paleomg.com Open in urlscan Pro
2606:4700:3036::681f:5b56 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://paleomg.com/
Effective URL:
https://paleomg.com/
Submission: On March 27 via manual (March 27th 2020, 1:48:30 pm UTC) from US

Summary HTTP 163 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 34 IPs in 9 countries across 29 domains to perform 163 HTTP transactions. The main IP is 2606:4700:3036::681f:5b56, located in United States and belongs to CLOUDFLARENET, US. The main domain is paleomg.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on December 30th 2019. Valid for: 9 months.

This is the only time paleomg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 56	2606:4700:303... 2606:4700:3036::681f:5b56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:4004	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
6	99.84.155.129 99.84.155.129	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
10	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f22... 2a03:2880:f22d:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
2	99.84.155.65 99.84.155.65	16509 (AMAZON-02) (AMAZON-02)
1 3	2.16.105.54 2.16.105.54	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.13.194 151.101.13.194	54113 (FASTLY) (FASTLY)
4	37.252.161.190 37.252.161.190	29990 (ASN-APPNEX) (ASN-APPNEX)
6	185.33.223.203 185.33.223.203	29990 (ASN-APPNEX) (ASN-APPNEX)
3	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.247.95.233 34.247.95.233	16509 (AMAZON-02) (AMAZON-02)
6	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT)
3	95.101.185.51 95.101.185.51	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2.21.37.179 2.21.37.179	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	216.52.2.30 216.52.2.30	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
3	52.58.202.213 52.58.202.213	16509 (AMAZON-02) (AMAZON-02)
3	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE)
3	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
9	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:81b::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:815::2006	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f02... 2a03:2880:f02d:5:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
2	2404:6800:400... 2404:6800:4003:c03::5e	15169 (GOOGLE) (GOOGLE)
163	34

56 2606:4700:3036::681f:5b56 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

paleomg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.84.155.129 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-155-129.txl52.r.cloudfront.net

ads.adthrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f22d:c4:face:b00c:0:43fe (Ireland)

ASN32934 (FACEBOOK, US)

scontent.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.155.65 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-155-65.txl52.r.cloudfront.net

logger.adthrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.105.54 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-105-54.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

clarium.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.161.190 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.223.203 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.95.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-95-233.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.101.185.51 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a95-101-185-51.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.21.37.179 (France)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-21-37-179.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.52.2.30 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vap6ams1.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.58.202.213 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-202-213.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.95.120.147 (United States)

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com

cafemedia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s11-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:5:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)

ad.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c03::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	paleomg.com 1 redirects paleomg.com	2 MB
15	doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net	155 KB
14	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	34 KB
10	adnxs.com prebid.adnxs.com ib.adnxs.com	9 KB
8	adthrive.com ads.adthrive.com logger.adthrive.com	210 KB
7	ampproject.org cdn.ampproject.org	281 KB
7	lijit.com ap.lijit.com vap6ams1.lijit.com	17 KB
6	rubiconproject.com fastlane.rubiconproject.com	9 KB
3	googletagservices.com www.googletagservices.com	82 KB
3	pubmatic.com hbopenbid.pubmatic.com	227 B
3	openx.net cafemedia-d.openx.net	1 KB
3	criteo.com bidder.criteo.com	423 B
3	3lift.com tlx.3lift.com	1 KB
3	teads.tv a.teads.tv	950 B
3	casalemedia.com as-sec.casalemedia.com	3 KB
3	districtm.io dmx.districtm.io	327 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	gstatic.com fonts.gstatic.com csi.gstatic.com	14 KB
2	fastly.net clarium.global.ssl.fastly.net	41 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	atdmt.com ad.atdmt.com	333 B
1	2mdn.net s0.2mdn.net	27 KB
1	gumgum.com g2.gumgum.com	1010 B
1	cdninstagram.com scontent.cdninstagram.com	170 KB
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	googletagmanager.com www.googletagmanager.com	28 KB
1	cloudflare.com cdnjs.cloudflare.com	2 KB
1	googleapis.com fonts.googleapis.com	1 KB
163	29

	Domain	Requested by
56	paleomg.com	1 redirects paleomg.com
10	securepubads.g.doubleclick.net	ads.adthrive.com securepubads.g.doubleclick.net paleomg.com
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net paleomg.com clarium.global.ssl.fastly.net tpc.googlesyndication.com cdn.ampproject.org googleads.g.doubleclick.net
7	cdn.ampproject.org	clarium.global.ssl.fastly.net securepubads.g.doubleclick.net
6	fastlane.rubiconproject.com	ads.adthrive.com
6	ib.adnxs.com	ads.adthrive.com
6	ads.adthrive.com	paleomg.com ads.adthrive.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net clarium.global.ssl.fastly.net
5	ap.lijit.com	ads.adthrive.com vap6ams1.lijit.com paleomg.com
4	prebid.adnxs.com	ads.adthrive.com
3	www.googletagservices.com	securepubads.g.doubleclick.net clarium.global.ssl.fastly.net googleads.g.doubleclick.net
3	hbopenbid.pubmatic.com	ads.adthrive.com
3	cafemedia-d.openx.net	ads.adthrive.com
3	bidder.criteo.com	ads.adthrive.com
3	tlx.3lift.com	ads.adthrive.com
3	a.teads.tv	ads.adthrive.com
3	as-sec.casalemedia.com	ads.adthrive.com
3	dmx.districtm.io	ads.adthrive.com
3	sb.scorecardresearch.com	1 redirects ads.adthrive.com paleomg.com
2	csi.gstatic.com	cdn.ampproject.org securepubads.g.doubleclick.net
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	vap6ams1.lijit.com	clarium.global.ssl.fastly.net paleomg.com
2	googleads.g.doubleclick.net	clarium.global.ssl.fastly.net
2	clarium.global.ssl.fastly.net	ads.adthrive.com paleomg.com
2	logger.adthrive.com	ads.adthrive.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
1	ad.atdmt.com	paleomg.com
1	s0.2mdn.net	paleomg.com
1	g2.gumgum.com	ads.adthrive.com
1	scontent.cdninstagram.com	paleomg.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	paleomg.com
1	fonts.gstatic.com	paleomg.com
1	www.googletagmanager.com	paleomg.com
1	cdnjs.cloudflare.com	paleomg.com
1	fonts.googleapis.com	paleomg.com
163	37

This site contains links to these domains. Also see Links.

Domain
www.amazon.com
www.instagram.com
www.facebook.com
www.pinterest.com
twitter.com
instagram.com
pinterest.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-12-30` - `2020-10-09`	9 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.adthrive.com Amazon	`2019-08-31` - `2020-09-30`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.instagram.com DigiCert SHA2 High Assurance Server CA	`2020-02-21` - `2020-04-20`	2 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-12-18` - `2020-12-18`	a year	crt.sh
prebid.adnxs.com GeoTrust RSA CA 2018	`2019-03-25` - `2021-05-20`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
districtm.io CloudFlare Inc ECC CA-2	`2020-02-25` - `2020-10-09`	7 months	crt.sh
*.gumgum.com Amazon	`2019-07-31` - `2020-08-31`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
teads.tv Let's Encrypt Authority X3	`2020-03-24` - `2020-06-22`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2019-03-11` - `2020-05-10`	a year	crt.sh
*.3lift.com Amazon	`2019-07-17` - `2020-08-17`	a year	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2019-12-05` - `2021-04-08`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2020-06-03`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://paleomg.com/
Frame ID: 6A7A04B9E97F0C8BCED6C5892BF1E616
Requests: 149 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js
Frame ID: 3B7110C71F3C8B8D59F642D9E4D52F0A
Requests: 9 HTTP requests in this frame

Frame: https://clarium.global.ssl.fastly.net/?wrapper=mOinGM9MTu5v-Lto835XLhlrSPY&tpid=bU9pbkdNOU1UdTV2LUx0bzgzNVhMaGxyU1BZL3NvdnJuOjMwMHg2MDA%3D&v=v2lgcycid&d=eyJ3aCI6ImJVOXBia2ROT1UxVWRUVjJMVXgwYnpnek5WaE1hR3h5VTFCWkwzTnZkbkp1T2pNd01IZzJNREE9Iiwid2QiOnsiay5oYl9iaWRkZXIiOiJzb3ZybiIsImsuaGJfc2l6ZSI6IjMwMHg2MDAifSwid3IiOjd9
Frame ID: 04BC480DC3A13FD18A3EA6C8DD62E186
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js
Frame ID: FE3C05E5D5B5FBCC8397E8601364B03D
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhC8yvoBGOXbjFEwAQ&v=APEucNW2vH5UcA3lDhSaEDy_Bv1lTqzv5ZzCbhrDL6k7lFheAnbupHX42H3TjbqDA-Igsbqsp_3sgms4-AqHZt-iFf7IrEWrIQ
Frame ID: 7E506E2A048920D43ED085DDE668CEE8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: DC4A2EC6AC77224185FD70BC3FE4F196
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A416A591CB24A473BF7AC6EF378861CE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://paleomg.com/ HTTP 301
https://paleomg.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

163
Requests

100 %
HTTPS

45 %
IPv6

29
Domains

37
Subdomains

34
IPs

9
Countries

3013 kB
Transfer

7068 kB
Size

4
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.amazon.com/shop/influencer-76f9b38e?ref=ac_inf_hm_vp
Title: Shop My Amazon

Search URL Search Domain Scan URL

URL: https://www.instagram.com/paleomg/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/PaleOMG
Title: Facebook-f

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/julibauer/paleomg-recipes/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://twitter.com/paleomg
Title: Twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/paleomg
Title: Instagram

Search URL Search Domain Scan URL

URL: https://pinterest.com/julibauer/paleomg-recipes/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/B-OOombJZpG/
Title: 991 17

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://paleomg.com/ HTTP 301
https://paleomg.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=566660820&t=pageview&_s=1&dl=https%3A%2F%2Fpaleomg.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20PaleOMG&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=682239826&gjid=1290880395&cid=1716197016.1585316894&tid=UA-27299094-1&_gid=778438698.1585316894&_r=1&gtm=2ou3i0&z=53290933 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-27299094-1&cid=1716197016.1585316894&jid=682239826&_gid=778438698.1585316894&gjid=1290880395&_v=j81&z=53290933

Request Chain 96

https://sb.scorecardresearch.com/b?c1=2&c2=20567959&cs_ucfr=0&ns__t=1585316894119&ns_c=UTF-8&cv=3.5&c8=Home%20-%20PaleOMG&c7=https%3A%2F%2Fpaleomg.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&cs_ucfr=0&ns__t=1585316894119&ns_c=UTF-8&cv=3.5&c8=Home%20-%20PaleOMG&c7=https%3A%2F%2Fpaleomg.com%2F&c9=

163 HTTP transactions
24 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
paleomg.com/
Redirect Chain

http://paleomg.com/
https://paleomg.com/

159 KB
22 KB

483ms
460ms

Document
text/html

2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 262a256ce668989cc9ac4afac1f8b3288d86b4e3934f4b5c11712f2a60ba523f

Request headers

:method: GET
:authority: paleomg.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d7a2fec42baa898156c420494aca01c8c1585316892
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 27 Mar 2020 13:48:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 27 Mar 2020 13:19:17 GMT
x-powered-by: centminmod
x-rocket-nginx-serving-static: No
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 57a991532eeadfa5-FRA
content-encoding: br

Redirect headers

Date: Fri, 27 Mar 2020 13:48:12 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d7a2fec42baa898156c420494aca01c8c1585316892; expires=Sun, 26-Apr-20 13:48:12 GMT; path=/; domain=.paleomg.com; HttpOnly; SameSite=Lax
Location: https://paleomg.com/
X-Powered-By: centminmod
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 57a991519d256467-FRA

GET
H2 200 dd85889b42e3986db10aa0024b03ebf6.css
paleomg.com/wp-content/cache/min/1/ 2 MB
242 KB 19ms
19ms Stylesheet
text/css 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/min/1/dd85889b42e3986db10aa0024b03ebf6.css
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 16caf6876e37f47ce71297ba02143f61e6cb36656d51797cb68f6a89d9d36d09

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 2523873
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Wed, 26 Feb 2020 18:40:37 GMT
server: cloudflare
etag: W/"5e56bba5-1a6317"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Sat, 28 Mar 2020 08:43:40 GMT
cache-control: max-age=2678400
cf-polished: status=cannot_optimize
cf-ray: 57a991561fcbdfa5-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 19ms
18ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow+Semi+Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.2.5

Requested by

Host: paleomg.com
URL: https://paleomg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a92190b8bbe424badf0c5291a4a7a2124fb6b72cfd5326c268e5ddd62f935b5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 27 Mar 2020 13:48:13 GMT
server: ESF
date: Fri, 27 Mar 2020 13:48:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 27 Mar 2020 13:48:13 GMT

GET
H2 200 jquery-1.12.4-wp.js Show response
paleomg.com/wp-content/cache/busting/1/wp-includes/js/jquery/ 95 KB
32 KB 25ms
22ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-includes/js/jquery/jquery-1.12.4-wp.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1646771
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Tue, 07 Apr 2020 12:22:01 GMT
cache-control: max-age=2678400
cf-polished: origSize=96873
cf-ray: 57a991561fe4dfa5-FRA
cf-bgj: minify

