430 http://paletton.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/032002112037430/amp4ads-v0.js(Line 409) Message: Powered by AMP ⚡ HTML – Version 2002112037430 http://paletton.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/032002112037430/amp4ads-v0.js(Line 409) Message: Powered by AMP ⚡ HTML – Version 2002112037430 http://paletton.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ads.pubmatic.com
ads.yieldmo.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ajaxhttpheaders.appspot.com
ajaxhttpheaders2.appspot.com
api-public-oci-origin.addthis.com
api-public.addthis.com
as-sec.casalemedia.com
bh.contextweb.com
bid.contextweb.com
btlr.sharethrough.com
c.amazon-adsystem.com
cdn.adapex.io
cdn.ampproject.org
cdn.cookielaw.org
cdn.districtm.io
cdn.pixfuture.com
code.jquery.com
dmx.districtm.io
edge.quantserve.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geolocation.onetrust.com
googleads.g.doubleclick.net
graph.facebook.com
hbopenbid.pubmatic.com
ib.adnxs.com
match.adsrvr.org
mrb.upapi.net
pagead2.googlesyndication.com
paletton.com
pixel.advertising.com
pixel.quantserve.com
pixfuture2-d.openx.net
prebid.mgid.com
rules.quantcount.com
s7.addthis.com
securepubads.g.doubleclick.net
served-by.pixfuture.com
ssc-cms.33across.com
ssc.33across.com
stats.g.doubleclick.net
tag.1rx.io
tpc.googlesyndication.com
ups.analytics.yahoo.com
v1.addthisedge.com
www.colorschemedesigner.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.paypalobjects.com
z.moatads.com
104.16.190.66
104.19.135.78
129.146.196.240
143.204.90.242
151.101.113.108
151.101.114.133
152.195.132.202
152.199.22.24
172.217.18.162
185.64.189.112
2001:4de0:ac19::1:b:1a
208.100.17.176
213.19.147.210
23.210.248.44
23.210.249.164
23.210.249.92
23.210.250.213
23.37.55.184
2600:9000:2156:b200:6:44e3:f8c0:93a1
2606:4700:10::6814:b944
2606:4700:20::681a:b64
2606:4700:20::681a:b9c
2606:4700:3036::681c:1be7
2a00:1450:4001:806::200e
2a00:1450:4001:808::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:815::2002
2a00:1450:4001:815::2014
2a00:1450:4001:816::2002
2a00:1450:4001:819::2003
2a00:1450:4001:81b::2002
2a00:1450:4001:81e::200a
2a00:1450:4001:81f::2014
2a00:1450:4001:820::2004
2a00:1450:4001:820::200a
2a00:1450:4001:821::2001
2a00:1450:400c:c00::9a
2a03:2880:f02d:e:face:b00c:0:2
34.95.120.147
35.156.238.40
37.252.172.249
52.215.109.156
52.29.22.127
52.49.211.59
52.57.106.47
54.76.246.227
67.20.76.187
67.202.110.22
68.183.31.14
69.173.144.143
74.214.194.133
74.214.194.140
91.228.74.148
91.228.74.179
0044309d787293331cf7c18367115d0126a51f6a4107ea8479fcef7c4c091f58
020d7c2c7814d3cef2f88c6d47d2e5d7d9567e68d81793b3b934795cc176adb4
03a81e8d1eb1ade2a13d541d80ef1919d56b30e7839773c26f6ab84928ba06be
043d10838d5d7f914382d256d4f58b44ff2bc3f5103c61bcc93f3dfe52f6a699
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
06349254c3a3832ea81973863ce5873ab441c1b8006ee1cb553425d152fabf88
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8d30406abfe35cba0695b2af0dfbeb1521ec0d937bea77d9007de022339086
0bd0bc4edd5e4b256b9c40ce082680ad16a78ac5faf4d3337d39cf9605518bfe
0eac974e81627ff5ee824b34e60c1b34c19522c5564a40f18de5c2468573dd38
0ec28887939746f16ae8e7ce9541ee66dd7d76f80350a09ee4677ac6ba41a64b
0eef079fb017d308068b0016fe100dc714602ce0c4c35ada89198d61779fedb9
0f9f3fd866f3844f9550519224ecd823d0e3b73f777a8dcd5a19b4e23086f0ff
12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4
1396709b3d96bf102f136b9ac5f381f0fe85dc50e591a547e775eeaa6c0868dd
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