GET
H2 200 jquery-migrate.min-1.4.1.js Show response
paleomg.com/wp-content/cache/busting/1/wp-includes/js/jquery/ 10 KB
4 KB 17ms
15ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-includes/js/jquery/jquery-migrate.min-1.4.1.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: c4154129ebd028c6a491139f744aef258c77f427ce2155b03a0466fb84c4e165

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1984851
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Fri, 03 Apr 2020 14:27:22 GMT
cache-control: max-age=2678400
cf-polished: origSize=10056
cf-ray: 57a991561feadfa5-FRA
cf-bgj: minify

GET
H2 200 imagesloaded.pkgd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.imagesloaded/3.1.8/ 7 KB
2 KB 20ms
17ms Script
application/javascript 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.imagesloaded/3.1.8/imagesloaded.pkgd.min.js?ver=2.6

Requested by

Host: paleomg.com
URL: https://paleomg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37dbf4b6012d4e23cbc1cba50baa3572c93a5c371b9873fb5440cb84dfbf9902

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 4257988
content-security-policy-report-only: default-src https: data: wss: 'unsafe-eval' 'unsafe-inline'; report-uri https://cdnjs.cloudflare.com/cdn-cgi/beacon/csp?req_id=57a991561f10c2f9
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-ray: 57a991561f10c2f9-FRA
last-modified: Thu, 17 May 2018 09:20:59 GMT
server: cloudflare
etag: W/"5afd497b-1b25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 17 Mar 2021 13:48:13 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.001

GET
H2 200 common-2.6.js Show response
paleomg.com/wp-content/cache/busting/1/wp-content/plugins/simple-recipe-pro/js/ 42 B
251 B 13ms
10ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-content/plugins/simple-recipe-pro/js/common-2.6.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 08ab98d0a9cd1bcd2e1af9dcb5002a21896064b3fee94a42ae31ba9f34c594a9

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
cf-cache-status: HIT
age: 1984851
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
content-length: 42
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: "5e478ada-49"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Fri, 03 Apr 2020 14:27:22 GMT
cache-control: max-age=2678400
cf-polished: origSize=73
accept-ranges: bytes
cf-ray: 57a991561feddfa5-FRA
cf-bgj: minify

GET
H2 200 shortcode-recipe-share-2.6.js Show response
paleomg.com/wp-content/cache/busting/1/wp-content/plugins/simple-recipe-pro/js/ 2 KB
879 B 16ms
13ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-content/plugins/simple-recipe-pro/js/shortcode-recipe-share-2.6.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 939acce83659d5d087fd095e018d7ef8cc82b9a9e9cf6fe1e8926543c32502f7

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1984851
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-c09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Fri, 03 Apr 2020 14:27:22 GMT
cache-control: max-age=2678400
cf-polished: origSize=3081
cf-ray: 57a991561ff2dfa5-FRA
cf-bgj: minify

GET
H2 200 recipes-rating-2.6.js Show response
paleomg.com/wp-content/cache/busting/1/wp-content/plugins/simple-recipe-pro/js/ 816 B
366 B 18ms
15ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-content/plugins/simple-recipe-pro/js/recipes-rating-2.6.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 51a4fafcd0f32e591d016c1d31e3d518755dd3956912421af8cb12c244e82a00

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1984851
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-409"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Fri, 03 Apr 2020 14:27:22 GMT
cache-control: max-age=2678400
cf-polished: origSize=1033
cf-ray: 57a991561ff9dfa5-FRA
cf-bgj: minify

GET
H2 200 shortcode-recipe-2.6.js Show response
paleomg.com/wp-content/cache/busting/1/wp-content/plugins/simple-recipe-pro/js/ 1 KB
584 B 21ms
19ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-content/plugins/simple-recipe-pro/js/shortcode-recipe-2.6.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 1e3eb7699723c7389b2dab820c745eef6346df618b14afb44a5178bedc874520

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1646771
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-5d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Tue, 07 Apr 2020 12:22:01 GMT
cache-control: max-age=2678400
cf-polished: origSize=1494
cf-ray: 57a991561ffbdfa5-FRA
cf-bgj: minify

GET
H2 200 shortcode-recipe-grid-filters-2.6.js Show response
paleomg.com/wp-content/cache/busting/1/wp-content/plugins/simple-recipe-pro/js/ 3 KB
975 B 22ms
20ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-content/plugins/simple-recipe-pro/js/shortcode-recipe-grid-filters-2.6.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 0e91952335106ae7864cf9a97a0494f4854d1b991c8570ed1d60fbbbd0b508dc

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1646771
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-d63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Tue, 07 Apr 2020 12:22:02 GMT
cache-control: max-age=2678400
cf-polished: origSize=3427
cf-ray: 57a991561ffddfa5-FRA
cf-bgj: minify

GET
H2 200 shortcode-recipe-grid-2.6.js Show response
paleomg.com/wp-content/cache/busting/1/wp-content/plugins/simple-recipe-pro/js/ 918 B
513 B 16ms
13ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-content/plugins/simple-recipe-pro/js/shortcode-recipe-grid-2.6.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 1f8d26097f5d22ed36174bbce17840dfd883295135b533d49b7bb41f16c74c04

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1984851
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-577"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Fri, 03 Apr 2020 14:27:22 GMT
cache-control: max-age=2678400
cf-polished: origSize=1399
cf-ray: 57a991561fffdfa5-FRA
cf-bgj: minify

GET
H2 200 shortcode-shopping-list-2.6.js Show response
paleomg.com/wp-content/cache/busting/1/wp-content/plugins/simple-recipe-pro/js/ 898 B
486 B 21ms
19ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-content/plugins/simple-recipe-pro/js/shortcode-shopping-list-2.6.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: fccff3451eed13caae3793ae4538b11d7eceb9860191afec3bfc5cc40c1c6aaf

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1646771
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-4e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Tue, 07 Apr 2020 12:22:02 GMT
cache-control: max-age=2678400
cf-polished: origSize=1251
cf-ray: 57a991561800dfa5-FRA
cf-bgj: minify

GET
H2 200 wpp-5.0.0.min-5.0.2.js Show response
paleomg.com/wp-content/cache/busting/1/wp-content/plugins/wordpress-popular-posts/assets/js/ 1 KB
714 B 22ms
20ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-content/plugins/wordpress-popular-posts/assets/js/wpp-5.0.0.min-5.0.2.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: be6cb87334dcea67082729dd3804cc9e950f82929e9496db4d87dcb356c4f1fd

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1984851
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-5bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Fri, 03 Apr 2020 14:27:22 GMT
cache-control: max-age=2678400
cf-polished: origSize=1469
cf-ray: 57a991561803dfa5-FRA
cf-bgj: minify

GET
H2 200 slick.js Show response
paleomg.com/wp-content/themes/astra-child-paleomg/include/js/ 39 KB
9 KB 32ms
31ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/themes/astra-child-paleomg/include/js/slick.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 8cda28ece609be83cd0069c0dcacd0927b1eff73bdd4def01485ae841a6f1b3e

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1984851
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Thu, 17 Oct 2019 05:17:01 GMT
server: cloudflare
etag: W/"5da7f94d-9ccf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Fri, 03 Apr 2020 14:27:22 GMT
cache-control: max-age=2678400
cf-polished: origSize=40143
cf-ray: 57a991561805dfa5-FRA
cf-bgj: minify

GET
H2 200 load-exec.js Show response
paleomg.com/wp-content/themes/astra-child-paleomg/include/js/ 2 KB
649 B 16ms
15ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/themes/astra-child-paleomg/include/js/load-exec.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 2f22ada33ab08f30d4c13ef3f0f088eb45612d089693467e1196c88a458358a8

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1984851
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Wed, 04 Dec 2019 14:02:10 GMT
server: cloudflare
etag: W/"5de7bc62-874"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Fri, 03 Apr 2020 14:27:22 GMT
cache-control: max-age=2678400
cf-polished: origSize=2164
cf-ray: 57a99156180adfa5-FRA
cf-bgj: minify

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 75 KB
28 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-27299094-1

Requested by

Host: paleomg.com
URL: https://paleomg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d014d65336bed3d85fcb0250c85454e00e3c9b0f21fc155372c8731f496de382

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28643
x-xss-protection: 0
last-modified: Fri, 27 Mar 2020 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Mar 2020 13:48:13 GMT

GET
H2 200 skin1.css
paleomg.com/wp-content/plugins/simple-recipe-pro/css/skins/ 2 KB
743 B 20ms
20ms Stylesheet
text/css 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/plugins/simple-recipe-pro/css/skins/skin1.css
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 9acec9bbf365abaa5e650e14d3dc9150cf07408c9fb72ace5d0f1a81743aae88

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1646771
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Fri, 31 Jan 2020 13:06:24 GMT
server: cloudflare
etag: W/"5e342650-b33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Tue, 07 Apr 2020 12:22:02 GMT
cache-control: max-age=2678400
cf-polished: origSize=2867
cf-ray: 57a99156894ddfa5-FRA
cf-bgj: minify

GET
H2 200 ads.min.js Show response
ads.adthrive.com/sites/574f4c769b47b9d4315a5d6d/ 17 KB
3 KB 466ms
431ms Script
application/javascript 99.84.155.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/sites/574f4c769b47b9d4315a5d6d/ads.min.js?threshold=54
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-129.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ae563030be6d0ccd3f9b141d878569a8fa4ae6768ab6114ab34ea34f2caf0d7

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:14 GMT
content-encoding: gzip
last-modified: Wed, 25 Mar 2020 14:06:07 GMT
server: AmazonS3
x-amz-cf-pop: TXL52-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: JlkfB7dgA7Vn7JGYOkeYuMPTnvYtN0wM
status: 200
cache-control: max-age=3600
content-type: application/javascript
x-amz-cf-id: RWEbyhIz0qsXs1oTVw337K3HCrgI5DkRtQzZgfkC1M1-PTp9dI9vUg==
via: 1.1 2d69f677a4a0e3e7eefdf9d24bd43661.cloudfront.net (CloudFront)

GET
H2 200 woocommerce-smallscreen.min-2.1.1.css
paleomg.com/wp-content/cache/busting/1/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/ 6 KB
1 KB 14ms
13ms Stylesheet
text/css 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen.min-2.1.1.css
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: eb43e8f62a0a26affd917433d135eff06b5108ebff2045ab38d37b24e56c7365

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1646771
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
cf-bgj: minify
last-modified: Sat, 15 Feb 2020 07:00:15 GMT
server: cloudflare
etag: W/"5e4796ff-18d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2678400
cf-ray: 57a99156ca01dfa5-FRA
expires: Tue, 07 Apr 2020 12:22:01 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62a7dffeb8158e97bf356edd0e0ced0c8bcdfce4d88ce22152c54e15f5e7e3b1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cf547ae99e538d5b1dac74dc2cc6f4c49c647c7d6010bbc199728aae3f87571

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af460fd7a4bfd27fd71257a54bf9824854c2920d95ba6a7e26cc20cd957e9ac8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72f2a78ef2d65d609b724dc340c8b850b16597ff4221ea789b5676df57c9d5db

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8daba673562081f9769b0eb2dd1303fa8844bd0b00be2c78714936806101ced

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f17f745142a47fe2595a89aa7b697b19ed9eed691131903faa4ce0ba3d972e5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bd25db4b989822d807ecc61e0d44337c34dedec6b0b61a2d9d9761f746befd2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6f939cea1c46e5479112edb0ff79a651079dcb8d81f28b16e61f22dbce6e26d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5734034b51582f245fc1346bf6e31448b86c3afa9ed6f1b6e2ea47763486d96

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c52fb9f4ecd9a025352647544a01c6f1206073d9dab3d44a753de6b34ea8ca1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6344ebc6b0202216ae61603e2253e0f1098ac93364d1681518a4346a0f589040

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40994c918b77f4a8ce6f0e61789e6275be07955d3fa8cf2ecf2172f8a2e74375

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 479acd9045d8a89cd3fc25f230e7f98da0cfaf0bb8089c26fa73962bf8070a0b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf40ddd9133a7446364eee1122f986469cd73178ce141c9537488b6a68f9f36b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4332baadf258338c077fabb9e6e2339b5c64876c8e7a483bed34840c0687de6d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 395a375f4a2df3ce8c94e35d7c1fa6a49389e67d9d5dbf8a9915d1a5207c71eb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cbd1775fb3d794ab6b75d862edbc0b29f07e5cd24428d526d74c037cbf726a1b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d9efaeeca294a982e4e2af800db5437438858e5484096b0ddfc7160b89f568e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 643 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf9ff78a0cccb900bc93e3111b08be734ec7bdb52e0a2e17a727df34fc5d1f63

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 wlpvgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXeIqqKkkogw.woff2
fonts.gstatic.com/s/barlowsemicondensed/v5/ 14 KB
14 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowsemicondensed/v5/wlpvgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXeIqqKkkogw.woff2

Requested by

Host: paleomg.com
URL: https://paleomg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de9c061c382b3989f2b1f82963fba5e646aba5ea769226ae3fed994d45f9ca0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Barlow+Semi+Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.2.5
Origin: https://paleomg.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 27 Feb 2020 10:31:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 17 Jul 2019 00:01:25 GMT
server: sffe
age: 2517397
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14136
x-xss-protection: 0
expires: Fri, 26 Feb 2021 10:31:36 GMT

GET
H2 200 BrandonGrotesque-Regular.woff2
paleomg.com/wp-content/uploads/2019/10/ 28 KB
28 KB 13ms
12ms Font
font/woff2 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/uploads/2019/10/BrandonGrotesque-Regular.woff2
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 2ba72b39b2f9dc97a987dffe00a3a289f5db89d0bf6630d0fa26f0920fbd811a

Request headers

Referer: https://paleomg.com/wp-content/cache/min/1/dd85889b42e3986db10aa0024b03ebf6.css
Origin: https://paleomg.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
cf-cache-status: HIT
age: 1595338
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
content-length: 28264
last-modified: Sat, 01 Feb 2020 03:36:50 GMT
server: cloudflare
etag: "5e34f252-6e68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 57a991571ac9dfa5-FRA
expires: Wed, 08 Apr 2020 02:39:15 GMT

GET
H2 200 fa-brands-400.woff2
paleomg.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 73 KB
73 KB 24ms
23ms Font
font/woff2 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473

Request headers

Referer: https://paleomg.com/wp-content/cache/min/1/dd85889b42e3986db10aa0024b03ebf6.css
Origin: https://paleomg.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
cf-cache-status: HIT
age: 1520798
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
content-length: 74508
last-modified: Sat, 01 Feb 2020 02:57:23 GMT
server: cloudflare
etag: "5e34e913-1230c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 57a991571acadfa5-FRA
expires: Wed, 08 Apr 2020 23:21:35 GMT

GET
H2 200 fa-solid-900.woff2
paleomg.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 74 KB
74 KB 14ms
13ms Font
font/woff2 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Referer: https://paleomg.com/wp-content/cache/min/1/dd85889b42e3986db10aa0024b03ebf6.css
Origin: https://paleomg.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
cf-cache-status: HIT
age: 1595338
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
content-length: 75440
last-modified: Sat, 01 Feb 2020 02:57:23 GMT
server: cloudflare
etag: "5e34e913-126b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 57a991571acbdfa5-FRA
expires: Wed, 08 Apr 2020 02:39:15 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-27299094-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 4178
date: Fri, 27 Mar 2020 12:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Fri, 27 Mar 2020 14:38:35 GMT

GET
H2 200 style.min-2.1.1.js Show response
paleomg.com/wp-content/cache/busting/1/wp-content/themes/astra/assets/js/minified/ 10 KB
3 KB 18ms
15ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-content/themes/astra/assets/js/minified/style.min-2.1.1.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 7d9ff94a107be6d6187c01f4d5756e582a8eed27f324788cd77f6969a6a45953

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1984849
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
cf-bgj: minify
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-2848"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
cf-ray: 57a991578c17dfa5-FRA
expires: Fri, 03 Apr 2020 14:27:24 GMT

GET
H2 200 imagesloaded.min-3.2.0.js Show response
paleomg.com/wp-content/cache/busting/1/wp-includes/js/ 8 KB
2 KB 39ms
36ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-includes/js/imagesloaded.min-3.2.0.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 90fd527000fb01744f8fb320cf786d3ab2e37d2153b994160a0888dde3479d04

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1957963
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-1fb1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Fri, 03 Apr 2020 21:55:30 GMT
cache-control: max-age=2678400
cf-polished: origSize=8113
cf-ray: 57a991578c19dfa5-FRA
cf-bgj: minify

GET
H2 200 masonry.min-3.3.2.js Show response
paleomg.com/wp-content/cache/busting/1/wp-includes/js/ 28 KB
8 KB 18ms
14ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-includes/js/masonry.min-3.3.2.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: f7d8e2c1b5119acda80f2535fafe66cd32864be9372fbf0d0d3ec8aeefa39ae7

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1984849
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-7119"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Fri, 03 Apr 2020 14:27:24 GMT
cache-control: max-age=2678400
cf-polished: origSize=28953
cf-ray: 57a991578c20dfa5-FRA
cf-bgj: minify

GET
H2 200 jquery.masonry.min-3.1.2b.js Show response
paleomg.com/wp-content/cache/busting/1/wp-includes/js/jquery/ 2 KB
808 B 17ms
12ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-includes/js/jquery/jquery.masonry.min-3.1.2b.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 57107d803f4727297e60dcc98f85716a0fc1002f5643b8418282007d0105b7ce

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1984849
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-71b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Fri, 03 Apr 2020 14:27:24 GMT
cache-control: max-age=2678400
cf-polished: origSize=1819
cf-ray: 57a991578c24dfa5-FRA
cf-bgj: minify

GET
H2 200 jquery.blockUI.min-2.70.js Show response
paleomg.com/wp-content/cache/busting/1/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ 9 KB
3 KB 19ms
14ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min-2.70.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 1b8c7dc99c30fe81b0377419931f00e563727ee2993c633c0142e6ffa1f84524

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1984849
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-255e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Fri, 03 Apr 2020 14:27:24 GMT
cache-control: max-age=2678400
cf-polished: origSize=9566
cf-ray: 57a991578c28dfa5-FRA
cf-bgj: minify

GET
H2 200 add-to-cart.min-3.9.1.js Show response
paleomg.com/wp-content/cache/busting/1/wp-content/plugins/woocommerce/assets/js/frontend/ 3 KB
981 B 17ms
11ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min-3.9.1.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 7b082daadd28b14604f37e9476dab0a901dbc19f82808056e27be8ca2af1fd98

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1984849
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
cf-bgj: minify
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-abe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
cf-ray: 57a991578c31dfa5-FRA
expires: Fri, 03 Apr 2020 14:27:24 GMT

GET
H2 200 js.cookie.min-2.1.4.js Show response
paleomg.com/wp-content/cache/busting/1/wp-content/plugins/woocommerce/assets/js/js-cookie/ 2 KB
1011 B 19ms
13ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min-2.1.4.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 9e485537874a69803cbf4152bcc65862807a717cbc0744180015b2c8d24ce983

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1646771
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-736"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Tue, 07 Apr 2020 12:22:02 GMT
cache-control: max-age=2678400
cf-polished: origSize=1846
cf-ray: 57a991578c32dfa5-FRA
cf-bgj: minify

GET
H2 200 woocommerce.min-3.9.1.js Show response
paleomg.com/wp-content/cache/busting/1/wp-content/plugins/woocommerce/assets/js/frontend/ 2 KB
731 B 17ms
12ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min-3.9.1.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 51792d876ad46401a206cb2ff927b6906e60ffec5e03676d6f4f4d92a33c3490

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1646771
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
cf-bgj: minify
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-7c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
cf-ray: 57a991578c33dfa5-FRA
expires: Tue, 07 Apr 2020 12:22:02 GMT

GET
H2 200 cart-fragments.min-3.9.1.js Show response
paleomg.com/wp-content/cache/busting/1/wp-content/plugins/woocommerce/assets/js/frontend/ 3 KB
1013 B 21ms
16ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min-3.9.1.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: bed0bd033705c33f1742d8fab2bfed8e945567319fd00e529838392eca49eac0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1646771
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
cf-bgj: minify
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-b7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
cf-ray: 57a991578c36dfa5-FRA
expires: Tue, 07 Apr 2020 12:22:02 GMT

GET
H2 200 astra-addon-5e56bb8d017529-07005779-2.2.5.js Show response
paleomg.com/wp-content/cache/busting/1/wp-content/uploads/astra-addon/ 2 KB
904 B 20ms
15ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-content/uploads/astra-addon/astra-addon-5e56bb8d017529-07005779-2.2.5.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: a0d544de4c91c30690c6274fbe310631a1b98906f5aceab84d4f71ebec3de9ba

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 2553762
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
cf-bgj: minify
last-modified: Wed, 26 Feb 2020 18:40:15 GMT
server: cloudflare
etag: W/"5e56bb8f-98d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
cf-ray: 57a991578c37dfa5-FRA
expires: Sat, 28 Mar 2020 00:25:31 GMT

GET
H2 200 script.min-6.62.js Show response
paleomg.com/wp-content/cache/busting/1/wp-content/plugins/layered-popups/js/ 49 KB
9 KB 19ms
15ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-content/plugins/layered-popups/js/script.min-6.62.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: d99cd5cb1caa432a75fd11005c52773334caa776cd03a727fd5178b6fb48d797

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1646771
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
cf-bgj: minify
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-c397"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
cf-ray: 57a991578c3bdfa5-FRA
expires: Tue, 07 Apr 2020 12:22:02 GMT

GET
H2 200 wp-embed.min.js Show response
paleomg.com/wp-includes/js/ 1 KB
735 B 17ms
12ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-includes/js/wp-embed.min.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1984849
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Mon, 14 Oct 2019 15:26:25 GMT
server: cloudflare
etag: W/"5da493a1-57b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
cf-ray: 57a991578c40dfa5-FRA
expires: Fri, 03 Apr 2020 14:27:24 GMT

GET
H2 200 jquery.smartmenus.min-1.0.1.js Show response
paleomg.com/wp-content/cache/busting/1/wp-content/plugins/elementor-pro/assets/lib/smartmenus/ 25 KB
7 KB 23ms
17ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min-1.0.1.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 9334cdaf070f9ee65784c5448038092e73648a63bbcca70cc837df2534acdde4

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1984849
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-6272"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Fri, 03 Apr 2020 14:27:24 GMT
cache-control: max-age=2678400
cf-polished: origSize=25202
cf-ray: 57a991578c42dfa5-FRA
cf-bgj: minify

GET
H2 200 qligg.min-2.6.6.js Show response
paleomg.com/wp-content/cache/busting/1/wp-content/plugins/insta-gallery/assets/js/ 5 KB
2 KB 22ms
17ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-content/plugins/insta-gallery/assets/js/qligg.min-2.6.6.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: aeff035a5784ff0b87c5e989843e4b766e044f92ae07fe7fff32430a5d65dbf4

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1980583
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-12d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Fri, 03 Apr 2020 15:38:30 GMT
cache-control: max-age=2678400
cf-polished: origSize=4819
cf-ray: 57a991578c44dfa5-FRA
cf-bgj: minify

GET
H2 200 jquery.magnific-popup.min-2.6.6.js Show response
paleomg.com/wp-content/cache/busting/1/wp-content/plugins/insta-gallery/assets/magnific-popup/ 20 KB
7 KB 23ms
18ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-content/plugins/insta-gallery/assets/magnific-popup/jquery.magnific-popup.min-2.6.6.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 40888936f3dc9567204785d9d55fdaf5506d753e25ed5e45f7bd199501a0b1db

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1980583
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-4efb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Fri, 03 Apr 2020 15:38:30 GMT
cache-control: max-age=2678400
cf-polished: origSize=20219
cf-ray: 57a991578c45dfa5-FRA
cf-bgj: minify

GET
H2 200 frontend-modules.min-2.8.5.js Show response
paleomg.com/wp-content/cache/busting/1/wp-content/plugins/elementor/assets/js/ 58 KB
16 KB 36ms
31ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-content/plugins/elementor/assets/js/frontend-modules.min-2.8.5.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 6c2db6a6716af33e4c21c41360b1a3833e05a34156012c405177e1b6915fb838

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1984849
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-e8e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Fri, 03 Apr 2020 14:27:24 GMT
cache-control: max-age=2678400
cf-polished: origSize=59625
cf-ray: 57a991578c4adfa5-FRA
cf-bgj: minify

GET
H2 200 jquery.sticky.min-2.8.3.js Show response
paleomg.com/wp-content/cache/busting/1/wp-content/plugins/elementor-pro/assets/lib/sticky/ 6 KB
2 KB 23ms
19ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min-2.8.3.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: a48dea362116d7516a2cf97066a32758d353760ee02dbf900ddff86b02a16473

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1646771
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
cf-bgj: minify
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-19c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
cf-ray: 57a991578c4ddfa5-FRA
expires: Tue, 07 Apr 2020 12:22:02 GMT

GET
H2 200 frontend.min-2.8.3.js Show response
paleomg.com/wp-content/cache/busting/1/wp-content/plugins/elementor-pro/assets/js/ 121 KB
21 KB 33ms
29ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-content/plugins/elementor-pro/assets/js/frontend.min-2.8.3.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 697d1a7cef4a81a35b632004bc762e42389fafaaad5e5fddb5a2ff487bfd8015

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1646771
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-1e30f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Tue, 07 Apr 2020 12:22:02 GMT
cache-control: max-age=2678400
cf-polished: origSize=123663
cf-ray: 57a991578c4edfa5-FRA
cf-bgj: minify

GET
H2 200 position.min-1.11.4.js Show response
paleomg.com/wp-content/cache/busting/1/wp-includes/js/jquery/ui/ 6 KB
2 KB 21ms
17ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-includes/js/jquery/ui/position.min-1.11.4.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: ea8fe3a6fe54d0d4749ece5329abf3ff07b19cb603425cf6c5c8febe9ae138ad

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1984849
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-197f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Fri, 03 Apr 2020 14:27:24 GMT
cache-control: max-age=2678400
cf-polished: origSize=6527
cf-ray: 57a991578c51dfa5-FRA
cf-bgj: minify