20d67897997d5d90d4dc40fc59dda0f221f2eaa2475d0c2d4b910d4c72d375e3
2416e68f0c97764abc941e8aa4ea584a81e9b7d5c9e41a3c769fe418770a1f80
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
24cc20eb5e732bccb2b298c085756d3a083a9c56d4fa05b26af0f3902b915bf4
254e63edea574f9e1b451f8607cac6d2875a79ebd01e91313388419116b0263f
2570c8ef06dfff787078ccd450a31833e8ddbda05499e0443bb285141d8b39b5
2940fd5410266278b49250a1b2afdc5be955676657dc1f9f0b5c20dcf902aba0
2968eb23e6fbf512721911a58cb0f10bd153e7be88ce5aec56d6655a0ef110fa
2a11c3cacfbded7041489b3c0e3656c809c54ea434ba85f0b5b1c3a814238632
2bbe4d4e1a168926c878be73ce8e09b71e70f3823575de43e0623a4e2dfb609d
2decbd876939b0b940cb5d7636ebc31931d7f40dc38954d1f2e12c1554a39942
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3177a76aadf4fe5c7ee7fba5823116009ca3bfd09a18671788aceb2d8ce46395
3451f26a836acb1af177f2cbebba4570190e41943f59fbdc5d360f3d33628286
35b38352f5082cc78e337213fee6fae8be605e96720891d92a7fc945a80ae8de
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
38f2f25c4ec09153bf1ab04988d530b051503dd6d9abdc09fbe49c5ee071278c
39067599e3398209915689830a0ae6562c493905b2ba52e4e4f51e62d7f69f13
39b8196df8565826ec39b8d848e26405d874f03ffe238ccfa8f253594f3393dc
3e83640841db25203191361f884ae3396f0ca41611d61c83e7b7f8ecbbff59ba
411b3b6cd8d439beb0ff23e362f6e88f7bb2b64ee65f8b67a0dc5c901c2c8049
482485ca0a18e184c8aad916ff16d779e7e901cdbb89621b0a578a9e9e26fa6a
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
4923bebb14d7808232643bb9be86866dcd1cd5d392ce58f1916c85e9eab9b038
536c4d0849b347b369efee44f46dea61412c4d074d64836a56859a91338238b2
5b1e5385e2bd0e9ee99b3d6620f8e543c94be7c2a51b8de9c9aec18dc6049b1b
5f527ad94f536aea3fd9f50b3401e7e5a677f4cf4bc7fc40d3cd01d5e73e3d0a
5fd0a4029ecb9a197bdb46fcd35aaefe266f9b62d2bc69f2019f4d80d005aea0
62b16e452b8d01877512f973bdb2fbd045d7abe157e5dfcdc788af12b841c508
639d90e83e2304ecd2182757c1334a7cddd30c940926f2097ce9fb8f6909c9fc
63d544164b501354efc7b4a4654d5ae42ad6f70b9b6019280744099793d1347d
6679c20efcce098f1228e4cedf3021692f0b284115b040dda592bd0173ff8739
66b67780851498cdfe10c8ff6a2322326d56b14b4e3ea8598b6147a07065f6f1
68038bf31c67a07774934911ad22664116c7d408aa379f41a167e223f649d206
6b38924eaf240be5dc69da86f6241f948331fa8e8fd373b5a08a7feccf27c2de
6b8a2f5f87bf888d48311aba7d4010ea01bef84f9e0b51d003e016391ddfed29
6e73a1c94f5b4f766aadfc4ab8ebe4c3f7c1df0da7e1ac52fbb6f045ef84e174
6ef54cf7a14f28fa73ff16e2cf2c2c80a6ce3e7f7a7d50ca23536bf75cd9f0cb
6feced225f1134e94b6f9b778013ea0e927b9ce58d3a7f8720af8930f742575e
73d7ea3d0a15f6d653a23bc31e35d81c6d75cb99cf2cc77ec3eeaa6907066044
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
77d7bc51e075befdd4abd0d954cf332032e2d8508f0451f7885ec2f48a340310
7896b6f179ee2ca8ec335a1f39bbd22ef4891ea0d56426a4dee36a21caffb6d1
78f8576adbc1a45958e8e81f28d5d1b87baf961e9fe6d1f3fdae9902a0ea7f40
7dec9dba8e7c23f46e9b3bca2287a7d6e2d59ad57cc9e8389b7fc00f268b71ca
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ca2df40b66e8866a15e2b55bdd6875a412451347166b3c01157c45cc51cc901
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9275fc6aca0d205550d5dac655167f97ab867ac8d9daf3d809168a0cb1367e95
92779ff589443c701d72a2f35d9c22cc7890a12e0d9898e5d8bd9c995e7cf67b
933cbd7706f8a1d0793d453baa9c3b155a037ddf02cd3b8fa01071b55789160f
98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3
9a21963af0fc87d11e1deac7b030915e75fddf4378d2fa2eb55b8d6f6f453b44
9cc027948842b7ec5f1bcc45a5cfd795efe293b8c238aff5208a5b80d2efa906
9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0