GET
H2 200 dialog.min-4.7.3.js Show response
paleomg.com/wp-content/cache/busting/1/wp-content/plugins/elementor/assets/lib/dialog/ 10 KB
3 KB 34ms
30ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-content/plugins/elementor/assets/lib/dialog/dialog.min-4.7.3.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 80634677692d91186de362515b606efdefc6d36c755c1d350b974d5b8656cbc9

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1646771
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-29b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Tue, 07 Apr 2020 12:22:02 GMT
cache-control: max-age=2678400
cf-polished: origSize=10681
cf-ray: 57a991578c53dfa5-FRA
cf-bgj: minify

GET
H2 200 waypoints.min-4.0.2.js Show response
paleomg.com/wp-content/cache/busting/1/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 19ms
15ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min-4.0.2.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1984849
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
cf-bgj: minify
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-2fa6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
cf-ray: 57a991578c55dfa5-FRA
expires: Fri, 03 Apr 2020 14:27:24 GMT

GET
H2 200 swiper.min-4.4.6.js Show response
paleomg.com/wp-content/cache/busting/1/wp-content/plugins/elementor/assets/lib/swiper/ 122 KB
30 KB 26ms
22ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-content/plugins/elementor/assets/lib/swiper/swiper.min-4.4.6.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: ec538ac959780a016c9ad8bb8160e9b31bbe2570a73a206ba4bbaa2ad5318208

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1698351
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-1ea8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Mon, 06 Apr 2020 22:02:22 GMT
cache-control: max-age=2678400
cf-polished: origSize=125578
cf-ray: 57a991578c57dfa5-FRA
cf-bgj: minify

GET
H2 200 frontend.min-2.8.5.js Show response
paleomg.com/wp-content/cache/busting/1/wp-content/plugins/elementor/assets/js/ 92 KB
23 KB 32ms
28ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-content/plugins/elementor/assets/js/frontend.min-2.8.5.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: ac74553ab1e339940dc7b1813856122a764d8372275d91c23b21f80cee385023

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1646771
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: W/"5e478ada-1712c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Tue, 07 Apr 2020 12:22:02 GMT
cache-control: max-age=2678400
cf-polished: origSize=94508
cf-ray: 57a991578c5cdfa5-FRA
cf-bgj: minify

GET
H2 200 ads-6.62.js Show response
paleomg.com/wp-content/cache/busting/1/wp-content/plugins/layered-popups/js/ 19 B
142 B 34ms
30ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/cache/busting/1/wp-content/plugins/layered-popups/js/ads-6.62.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 8ca577e4b37f7a7d1197c5559b94958d3add0e32c2398a3ba380ae90d7c8060b

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
cf-cache-status: HIT
age: 1976878
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
content-length: 19
last-modified: Sat, 15 Feb 2020 06:08:26 GMT
server: cloudflare
etag: "5e478ada-16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Fri, 03 Apr 2020 16:40:15 GMT
cache-control: max-age=2678400
cf-polished: origSize=22
accept-ranges: bytes
cf-ray: 57a991578c60dfa5-FRA
cf-bgj: minify

GET
H2 200 lazyload.min.js Show response
paleomg.com/wp-content/plugins/wp-rocket/assets/js/lazyload/12.0/ 5 KB
2 KB 22ms
18ms Script
application/javascript 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/wp-content/plugins/wp-rocket/assets/js/lazyload/12.0/lazyload.min.js
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 1984849
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
last-modified: Fri, 31 Jan 2020 12:57:38 GMT
server: cloudflare
etag: W/"5e342442-15d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2678400
cf-ray: 57a991578c65dfa5-FRA
expires: Fri, 03 Apr 2020 14:27:24 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95f9141ed1e643ae87e9d43ad7d48ae83d0888a44555b9f49e2852a26249051e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 admin-ajax.php Show response
paleomg.com/wp-admin/ 3 KB
1 KB 435ms
434ms XHR
application/json 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paleomg.com/wp-admin/admin-ajax.php

Requested by

Host: paleomg.com
URL: https://paleomg.com/wp-content/cache/busting/1/wp-includes/js/jquery/jquery-1.12.4-wp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

16571bdbaa62bc0addca648c4cd1820bdbf4825184aadb1fea3bc3d5f845e7e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://paleomg.com/
Origin: https://paleomg.com
X-Requested-With: XMLHttpRequest
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
referrer-policy: strict-origin-when-cross-origin
x-robots-tag: noindex
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://paleomg.com
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 57a991581df6dfa5-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 admin-ajax.php Show response
paleomg.com/wp-admin/ 406 B
241 B 423ms
423ms XHR
text/html 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paleomg.com/wp-admin/admin-ajax.php

Requested by

Host: paleomg.com
URL: https://paleomg.com/wp-content/cache/busting/1/wp-includes/js/jquery/jquery-1.12.4-wp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

9647cff1fdeb978db6ef2b03a8f39e45f12b7fe689ab6c5a57a1bfd4e7058dbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://paleomg.com/
Origin: https://paleomg.com
X-Requested-With: XMLHttpRequest
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
referrer-policy: strict-origin-when-cross-origin
x-robots-tag: noindex
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://paleomg.com
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 57a991584e81dfa5-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 / Show response
paleomg.com/ 405 B
180 B 394ms
394ms XHR
text/html 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/?safe_mode&refresh_stars=0.521212144700512
Requested by: Host: paleomg.com
URL: https://paleomg.com/wp-content/cache/busting/1/wp-includes/js/jquery/jquery-1.12.4-wp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 643917ace551a5027e7bc9ac9c35fe1bee2c47da3fc6c86d87e15b5cdb118ec7

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://paleomg.com/
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: centminmod
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 200
x-rocket-nginx-serving-static: No
cf-ray: 57a991584e8adfa5-FRA

POST
H2 200 / Show response
paleomg.com/ 547 B
319 B 371ms
371ms XHR
application/json 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleomg.com/?wc-ajax=get_refreshed_fragments
Requested by: Host: paleomg.com
URL: https://paleomg.com/wp-content/cache/busting/1/wp-includes/js/jquery/jquery-1.12.4-wp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: b7ab658563182cbd6b2f0cd7707bac1b9b449520154fed95f0d6928446122868

Request headers

Accept: */*
Referer: https://paleomg.com/
Origin: https://paleomg.com
X-Requested-With: XMLHttpRequest
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: centminmod
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
status: 200
x-rocket-nginx-serving-static: No
cf-ray: 57a991585ec5dfa5-FRA

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=566660820&t=pageview&_s=1&dl=https%3A%2F%2Fpaleomg.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20PaleOMG&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-27299094-1&cid=1716197016.1585316894&jid=682239826&_gid=778438698.1585316894&gjid=1290880395&_v=j81&z=53290933

35 B
102 B

16ms
16ms

Image
image/gif

2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-27299094-1&cid=1716197016.1585316894&jid=682239826&_gid=778438698.1585316894&gjid=1290880395&_v=j81&z=53290933

Requested by

Host: paleomg.com
URL: https://paleomg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Fri, 27 Mar 2020 13:48:13 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 27 Mar 2020 13:48:13 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-27299094-1&cid=1716197016.1585316894&jid=682239826&_gid=778438698.1585316894&gjid=1290880395&_v=j81&z=53290933
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 416
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo.png
paleomg.com/wp-content/uploads/2019/10/ 7 KB
7 KB 16ms
15ms Image
image/png 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paleomg.com/wp-content/uploads/2019/10/logo.png
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 063494efe5db9677b188f187dea896a0a2d30f25cc3cdca94d8c57a165335d87

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
cf-cache-status: HIT
age: 1646770
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
content-length: 7317
last-modified: Sat, 01 Feb 2020 03:38:25 GMT
server: cloudflare
etag: "5e34f2b1-1c95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 57a991588f42dfa5-FRA
expires: Tue, 07 Apr 2020 12:22:03 GMT

GET
H2 200 1-750x1080.jpg
paleomg.com/wp-content/uploads/2020/02/ 50 KB
51 KB 16ms
15ms Image
image/jpeg 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paleomg.com/wp-content/uploads/2020/02/1-750x1080.jpg
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 69b1903d3ca709c14811fede9f4f74441ea462b162df65d1cbf2ee5ba387a507

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
cf-cache-status: HIT
age: 842346
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
content-length: 51640
last-modified: Mon, 03 Feb 2020 12:08:48 GMT
server: cloudflare
etag: "5e380d50-c9b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 57a991588f44dfa5-FRA
expires: Thu, 16 Apr 2020 19:49:07 GMT

GET
H2 200 EN0A0320-750x1100.jpg
paleomg.com/wp-content/uploads/2020/02/ 139 KB
139 KB 14ms
13ms Image
image/jpeg 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paleomg.com/wp-content/uploads/2020/02/EN0A0320-750x1100.jpg
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 4ccca45202b4e73ed11d9ffe0cfff5ff8ca69ce4d0eef703edc3795d1f4536d8

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
cf-cache-status: HIT
age: 800797
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
content-length: 142251
last-modified: Wed, 12 Feb 2020 20:10:04 GMT
server: cloudflare
etag: "5e445b9c-22bab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 57a991588f45dfa5-FRA
expires: Fri, 17 Apr 2020 07:21:36 GMT

GET
H2 200 EN0A0371-750x1100.jpg
paleomg.com/wp-content/uploads/2020/02/ 236 KB
237 KB 18ms
17ms Image
image/jpeg 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paleomg.com/wp-content/uploads/2020/02/EN0A0371-750x1100.jpg
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: bbded05e2a8beb545e8af4da910434bd3731a74c19b6658cb40d4941fc3ee93b

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
cf-cache-status: HIT
age: 817077
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
content-length: 241871
last-modified: Tue, 11 Feb 2020 23:33:30 GMT
server: cloudflare
etag: "5e4339ca-3b0cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 57a991588f46dfa5-FRA
expires: Fri, 17 Apr 2020 02:50:16 GMT

GET
H2 200 EN0A1773-2.jpg
paleomg.com/wp-content/uploads/2020/03/ 710 KB
711 KB 538ms
537ms Image
image/jpeg 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paleomg.com/wp-content/uploads/2020/03/EN0A1773-2.jpg
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 6b89c2c48e6942196637b3aa07419641bfa646dcf961af92d73d3f28e25fa2f7

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 13:48:14 GMT
cf-cache-status: MISS
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
content-length: 727398
last-modified: Fri, 27 Mar 2020 13:19:01 GMT
server: cloudflare
etag: "5e7dfd45-b1966"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 57a991588f4cdfa5-FRA
expires: Sun, 26 Apr 2020 13:48:13 GMT

GET
H2 200 fd-photo-min.png
paleomg.com/wp-content/uploads/2019/10/ 107 KB
107 KB 23ms
23ms Image
image/png 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paleomg.com/wp-content/uploads/2019/10/fd-photo-min.png
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 910669ba88e39635abec79818e58c9b519c06730c336ff5befe1b38d12b7ee99

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
cf-cache-status: HIT
age: 2186046
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
content-length: 109531
last-modified: Sat, 01 Feb 2020 03:37:19 GMT
server: cloudflare
etag: "5e34f26f-1abdb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 57a991588f4ddfa5-FRA
expires: Wed, 01 Apr 2020 06:34:07 GMT

GET
H2 200 lo-sidebar.png
paleomg.com/wp-content/uploads/2019/10/ 2 KB
2 KB 25ms
24ms Image
image/png 2606:4700:3036::681f:5b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paleomg.com/wp-content/uploads/2019/10/lo-sidebar.png
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5b56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 22e2d9b657abd4fb21794436118da9a1e7c2ba252ce865ff12f509fc2bc68c3b

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
cf-cache-status: HIT
age: 2186046
x-powered-by: centminmod
status: 200
x-rocket-nginx-serving-static: No
content-length: 2352
last-modified: Sat, 01 Feb 2020 03:33:45 GMT
server: cloudflare
etag: "5e34f199-930"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 57a991588f4fdfa5-FRA
expires: Wed, 01 Apr 2020 06:34:07 GMT

GET
H2 200 adthrive.min.js Show response
ads.adthrive.com/core/v1/js/ 237 KB
63 KB 21ms
21ms Script
application/javascript 99.84.155.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/core/v1/js/adthrive.min.js?threshold=54
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/574f4c769b47b9d4315a5d6d/ads.min.js?threshold=54
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-129.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c97bbcb44a6699c57fa8899e82852518358654e7ae21191c00b1c1753e6eb717

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:43:19 GMT
content-encoding: gzip
last-modified: Mon, 23 Mar 2020 17:53:05 GMT
server: AmazonS3
age: 295
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 6RjLTnO6PiuqbrGKJloEpWVYeSN5LLnQ
status: 200
cache-control: max-age=3600
x-amz-cf-pop: TXL52-C1
content-type: application/javascript
x-amz-cf-id: 1ZWewbAoxkfFxJlQdL1T6Q2kJ9zB9HYV_mIVxhvlnVJkBS9dRttq-w==
via: 1.1 2d69f677a4a0e3e7eefdf9d24bd43661.cloudfront.net (CloudFront)

GET
H2 200 cmp.bundle.js Show response
ads.adthrive.com/gdpr/cmp/ 139 KB
37 KB 17ms
17ms Script
application/javascript 99.84.155.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/gdpr/cmp/cmp.bundle.js
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/v1/js/adthrive.min.js?threshold=54
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-129.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3fcceed08354a98ddc23dedf5238e9abe6198a44b57344285e5587fbe55632e9

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: 7q7nxrHKNgUxAxnP6HyPuZ.8MdjD2MZ.
content-encoding: gzip
last-modified: Wed, 23 Oct 2019 16:18:21 GMT
server: AmazonS3
age: 3228
date: Fri, 27 Mar 2020 12:54:26 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: 12_QSzbj9kjuybjJNXkLrTo3FeduwNsaIJoo-_gOIs6wkhpo9duD1w==
via: 1.1 2d69f677a4a0e3e7eefdf9d24bd43661.cloudfront.net (CloudFront)

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 43 KB
14 KB 15ms
15ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/v1/js/adthrive.min.js?threshold=54

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

989e0f1e493bc96574d606d07c5ea20db5536e20a091f0237f7e4d8a71915f1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "468 / 636 of 1000 / last-modified: 1585081375"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14458
x-xss-protection: 0
expires: Fri, 27 Mar 2020 13:48:13 GMT

GET
H2 200 prebid.min.js Show response
ads.adthrive.com/core/gdpr/vendor/prebid/ 275 KB
89 KB 20ms
19ms Script
application/javascript 99.84.155.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/v1/js/adthrive.min.js?threshold=54
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-129.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: adacda3005479f23f4daad15d5b245c163e3b97144724a1d44f621a3a56290ac

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:43:17 GMT
content-encoding: gzip
last-modified: Mon, 23 Mar 2020 17:53:05 GMT
server: AmazonS3
age: 297
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: NQOfNRUbINMo3Etpo6AQ3Wut7GXxTWee
status: 200
cache-control: max-age=3600
x-amz-cf-pop: TXL52-C1
content-type: application/javascript
x-amz-cf-id: -L33cGlhGMrqv0dMGZzcgSfi9DwJrXGSgfxl7JhGPg8cgZAhhnDYxQ==
via: 1.1 2d69f677a4a0e3e7eefdf9d24bd43661.cloudfront.net (CloudFront)

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 19ms
17ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=paleomg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 18ms
17ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=paleomg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020030501.js Show response
securepubads.g.doubleclick.net/gpt/ 165 KB
60 KB 18ms
18ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js?21065761

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

8ee04e0441c9e51785d17ac835a93cf4d30d90826f87350b42ba233496a26f55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Mar 2020 14:08:10 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 61481
x-xss-protection: 0
expires: Fri, 27 Mar 2020 13:48:13 GMT

GET
H2 200 91211294_553108605310626_7574929171882699541_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/p640x640/ 169 KB
170 KB 22ms
7ms Image
image/jpeg 2a03:2880:f22d:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/p640x640/91211294_553108605310626_7574929171882699541_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=1fcfQbzlr10AX8lz5gq&oh=bcda4349341193560f940b27108c62ef&oe=5EA7A12C
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f22d:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 5b1f7559ce195f182e7a58b2bd8ba3f72e98195509a46ef281848c4fee1aeec6

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 762084283
date: Fri, 27 Mar 2020 13:48:13 GMT, Fri, 27 Mar 2020 13:48:13 GMT
x-fb-trip-id: 780166575
last-modified: Fri, 27 Mar 2020 03:39:56 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 749533724
x-fb-config-version-olb-prod: 785
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=3600
content-length: 173235

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b4df79ccc28be4a4460f8a33f0893464e6931b63331eaf0cfe5e94ea01514fa

Request headers

Origin: https://paleomg.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: font/opentype;charset=utf-8

GET
H2 200 vendorlist.json Show response
ads.adthrive.com/gdpr/ 94 KB
18 KB 664ms
619ms Fetch
application/json 99.84.155.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/gdpr/vendorlist.json
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/gdpr/cmp/cmp.bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-129.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: affa28efb0c6bb6f9bb296d2e171e38589f3534b5d39081577bbc0eb2cd7a0cc

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Mar 2020 13:48:15 GMT
content-encoding: gzip
last-modified: Thu, 12 Mar 2020 14:16:46 GMT
server: AmazonS3
x-amz-cf-pop: TXL52-C1
status: 200
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
x-amz-version-id: qaJ5ilgwmd7yK3ISitD7Aybi3UcVc6cx
access-control-allow-origin: *
access-control-max-age: 3000
x-cache: Miss from cloudfront
content-type: application/json
x-amz-cf-id: NsqQHlL_lVYx1FEygA63ETilsAcJ34FGdp0aStFV6jDBTSaByoIfMw==
via: 1.1 8a8ce1b655547c1da36b64e17700f010.cloudfront.net (CloudFront)

GET
H2 200 event Show response
logger.adthrive.com/ 19 B
465 B 451ms
405ms XHR
application/json 99.84.155.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.adthrive.com/event?siteId=574f4c769b47b9d4315a5d6d&siteName=PaleOMG&bucket=gdpr&branch=master%20c2df853&threshold=54&message=AdThrive%3A%3Ainit%20started&body=%5B%5D
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/v1/js/adthrive.min.js?threshold=54
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.65 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-65.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e063443c9fc17b47a6c56347534058fd75e60bf5b6ff58cbfdc72472ecd93ab

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Mar 2020 13:48:15 GMT
via: 1.1 468db87750f18f9c88fefdcaa2347b8a.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: TXL52-C1
x-cache: Miss from cloudfront
status: 200
content-length: 19
last-modified: Tue, 28 Feb 2017 17:20:56 GMT
server: AmazonS3
etag: "30bfc97c194c30846355ddd7f4e77a41"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: dUAVPtkmgt6dhADLVmE6hb4eiKZR6OaJ0BmIqnVPDAIUg1yNv4RHzg==

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 23ms
23ms Script
application/x-javascript 2.16.105.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/v1/js/adthrive.min.js?threshold=54
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.105.54 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-105-54.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 27 Mar 2020 13:48:14 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Sat, 28 Mar 2020 13:48:14 GMT

GET
H/1.1 200
OK wrap.js Show response
clarium.global.ssl.fastly.net/gpt/a/ 83 KB
28 KB 26ms
7ms Script
text/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/v1/js/adthrive.min.js?threshold=54
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 295b0b0e59d38337be9e51cf57843cd8a4d1194f900413eba413a724135f6581

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 27 Mar 2020 13:48:14 GMT
Via: 1.1 varnish
Server: nginx
Age: 294
X-Timer: S1585316894.107719,VS0,VE0
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript;charset=UTF-8
Cache-Control: private, max-age=900, stale-while-revalidate=3600
X-Cache-Hits: 184
Connection: keep-alive
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 28190
X-Served-By: cache-fra19160-FRA

GET
H2 200 error Show response
logger.adthrive.com/ 19 B
465 B 462ms
426ms XHR
application/json 99.84.155.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.adthrive.com/error?siteId=574f4c769b47b9d4315a5d6d&siteName=PaleOMG&bucket=gdpr&branch=master%20c2df853&threshold=54&message=VideoUtils%3A%3AgetPlacementElement&body=%5B%7B%22name%22%3A%22Error%22%2C%22message%22%3A%22PSNF%3A%20body.single%20does%20not%20exist%20on%20the%20page%22%2C%22stack%22%3A%22Error%3A%20PSNF%3A%20body.single%20does%20not%20exist%20on%20the%20page%5Cn%20%20%20%20at%20Function.e.getPlacementElement%20(https%3A%2F%2Fads.adthrive.com%2Fcore%2Fv1%2Fjs%2Fadthrive.min.js%3Fthreshold%3D54%3A15%3A193382)%5Cn%20%20%20%20at%20r._initializeAutoplayCollapsePlayer%20(https%3A%2F%2Fads.adthrive.com%2Fcore%2Fv1%2Fjs%2Fadthrive.min.js%3Fthreshold%3D54%3A15%3A218742)%5Cn%20%20%20%20at%20r._initializePlayers%20(https%3A%2F%2Fads.adthrive.com%2Fcore%2Fv1%2Fjs%2Fadthrive.min.js%3Fthreshold%3D54%3A15%3A214384)%5Cn%20%20%20%20at%20r.init%20(https%3A%2F%2Fads.adthrive.com%2Fcore%2Fv1%2Fjs%2Fadthrive.min.js%3Fthreshold%3D54%3A15%3A214055)%5Cn%20%20%20%20at%20r.init%20(https%3A%2F%2Fads.adthrive.com%2Fcore%2Fv1%2Fjs%2Fadthrive.min.js%3Fthreshold%3D54%3A15%3A62164)%5Cn%20%20%20%20at%20https%3A%2F%2Fads.adthrive.com%2Fcore%2Fv1%2Fjs%2Fadthrive.min.js%3Fthreshold%3D54%3A15%3A235053%5Cn%20%20%20%20at%20Array.forEach%20(%3Canonymous%3E)%5Cn%20%20%20%20at%20e.init%20(https%3A%2F%2Fads.adthrive.com%2Fcore%2Fv1%2Fjs%2Fadthrive.min.js%3Fthreshold%3D54%3A15%3A234995)%5Cn%20%20%20%20at%20e.init%20(https%3A%2F%2Fads.adthrive.com%2Fcore%2Fv1%2Fjs%2Fadthrive.min.js%3Fthreshold%3D54%3A15%3A62164)%5Cn%20%20%20%20at%20e.%3Canonymous%3E%20(https%3A%2F%2Fads.adthrive.com%2Fcore%2Fv1%2Fjs%2Fadthrive.min.js%3Fthreshold%3D54%3A15%3A239375)%22%7D%5D
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/v1/js/adthrive.min.js?threshold=54
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.65 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-65.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e063443c9fc17b47a6c56347534058fd75e60bf5b6ff58cbfdc72472ecd93ab

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Mar 2020 13:48:15 GMT
via: 1.1 468db87750f18f9c88fefdcaa2347b8a.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: TXL52-C1
x-cache: Miss from cloudfront
status: 200
content-length: 19
last-modified: Tue, 28 Feb 2017 17:19:12 GMT
server: AmazonS3
etag: "30bfc97c194c30846355ddd7f4e77a41"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: NSUWNbsWPiA5F-QmtmgW6Hy5ga2EKpsOP7LGv3sEpxBseU5OVZK2Jg==

GET
H2 200 ads.min.css
ads.adthrive.com/sites/574f4c769b47b9d4315a5d6d/ 1 KB
781 B 716ms
716ms Stylesheet
text/css 99.84.155.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/sites/574f4c769b47b9d4315a5d6d/ads.min.css
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/v1/js/adthrive.min.js?threshold=54
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-129.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ccc670224e424e862792b15086aad72692b18691db1ee7aad673311fa2bac51f

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 27 Mar 2020 13:48:15 GMT
content-encoding: gzip
last-modified: Wed, 25 Mar 2020 14:06:07 GMT
server: AmazonS3
x-amz-cf-pop: TXL52-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: 5zFcBPjqGBgS.C3IReIp5bDfn3JunVJS
status: 200
cache-control: max-age=3600
content-type: text/css
x-amz-cf-id: PU9ahxyyi5ggA2Y_1bsBfCUJTibG_MZoZ4DjafiotFb6A0S7dRtdDw==
via: 1.1 2d69f677a4a0e3e7eefdf9d24bd43661.cloudfront.net (CloudFront)

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=20567959&cs_ucfr=0&ns__t=1585316894119&ns_c=UTF-8&cv=3.5&c8=Home%20-%20PaleOMG&c7=https%3A%2F%2Fpaleomg.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&cs_ucfr=0&ns__t=1585316894119&ns_c=UTF-8&cv=3.5&c8=Home%20-%20PaleOMG&c7=https%3A%2F%2Fpaleomg.com%2F&c9=

0
248 B

28ms
28ms

Image
text/plain

2.16.105.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&cs_ucfr=0&ns__t=1585316894119&ns_c=UTF-8&cv=3.5&c8=Home%20-%20PaleOMG&c7=https%3A%2F%2Fpaleomg.com%2F&c9=
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.105.54 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-105-54.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Mar 2020 13:48:14 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&cs_ucfr=0&ns__t=1585316894119&ns_c=UTF-8&cv=3.5&c8=Home%20-%20PaleOMG&c7=https%3A%2F%2Fpaleomg.com%2F&c9=
Pragma: no-cache
Date: Fri, 27 Mar 2020 13:48:14 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK cookie_sync Show response
prebid.adnxs.com/pbs/v1/ 42 B
398 B 44ms
13ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.13.10 /
Resource Hash: 57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 27 Mar 2020 13:48:26 GMT
Server: nginx/1.13.10
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paleomg.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 42
Expires: 0

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 137 B
479 B 157ms
126ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.13.10 /
Resource Hash: 1de7109cf88809d1147254e999d83b9b8d5cb79b487b22eb4aefe3ce25409990

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 27 Mar 2020 13:48:26 GMT
Server: nginx/1.13.10
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://paleomg.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 137
Expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 138ms
107ms XHR
application/json 185.33.223.203
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.203 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