9e4e025c7f5a11e3c38a0a628d90e86f5abe8bedd33474cc56eecbbd531d41ad
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a278d9fbbd8812da637127a4794e708a69c52149ad242589bbe81c3b1ac073e7
a7377883880a8df1adbcd3832b0eb7fb7a278e17bf7b188fe17696a4ed2f4a4c
a7fb846925485c1510f4e2aabb7d00e0e61cac8da30d5026ad73fcfec7a62351
ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7
ac2a58f9d55c4642121cfb6f7e213cbc882bbdd75ef171ca8a07ed982ef693ce
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
b14234740394e59287bce1f6f3a594a8f221b382552b35658f1ef15d16ee662b
b54c1b5e6d890a225aecec44900fc681584b1d857ea55875aa964cfc6fca42f3
b591532ea43780c27ee2f59079c4ad5f0389197b204c6ce269c8591db9681cdd
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bb19a8170961c6177dcd5b1230737ee312e831994bc48272248b7bb464da4c11
c138155605cc246182faa0e74f267845732eff694ba80165b50e2a8f8e8cd8a3
c2b27caef0bf2dfca09290ec03af3d78a112724a6884d34c7b4a7350dc843f3e
c3186a55bc67271424c17f202a5797f96d54a851d12249ff7ec152854e4017eb
c36d043cc13a6a995a9f92a107e748d3728f3fb8f21f4c4514bcfb78a9a2fdbd
c470d799d052d3867006566c0a177e3f8290bc64781f45f1d6efd89b16128f56
c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96
c5533cd3afbd6bc28a5844b8a86fce59825bd29642a95c079b69ebace42d30c1
c5dc61f3b52dd55dd71e5e57efbf5e2d9273654abc821aa419043f054d9e6b66
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cadb948cbbfeee8fce2ae36727c6fabc3fdd55ff4fc10998553a1b8e2e72a963
cc1fb95027df07a44101766dce45818613ef71bb303cc01048db64bdc67247b6
ce339d9a4b54d3059f621cfe4e76235aa61312b6e28895a02b409ce2493b7f03
d76a8e2d992422c26e0b586d8cc3a53afe86aadf0c2dd4a34607e1e7d5cf27d9
d7a04ab7be45ccb5887b846970f070f05ad6f16353d3ad22c67624283a0788ca
d977fc32dd4bdb0479604abf078f1045b0e922666313f2f42cd71ce7835e0061
da5938edc872a3bb592689c64b4e09e5dad48fe5f280fc714636a0c405bcc0a4
da6f3590ab76e27ef219fb9914de30b50b8e21da18fa00a07aac35762f107929
da9ed7b3df7e03261300d4d82ecc90b0eb4420ec3fc5b046a76ca8daa596dbe1
dc61e9970853f2757ef73d02ad4b8eea174a3e1f28b4a5ee77103b0114c3525c
dcdcd0277e3c5f2c9c4e7109b03ca071a9778bf73d147cbaac01af65d494fb3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
ea679045dd07561623dc846f2cbe551e6e8b55215eba6a7f8277b5e4eb4bb350
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ebe54c2b4cdb3fc0bd7bd45b2ce574428f0e970bdd1e9395f50916bce1628cc6
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
ee821f0f1edcccad109280a2ae9279957f8373d81b612421c3a263f280de5444
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efab5780ccb906d347ca4db2d1422ede57f92fa867eb3530a1e7cce897f65c06
f0450e0d9069c0dc6ca8ae95f039f5e804fd7677abb488539a501c75a2937452
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
f45da9f3a4ea415dfee866003bcf6e20779b9d0f204d374772d50df7e3e78e1f
f982ed9dde0cb3c4459457f68bb6ccacab227bbb40349240146d72dd3b6f2434
fe26c5e572ef1a563fb95169f7640146a21368e5c1873331e387159fc35477e9

paletton.com Open in urlscan Pro 67.20.76.187 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

199 Requests

80 %HTTPS

41 %IPv6

43 Domains

61 Subdomains

54 IPs

7 Countries

2214 kBTransfer

5683 kBSize

1 Cookies

3 Outgoing links

Page URL History

Redirected requests

199 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

paletton.com Open in urlscan Pro
67.20.76.187 Public Scan

Screenshot
Live screenshot

Full Image

199
Requests

80 %
HTTPS

41 %
IPv6

43
Domains

61
Subdomains

54
IPs

7
Countries

2214 kB
Transfer

5683 kB
Size

1
Cookies

199 HTTP transactions
1 data transactions