1c99fac19abe5e3063eb5631faa2c084f5dc3f8a788fbd94e3ae1949d7fb04a1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 27 Mar 2020 13:48:26 GMT
X-Proxy-Origin: 83.97.23.30; 83.97.23.30; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.186:80
AN-X-Request-Uuid: c375ba27-f17d-4f56-ad2d-7a6d68c9624a
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://paleomg.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
262 B 68ms
20ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 27 Mar 2020 13:48:24 GMT
server: cloudflare
cf-ray: 57a9919b181d9c03-AMS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 941 B
1010 B 136ms
75ms XHR
application/json 34.247.95.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?t=g95nznmj&pi=2&gdprApplies=0&schain=1.0%2C1!cafemedia.com%2C574f4c769b47b9d4315a5d6d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpaleomg.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fpaleomg.com%2F&ns=9626&
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.95.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-95-233.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e0c963c53840c03fa7dbf0a571050fe0c8f3edb054b29015e72351547fd9dcac

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 13:48:24 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://paleomg.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 66ms
37ms XHR
application/json 185.33.223.203
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.203 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

d1d4ce1f4487d5124a6765ee0894e80b4108c091da1e52696d403b8d6df9d666

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 27 Mar 2020 13:48:26 GMT
X-Proxy-Origin: 83.97.23.30; 83.97.23.30; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.60:80
AN-X-Request-Uuid: b499bad7-c469-42c8-a5a7-d71280193228
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://paleomg.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 265 B
2 KB 100ms
65ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21552&site_id=289144&zone_id=1455410&size_id=2&alt_size_ids=1%2C43%2C44%2C55%2C117%2C221&rp_schain=1.0,1!cafemedia.com,574f4c769b47b9d4315a5d6d,1,,,&rf=https%3A%2F%2Fpaleomg.com%2F&tk_flint=pbjs_lite_v3.6.0&x_source.tid=89c86722-8593-4602-bc4a-d0b2a5c991ff&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5866160342634414
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 8993752f584b211f124e48a8fc555c405d6426527e2e353ee2a61ab7fd0eda8f

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 27 Mar 2020 13:48:24 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://paleomg.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=4
Content-Length: 265
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
985 B 256ms
235ms XHR
application/json 95.101.185.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=185770&v=7.2&r=%7B%22id%22%3A%2217f55f074d678de%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221888b16a9d46688%22%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%2C%22sid%22%3A%2212_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2219a9b9cda8af3d5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%2C%22sid%22%3A%2212_2%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22203963c230d6eb5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%2C%22sid%22%3A%2212_3%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2221ad4daa7b2fdb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%2C%22sid%22%3A%2212_4%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2222eabed2fd21e11%22%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%2C%22sid%22%3A%2212_5%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fpaleomg.com%2F%3F%23PD%3Adesktop%23Topic%3AFood%23Topic%3AClean%20Eating%23Topic%3AHealth%20and%20Fitness%23Topic%3ATravel%23Topic%3Aholent1%23Topic%3Aholmm1%23Topic%3Aholshp1%23Topic%3Athk1%23Topic%3Aholbk1%23Topic%3Abkf1%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%22574f4c769b47b9d4315a5d6d%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.185.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a95-101-185-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 36a7806d00adf644dc0cb904bf662e690bbb8382b7e0b5899737632788342e9b

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 27 Mar 2020 13:48:24 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://paleomg.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Fri, 27 Mar 2020 13:48:24 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
295 B 133ms
109ms XHR
application/json 2.21.37.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.37.179 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-37-179.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 13:48:24 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://paleomg.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Fri, 27 Mar 2020 13:48:24 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 47 B
720 B 115ms
88ms XHR
application/json 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.6.0
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 8ef05446336abbed29bc35633a9b6495290ea63989695928bbb4d746fc07a8d7

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 27 Mar 2020 13:48:24 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://paleomg.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 65

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
473 B 107ms
85ms XHR
application/json 52.58.202.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=3.6.0&referrer=https%3A%2F%2Fpaleomg.com%2F&tmax=2400

Requested by

Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.202.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-202-213.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 13:48:24 GMT
status: 200
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://paleomg.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 270 B
2 KB 185ms
151ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881416&size_id=2&alt_size_ids=1%2C43%2C44%2C55%2C117%2C221&rp_schain=1.0,1!cafemedia.com,574f4c769b47b9d4315a5d6d,1,,,&rf=https%3A%2F%2Fpaleomg.com%2F&tk_flint=pbjs_lite_v3.6.0&x_source.tid=89c86722-8593-4602-bc4a-d0b2a5c991ff&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.20711977995388064
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 0e01ba779095edf8cb6af15bd9da3622145744b4c5a687958082b6844dfc7cfc

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 27 Mar 2020 13:48:24 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://paleomg.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=340
Content-Length: 270
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
141 B 59ms
19ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=26&wv=3.6.0&cb=32969014668
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 27 Mar 2020 13:48:23 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://paleomg.com
timing-allow-origin: *
vary: Origin

GET
H2 200 arj Show response
cafemedia-d.openx.net/w/1.0/ 174 B
567 B 192ms
169ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cafemedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpaleomg.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=89c86722-8593-4602-bc4a-d0b2a5c991ff&nocache=1585316904129&schain=1.0%2C1!cafemedia.com%2C574f4c769b47b9d4315a5d6d%2C1%2C%2C%2C&aus=728x90%2C320x50%2C970x90%2C300x50%2C320x100%2C468x60%2C1x1&divIds=AdThrive_Footer_1_desktop&auid=538699840&tps=c2Vucz0maGlfYXU9&
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.182.1 /
Resource Hash: 291db5576c9ded6d5cf6cd2d8bc35e4b18b02d8715ee6b610167f56006f4bdcd

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 13:48:24 GMT
content-encoding: gzip
server: OXGW/16.182.1
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://paleomg.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 185ms
147ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 27 Mar 2020 13:48:24 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://paleomg.com

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 137 B
479 B 155ms
131ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.13.10 /
Resource Hash: d4bf93c15b79b9222a388d4732df3749c1bd27a53ee059db1db50209771aa777

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 27 Mar 2020 13:48:26 GMT
Server: nginx/1.13.10
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://paleomg.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 137
Expires: 0

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
295 B 66ms
56ms XHR
application/json 2.21.37.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.37.179 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-37-179.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 13:48:24 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://paleomg.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Fri, 27 Mar 2020 13:48:24 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 142 B
1 KB 89ms
59ms XHR
application/json 185.33.223.203
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.203 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

2f408ba9ec65c6c3be1da500fc74c5c9a12d49356ce3fafb682a2300c4b0ed69

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 27 Mar 2020 13:48:26 GMT
X-Proxy-Origin: 83.97.23.30; 83.97.23.30; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.72:80
AN-X-Request-Uuid: de940dbb-d4d4-4c32-bf25-bbbbd4d1b1e0
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://paleomg.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 142
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 25 KB
9 KB 137ms
108ms XHR
application/json 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.6.0
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 947af2cc538c34dc77d0e494a141a7242c09ee5eddbe4a8476d1f644ae1c5930

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 27 Mar 2020 13:48:24 GMT
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap6ams1
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://paleomg.com
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
474 B 91ms
82ms XHR
application/json 52.58.202.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=3.6.0&referrer=https%3A%2F%2Fpaleomg.com%2F&tmax=2400

Requested by

Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.202.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-202-213.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 13:48:24 GMT
status: 200
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://paleomg.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 147ms
119ms XHR
application/json 185.33.223.203
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.203 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

1c96282835320ddbdcc4c6c3cb943e2b7d5a2b6cce61ab2f7068d099a66396ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 27 Mar 2020 13:48:26 GMT
X-Proxy-Origin: 83.97.23.30; 83.97.23.30; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.40:80
AN-X-Request-Uuid: 8dfb5127-20f1-4720-82e6-20d5a43332c6
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://paleomg.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 134ms
106ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 27 Mar 2020 13:48:24 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://paleomg.com

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
985 B 249ms
233ms XHR
application/json 95.101.185.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=185787&v=7.2&r=%7B%22id%22%3A%22607dde70d3e9a74%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2261d511c2b17d882%22%2C%22ext%22%3A%7B%22siteID%22%3A%22185787%22%2C%22sid%22%3A%2227_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2262458cc5da8647d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22185787%22%2C%22sid%22%3A%2227_2%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22632e88bd7c2be49%22%2C%22ext%22%3A%7B%22siteID%22%3A%22185787%22%2C%22sid%22%3A%2227_3%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22641f29c0e85b1b8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22185787%22%2C%22sid%22%3A%2227_4%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2265381672136e2ea%22%2C%22ext%22%3A%7B%22siteID%22%3A%22185787%22%2C%22sid%22%3A%2227_5%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fpaleomg.com%2F%3F%23PD%3Adesktop%23Topic%3AFood%23Topic%3AClean%20Eating%23Topic%3AHealth%20and%20Fitness%23Topic%3ATravel%23Topic%3Aholent1%23Topic%3Aholmm1%23Topic%3Aholshp1%23Topic%3Athk1%23Topic%3Aholbk1%23Topic%3Abkf1%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%22574f4c769b47b9d4315a5d6d%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.185.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a95-101-185-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc8258233bcf96e84b0515a545a05357cc8b13cbd1487339f2c0131632de35b3

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 27 Mar 2020 13:48:24 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://paleomg.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Fri, 27 Mar 2020 13:48:24 GMT

GET
H2 200 arj Show response
cafemedia-d.openx.net/w/1.0/ 174 B
371 B 195ms
184ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cafemedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpaleomg.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=40095795-3c89-4ee4-b1bb-821f3018d074&nocache=1585316904142&schain=1.0%2C1!cafemedia.com%2C574f4c769b47b9d4315a5d6d%2C1%2C%2C%2C&aus=300x250%2C300x600%2C320x50%2C160x600%2C300x1050%2C300x50%2C320x100%2C250x250%2C120x240%2C1x1%2C300x420&divIds=AdThrive_Sidebar_1_desktop&auid=538699853&tps=c2Vucz0maGlfYXU9&
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.182.1 /
Resource Hash: 4411a4384267c53f10bd9a3e3d25457de6f6ad64a7347058e5a3867b4f0f3c96

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 13:48:24 GMT
content-encoding: gzip
server: OXGW/16.182.1
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://paleomg.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
32 B 46ms
20ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 27 Mar 2020 13:48:24 GMT
server: cloudflare
cf-ray: 57a9919b18219c03-AMS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 277 B
2 KB 177ms
136ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881440&size_id=15&alt_size_ids=9%2C10%2C14%2C43%2C44%2C54%2C117%2C221&rp_schain=1.0,1!cafemedia.com,574f4c769b47b9d4315a5d6d,1,,,&rf=https%3A%2F%2Fpaleomg.com%2F&tk_flint=pbjs_lite_v3.6.0&x_source.tid=40095795-3c89-4ee4-b1bb-821f3018d074&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.36024864632742326
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 4a0f2e8706dd009285af735ee68a4e164626f6c11f0b33e21a91c03022afdad1

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 27 Mar 2020 13:48:24 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://paleomg.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=324
Content-Length: 277
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
141 B 44ms
19ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=26&wv=3.6.0&cb=82372674415
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 27 Mar 2020 13:48:23 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://paleomg.com
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 266 B
2 KB 122ms
77ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21552&site_id=289144&zone_id=1455394&size_id=15&alt_size_ids=9%2C10%2C14%2C43%2C44%2C54%2C117%2C221&rp_schain=1.0,1!cafemedia.com,574f4c769b47b9d4315a5d6d,1,,,&rf=https%3A%2F%2Fpaleomg.com%2F&tk_flint=pbjs_lite_v3.6.0&x_source.tid=40095795-3c89-4ee4-b1bb-821f3018d074&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3816362541768843
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: c8ab19a7651ec971b6fbc4c0ad6381086b9709b80c92e26b61af4de5cccda6f0

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 27 Mar 2020 13:48:24 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://paleomg.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=214
Content-Length: 266
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 137 B
479 B 124ms
123ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.13.10 /
Resource Hash: 9954d39643c0297bc304c7ace8dca87364967239844ae944949dab3be1cebd63

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 27 Mar 2020 13:48:26 GMT
Server: nginx/1.13.10
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://paleomg.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 137
Expires: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 266 B
1 KB 58ms
58ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21552&site_id=289144&zone_id=1455392&size_id=15&alt_size_ids=9%2C10%2C14%2C43%2C44%2C54%2C117%2C221&rp_schain=1.0,1!cafemedia.com,574f4c769b47b9d4315a5d6d,1,,,&rf=https%3A%2F%2Fpaleomg.com%2F&tk_flint=pbjs_lite_v3.6.0&x_source.tid=67040648-beb4-4ab0-8947-8a1f45fe77e5&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.46152750806283027
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 9964907f4cd8ef26e3eb28c19186e00875aab9faaad2c6c567aae6045ee2218b

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 27 Mar 2020 13:48:24 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://paleomg.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=302
Content-Length: 266
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
33 B 19ms
19ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 27 Mar 2020 13:48:24 GMT
server: cloudflare
cf-ray: 57a9919b788d9c03-AMS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
141 B 18ms
18ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=26&wv=3.6.0&cb=71308134389
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 27 Mar 2020 13:48:23 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://paleomg.com
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
985 B 211ms
196ms XHR
application/json 95.101.185.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=185788&v=7.2&r=%7B%22id%22%3A%22890c88d3bfa3111%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2290b351caaf53b7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22185788%22%2C%22sid%22%3A%2228_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2291eb1bd8a9853cf%22%2C%22ext%22%3A%7B%22siteID%22%3A%22185788%22%2C%22sid%22%3A%2228_2%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%229201a206b3d0715%22%2C%22ext%22%3A%7B%22siteID%22%3A%22185788%22%2C%22sid%22%3A%2228_3%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%229396139cf9546f7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22185788%22%2C%22sid%22%3A%2228_4%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fpaleomg.com%2F%3F%23PD%3Adesktop%23Topic%3AFood%23Topic%3AClean%20Eating%23Topic%3AHealth%20and%20Fitness%23Topic%3ATravel%23Topic%3Aholent1%23Topic%3Aholmm1%23Topic%3Aholshp1%23Topic%3Athk1%23Topic%3Aholbk1%23Topic%3Abkf1%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%22574f4c769b47b9d4315a5d6d%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.185.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a95-101-185-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d2b06633f9caa52f89fab8a76882b20dd30103013b3160fad821b472791dd49b

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 27 Mar 2020 13:48:24 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://paleomg.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Fri, 27 Mar 2020 13:48:24 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 121ms
121ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 27 Mar 2020 13:48:24 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://paleomg.com

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 277 B
1 KB 164ms
126ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881454&size_id=15&alt_size_ids=9%2C10%2C14%2C43%2C44%2C54%2C117%2C221&rp_schain=1.0,1!cafemedia.com,574f4c769b47b9d4315a5d6d,1,,,&rf=https%3A%2F%2Fpaleomg.com%2F&tk_flint=pbjs_lite_v3.6.0&x_source.tid=67040648-beb4-4ab0-8947-8a1f45fe77e5&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5474058746049189
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 0bd11ec4488f9663bd3a5e8492453901c1b7a332278c85bcfd86228c1658ef33

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 27 Mar 2020 13:48:24 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://paleomg.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=260
Content-Length: 277
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
360 B 69ms
69ms XHR
application/json 2.21.37.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.37.179 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-37-179.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 13:48:24 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://paleomg.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Fri, 27 Mar 2020 13:48:24 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
473 B 96ms
96ms XHR
application/json 52.58.202.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=3.6.0&referrer=https%3A%2F%2Fpaleomg.com%2F&tmax=2400

Requested by

Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.202.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-202-213.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 13:48:24 GMT
status: 200
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://paleomg.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 arj Show response
cafemedia-d.openx.net/w/1.0/ 174 B
367 B 178ms
178ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cafemedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpaleomg.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=67040648-beb4-4ab0-8947-8a1f45fe77e5&nocache=1585316904230&schain=1.0%2C1!cafemedia.com%2C574f4c769b47b9d4315a5d6d%2C1%2C%2C%2C&aus=300x250%2C300x600%2C320x50%2C160x600%2C300x1050%2C300x50%2C320x100%2C250x250%2C120x240%2C1x1%2C300x420&divIds=AdThrive_Sidebar_2_desktop&auid=538699854&tps=c2Vucz0maGlfYXU9&
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.182.1 /
Resource Hash: b917c5ed9deeca6ae9c398ed6b31172666f80ea382d8944f7e227224ce5d9ffb

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 13:48:24 GMT
content-encoding: gzip
server: OXGW/16.182.1
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://paleomg.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 135ms
135ms XHR
application/json 185.33.223.203
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.203 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4a94415d6106b3d286738503ec065af4d8259e7ac3c0372340532f9cd4a4272f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 27 Mar 2020 13:48:26 GMT
X-Proxy-Origin: 83.97.23.30; 83.97.23.30; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.80:80
AN-X-Request-Uuid: 1e6c30ca-a173-44d1-aab1-7b0762960f34
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://paleomg.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 48 B
721 B 113ms
103ms XHR
application/json 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.6.0
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 1758ec0e1eee8a45ff1098f973edfbc77270e3e51df6d60da27c6643f8f49ea9

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 27 Mar 2020 13:48:24 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://paleomg.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 66

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 134ms
134ms XHR
application/json 185.33.223.203
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.203 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

c5f00cae378780ce01b7faaf047ccf2b1b6b000822d57927133b5c83e3df2212

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 27 Mar 2020 13:48:26 GMT
X-Proxy-Origin: 83.97.23.30; 83.97.23.30; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.84:80
AN-X-Request-Uuid: baf49d4a-8954-42ba-9e9c-b4faf8a4b8f9
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://paleomg.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
5 KB 221ms
220ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1446888532636114&correlator=1084122211195937&output=ldjh&impl=fifs&adsid=NT&eid=21065761%2C21065390&vrg=2020030501&tfcd=0&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200327&iu_parts=18190176%2CAdThrive_Footer_1%2C574f4c769b47b9d4315a5d6d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C320x50%7C970x90%7C300x50%7C320x100%7C468x60%7C1x1&fluid=height&fsbs=1&prev_scp=location%3DFooter%26sequence%3D1%26id%3DAdThrive_Footer_1_desktop%26ATF%3Dtrue%26sticky%3Dtrue%26lazy%3Dfalse%26refresh%3D00%26nref%3D0&eri=5&cust_params=delivery%3Dcore%26siteId%3D574f4c769b47b9d4315a5d6d%26siteName%3DPaleOMG%26verticals%3DFood%252CClean%2520Eating%252CHealth%2520and%2520Fitness%252CTravel%26deal%3D%26abgroup%3Dhbho%253Asonobi_ebda%252Cvbho%253Aoff%252Crefauc%253A26s%252Cloglevel%253Aoff%252Cpbs2s_appnexus%253Aoff%252Cpbs2s_districtm%253Aoff%252Cpbs2s_sovrn%253Aoff%252Cpbs2s_openx%253Aoff%252Cpbs2s_pubmatic%253Aoff%252Cpbs2s_rubicon%253Aoff%252Croxot%253Aoff%252Cto_initial%253A2400%252Cvscs%253Afalse%252Cauorder%253Asf%252Cdecref%253Aon%252Crebuildslot%253Aon%252Cdelivery%253Acore%26bucket%3Dgdpr%26sens%3D%26topics%3Dholent1%252Cholmm1%252Cholshp1%252Cthk1%252Cholbk1%252Cbkf1%26domain%3Dpaleomg.com%26hi_au%3Danimatedfooter%252Cexpandablefooter%252Cinterscroller%252Cminiscroller%252Cnativemobilecontent%252Cnativedesktopcontent%252Cnativedesktopsidebar%252Cnativedesktoprecipe%252Cnativemobilerecipe%252Coutstreamdesktop%252Coutstreammobile%26vpwxvph%3D1600x1200%26ri%3D3%26pvk%3D01E4E4059N3RNTZBFMBE25C13P%26sess%3D01E4E4059N4NQ8J1Z518N9VG1C%26branch%3Dmaster%2520c2df853%26deployment%3D126%26gptv%3D2020030501%26niet%3D4g%26utm_medium%3D(not%2520set)%26utm_campaign%3D(not%2520set)%26utm_session%3D(not%2520set)%26utm_source%3D(not%2520set)&cookie_enabled=1&bc=31&abxe=1&lmt=1585315157&dt=1585316904391&dlt=1585316893131&idt=870&frm=20&biw=1585&bih=1200&oid=3&adxs=429&adys=1110&adks=296308953&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fpaleomg.com%2F&dssz=75&icsg=3377699720527871&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x13459&msz=1585x-1&ga_vid=1591045637.1585316904&ga_sid=1585316904&ga_hid=566660820&fws=516&ohw=1585

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js?21065761

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

c425507a5ee5ac4874115caa2435a993badde1cf61478ae63c690e0d6b96ca16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Mar 2020 13:48:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5104
x-xss-protection: 0
google-lineitem-id: 5139771563
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138248453528
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://paleomg.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020030501.js Show response
securepubads.g.doubleclick.net/gpt/ 69 KB
25 KB 16ms
16ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js?21065761

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js?21065761

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

ffdc18ac8f47bcd50dd9c33532c334e7073717a62b367d95b9cb1561048547dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Mar 2020 14:08:10 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 25689
x-xss-protection: 0
expires: Fri, 27 Mar 2020 13:48:24 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js?21065761
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 9 KB
4 KB 228ms
228ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1446888532636114&correlator=1200396044904637&output=ldjh&impl=fifs&adsid=NT&eid=21065761%2C21065390&vrg=2020030501&tfcd=0&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200327&iu_parts=18190176%2CAdThrive_Sidebar_1%2C574f4c769b47b9d4315a5d6d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x600%7C320x50%7C160x600%7C300x1050%7C300x50%7C320x100%7C250x250%7C120x240%7C1x1%7C300x420&fluid=height&fsbs=1&prev_scp=location%3DSidebar%26sequence%3D1%26id%3DAdThrive_Sidebar_1_desktop%26lazy%3Dfalse%26refresh%3D00%26nref%3D0%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.04%26hb_adid%3D1150e6e30126de6e%26hb_bidder%3Dsovrn&eri=5&cust_params=delivery%3Dcore%26siteId%3D574f4c769b47b9d4315a5d6d%26siteName%3DPaleOMG%26verticals%3DFood%252CClean%2520Eating%252CHealth%2520and%2520Fitness%252CTravel%26deal%3D%26abgroup%3Dhbho%253Asonobi_ebda%252Cvbho%253Aoff%252Crefauc%253A26s%252Cloglevel%253Aoff%252Cpbs2s_appnexus%253Aoff%252Cpbs2s_districtm%253Aoff%252Cpbs2s_sovrn%253Aoff%252Cpbs2s_openx%253Aoff%252Cpbs2s_pubmatic%253Aoff%252Cpbs2s_rubicon%253Aoff%252Croxot%253Aoff%252Cto_initial%253A2400%252Cvscs%253Afalse%252Cauorder%253Asf%252Cdecref%253Aon%252Crebuildslot%253Aon%252Cdelivery%253Acore%26bucket%3Dgdpr%26sens%3D%26topics%3Dholent1%252Cholmm1%252Cholshp1%252Cthk1%252Cholbk1%252Cbkf1%26domain%3Dpaleomg.com%26hi_au%3Danimatedfooter%252Cexpandablefooter%252Cinterscroller%252Cminiscroller%252Cnativemobilecontent%252Cnativedesktopcontent%252Cnativedesktopsidebar%252Cnativedesktoprecipe%252Cnativemobilerecipe%252Coutstreamdesktop%252Coutstreammobile%26vpwxvph%3D1600x1200%26ri%3D3%26pvk%3D01E4E4059N3RNTZBFMBE25C13P%26sess%3D01E4E4059N4NQ8J1Z518N9VG1C%26branch%3Dmaster%2520c2df853%26deployment%3D126%26gptv%3D2020030501%26niet%3D4g%26utm_medium%3D(not%2520set)%26utm_campaign%3D(not%2520set)%26utm_session%3D(not%2520set)%26utm_source%3D(not%2520set)&cookie_enabled=1&bc=31&abxe=1&lmt=1585315157&dt=1585316904407&dlt=1585316893131&idt=870&frm=20&biw=1585&bih=1200&oid=3&adxs=1071&adys=1444&adks=1073148925&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fpaleomg.com%2F&dssz=76&icsg=3377699720527871&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=297x1624&msz=300x250&ga_vid=1591045637.1585316904&ga_sid=1585316904&ga_hid=566660820&fws=4&ohw=1585

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js?21065761

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

5a5027f3a100b94f1318545fddb02b34e33d15da01612826a2a04081fa4db41d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Mar 2020 13:48:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 4263
x-xss-protection: 0
google-lineitem-id: 4804303628
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138250648314
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://paleomg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
5 KB 213ms
213ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1446888532636114&correlator=2489799514060010&output=ldjh&impl=fifs&adsid=NT&eid=21065761%2C21065390&vrg=2020030501&tfcd=0&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200327&iu_parts=18190176%2CAdThrive_Sidebar_2%2C574f4c769b47b9d4315a5d6d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x600%7C320x50%7C160x600%7C300x1050%7C300x50%7C320x100%7C250x250%7C120x240%7C1x1%7C300x420&fluid=height&fsbs=1&prev_scp=location%3DSidebar%26sequence%3D2%26id%3DAdThrive_Sidebar_2_desktop%26lazy%3Dfalse%26refresh%3D00%26nref%3D0&eri=5&cust_params=delivery%3Dcore%26siteId%3D574f4c769b47b9d4315a5d6d%26siteName%3DPaleOMG%26verticals%3DFood%252CClean%2520Eating%252CHealth%2520and%2520Fitness%252CTravel%26deal%3D%26abgroup%3Dhbho%253Asonobi_ebda%252Cvbho%253Aoff%252Crefauc%253A26s%252Cloglevel%253Aoff%252Cpbs2s_appnexus%253Aoff%252Cpbs2s_districtm%253Aoff%252Cpbs2s_sovrn%253Aoff%252Cpbs2s_openx%253Aoff%252Cpbs2s_pubmatic%253Aoff%252Cpbs2s_rubicon%253Aoff%252Croxot%253Aoff%252Cto_initial%253A2400%252Cvscs%253Afalse%252Cauorder%253Asf%252Cdecref%253Aon%252Crebuildslot%253Aon%252Cdelivery%253Acore%26bucket%3Dgdpr%26sens%3D%26topics%3Dholent1%252Cholmm1%252Cholshp1%252Cthk1%252Cholbk1%252Cbkf1%26domain%3Dpaleomg.com%26hi_au%3Danimatedfooter%252Cexpandablefooter%252Cinterscroller%252Cminiscroller%252Cnativemobilecontent%252Cnativedesktopcontent%252Cnativedesktopsidebar%252Cnativedesktoprecipe%252Cnativemobilerecipe%252Coutstreamdesktop%252Coutstreammobile%26vpwxvph%3D1600x1200%26ri%3D3%26pvk%3D01E4E4059N3RNTZBFMBE25C13P%26sess%3D01E4E4059N4NQ8J1Z518N9VG1C%26branch%3Dmaster%2520c2df853%26deployment%3D126%26gptv%3D2020030501%26niet%3D4g%26utm_medium%3D(not%2520set)%26utm_campaign%3D(not%2520set)%26utm_session%3D(not%2520set)%26utm_source%3D(not%2520set)&cookie_enabled=1&bc=31&abxe=1&lmt=1585315157&dt=1585316904443&dlt=1585316893131&idt=870&frm=20&biw=1585&bih=1200&oid=3&adxs=1071&adys=2438&adks=4075714528&ucis=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fpaleomg.com%2F&dssz=76&icsg=3377699720527871&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=297x1894&msz=300x250&ga_vid=1591045637.1585316904&ga_sid=1585316904&ga_hid=566660820&fws=4&ohw=1585

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js?21065761

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

2d5bf97cfa0c407e56135f1b87a9c0bc1e389b8bb9db709c7ec7e0cf3eddf37f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Mar 2020 13:48:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5044
x-xss-protection: 0
google-lineitem-id: 5139771563
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234805166
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://paleomg.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003101714470/ Frame 3B71 200 KB
55 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4486f4e70d7321e8f64da51c38b50767e846bdaf4ef3441d628f27a4f8952c10

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2701
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55811
x-xss-protection: 0
server: sffe
date: Fri, 27 Mar 2020 13:03:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "789295de90cb321e"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Mar 2021 13:03:23 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003101714470/ Frame 3B71 200 KB
55 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4486f4e70d7321e8f64da51c38b50767e846bdaf4ef3441d628f27a4f8952c10

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2701
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55811
x-xss-protection: 0
server: sffe
date: Fri, 27 Mar 2020 13:03:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "789295de90cb321e"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Mar 2021 13:03:23 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012003101714470/v0/ Frame 3B71 92 KB
28 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003101714470/v0/amp-analytics-0.1.js

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e17e03dc3ff1767a8d185975a2bf392068a0b2f2848503c38ceaa3f10fb0ea84

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2706
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28328
x-xss-protection: 0
server: sffe
date: Fri, 27 Mar 2020 13:03:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f4788313c10056ed"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Mar 2021 13:03:18 GMT

GET
DATA 200
OK truncated
/ Frame 3B71 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc47087b93472c0c75f7830652611523322318a5204cafb03f61324c9eeb925d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012003101714470/ 20 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003101714470/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js?21065761

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2b0d171a4179bf00898c430c1c15464e528aff5762fc70a5d02184834c82eff

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2700
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 7178
x-xss-protection: 0
server: sffe
date: Fri, 27 Mar 2020 13:03:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9d3d923337ef7e9b"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Mar 2021 13:03:24 GMT

GET
H2 200 15842465133016810807
tpc.googlesyndication.com/simgad/ Frame 3B71 43 B
167 B 7ms
7ms Image
image/gif 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15842465133016810807

Requested by

Host: paleomg.com
URL: https://paleomg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 05 Feb 2020 05:14:58 GMT
x-content-type-options: nosniff
age: 4437206
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
last-modified: Wed, 30 May 2018 18:01:52 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Feb 2021 05:14:58 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
5 KB 19ms
18ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020030501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js?21065761

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c40a818f39f56145bd1ea87bec8dfbc39c3fbbf4ce40c595383343b27905da7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 27 Mar 2020 13:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5167
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
clarium.global.ssl.fastly.net/ Frame 04BC 40 KB
13 KB 10ms
10ms Script
text/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://clarium.global.ssl.fastly.net/?wrapper=mOinGM9MTu5v-Lto835XLhlrSPY&tpid=bU9pbkdNOU1UdTV2LUx0bzgzNVhMaGxyU1BZL3NvdnJuOjMwMHg2MDA%3D&v=v2lgcycid&d=eyJ3aCI6ImJVOXBia2ROT1UxVWRUVjJMVXgwYnpnek5WaE1hR3h5VTFCWkwzTnZkbkp1T2pNd01IZzJNREE9Iiwid2QiOnsiay5oYl9iaWRkZXIiOiJzb3ZybiIsImsuaGJfc2l6ZSI6IjMwMHg2MDAifSwid3IiOjd9
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cceecffd814c897c8028f26df881a4786caf6337f060dcab303951b9473412a9

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 27 Mar 2020 13:48:24 GMT
Content-Encoding: gzip
Age: 233
X-Cache-Status: hit
X-Cache: HIT
Connection: keep-alive
Content-Length: 13225
Via: 1.1 varnish
X-Served-By: cache-fra19160-FRA
Server: nginx
X-Timer: S1585316905.654117,VS0,VE1
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js?21065761

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2e60d0a77f1d63a9fd3b21fbb9d21345a61dc43d6c9b749e45753c5d993a6e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1585165059237800"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28015
x-xss-protection: 0
expires: Fri, 27 Mar 2020 13:48:24 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003101714470/ Frame FE3C 200 KB
55 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4486f4e70d7321e8f64da51c38b50767e846bdaf4ef3441d628f27a4f8952c10

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2701
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55811
x-xss-protection: 0
server: sffe
date: Fri, 27 Mar 2020 13:03:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "789295de90cb321e"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Mar 2021 13:03:23 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003101714470/ Frame FE3C 200 KB
55 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4486f4e70d7321e8f64da51c38b50767e846bdaf4ef3441d628f27a4f8952c10

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2701
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55811
x-xss-protection: 0
server: sffe
date: Fri, 27 Mar 2020 13:03:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "789295de90cb321e"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Mar 2021 13:03:23 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012003101714470/v0/ Frame FE3C 92 KB
28 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003101714470/v0/amp-analytics-0.1.js

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e17e03dc3ff1767a8d185975a2bf392068a0b2f2848503c38ceaa3f10fb0ea84

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2706
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28328
x-xss-protection: 0
server: sffe
date: Fri, 27 Mar 2020 13:03:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f4788313c10056ed"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Mar 2021 13:03:18 GMT

GET
H2 200 15842465133016810807
tpc.googlesyndication.com/simgad/ Frame FE3C 43 B
105 B 6ms
5ms Image
image/gif 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15842465133016810807

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 05 Feb 2020 05:14:58 GMT
x-content-type-options: nosniff
age: 4437206
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
last-modified: Wed, 30 May 2018 18:01:52 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Feb 2021 05:14:58 GMT

GET
DATA 200
OK truncated
/ Frame FE3C 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa0a61954689d4085cea992d0367a9854fe0b0cb0d63786f87131d4c51363da

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame FE3C 0
305 B 31ms
31ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstX_KSxyAX0W7B87rItHV1QH4eC07J7Q95ZAFOf2lJmjPKJys0pfhMoVMgT3hDt9ivwNz5ZyU642z_tORy1oeCTVoiqDJmgj23VPVnVM7LSly7POV2EBq6D7mNiTGtiEYnc_jvDC6fqrPNOel2R2XeAifK7tuYqwTMR2C4CMFx9OJhJedDa5uzpVP_43cskQMglbE2cCr-EHQlXrQqTQ6PndsSTIr-ntRfPdvASOP1LfrM05wrXqCTIfto9TjoAYQWHng2Qp7mRMmgTBrLDx0PzqMWCaZQ4-Tl9iO79qNwCWQ&sai=AMfl-YRPb3bYTeMXlzUraF615Z3z5MKJQ_1Ht9UDy6dojsv4E3abBpsKiXewroAaMhbHAOarNxWuWwazx72xXQ6JMWdrRP7jZ4aNtSfJuOwr&sig=Cg0ArKJSzHx0ey6UbAI2EAE&adurl=

Requested by

Host: paleomg.com
URL: https://paleomg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 13:48:24 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 27 Mar 2020 13:48:24 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js?21065761

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Fri, 27 Mar 2020 13:48:24 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 04BC 0
0 19ms
19ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIUBvYsqAdvQG5CLHliuQvi9mhWX4bboStNm2I1OhSoF353meOibFS3plZ0TMneJKFynl0Po8PHklva4tJEVSX56m9hGpJ4P_NBZqSQCIuAhGZy-Tsf0Oj90FCQxzZ-qK9NBEMSExS9uO6Lgh-Aj-PeH2q1SfSQaYleUFOXBTIeiRnX8EZWKxAencREF9MqXMVCDlMVWRwf06p4wqsM6YfHiLMYeCC8iXmDN00TAZvhFH2pApmX24KOUNMQTkpFO2HlWsna453re49CNzrpBDOTGQOzXhPOo_gnBX4KVbsqIS_&sai=AMfl-YR7qWsnpwA9TFiiG3nJ6wSki45JR5XxZ9VGm2tSwwBTCD1xObEvYPSMltThzEzWf2FAQfX4X0MExMH1gJaS273OsQCnH01fHprPNyQ0iQ&sig=Cg0ArKJSzHaVFJR2cDkREAE&urlfix=1&adurl=

Requested by

Host: paleomg.com
URL: https://paleomg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Fri, 27 Mar 2020 13:48:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 7E50 0
0 23ms
23ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhC8yvoBGOXbjFEwAQ&v=APEucNW2vH5UcA3lDhSaEDy_Bv1lTqzv5ZzCbhrDL6k7lFheAnbupHX42H3TjbqDA-Igsbqsp_3sgms4-AqHZt-iFf7IrEWrIQ

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=mOinGM9MTu5v-Lto835XLhlrSPY&tpid=bU9pbkdNOU1UdTV2LUx0bzgzNVhMaGxyU1BZL3NvdnJuOjMwMHg2MDA%3D&v=v2lgcycid&d=eyJ3aCI6ImJVOXBia2ROT1UxVWRUVjJMVXgwYnpnek5WaE1hR3h5VTFCWkwzTnZkbkp1T2pNd01IZzJNREE9Iiwid2QiOnsiay5oYl9iaWRkZXIiOiJzb3ZybiIsImsuaGJfc2l6ZSI6IjMwMHg2MDAifSwid3IiOjd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CMKPFhC8yvoBGOXbjFEwAQ&v=APEucNW2vH5UcA3lDhSaEDy_Bv1lTqzv5ZzCbhrDL6k7lFheAnbupHX42H3TjbqDA-Igsbqsp_3sgms4-AqHZt-iFf7IrEWrIQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://paleomg.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk0n-RyA_T27lv6z02m7XiVKt-CnDGreJn5Wg7pSJCWTNCx8E2GbTbD-M2e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://paleomg.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 27 Mar 2020 13:48:24 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 04BC 45 KB
20 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bcw2TsK6KF-wF-byErpBgIXUwicWCPmRt18osgVTq018bqUHtPV6LQcjDixUuP32U0dhkmtq8v63Y0MZKnjbByYddL3w&dbm_d=AKAmf-BDYhTDxxwxv3dm6gJer2SRbdmkbOhRd_hc1lK3_fz-O3tNpxby3I4jLQSrpmuE9IDil64iwnxMzmXKoaNfJ7z0A_yTOiaNRwXmqzPQaogV9cnl_mulpFADBKh0zBhhb5LK3zPYm-LiegvdoHm3RP5yUWTvswnALLVPpu6FTrTaLYWrHrCMR9kf1v0BHpqWUt6heVluYMyHgdH1VizyjO2ujOceqxelmhcQHUbGh_D8Fvt-UqaoL-4NRK-WGyIzzOx8x8jmgBMoRLGyqNdN1-cctCCszv4eW8GLDeN1xXb_LbTYVKOCZBgdNkdVqO8LWwp9nBigStGiOVihprthN3OiFxLBtByvS30jZXmOJ00dmlGItaYtvryTIhBw85xbG1A-GMLOecB5nR3DhEZdAoLgl4oFECpjuqoIpnB0PmJ9RrqQYoUydobhI8oTvikup4oBVgACtZ0k6apTmeronDvUfO75hniSbbn4sVi3NXJdooh3ovVOfeJWOY_qWJ-UXdwBtl8vClTbOp8VMfysBJD4e2WOLw9n0AOwX2qvf0-JJz0iq5pJ3EU6QNfSH7vBspTV_8T8peGRsbsFF0Z2qBgIjyqD9MuLoWEnmlaeqXj5VBG3t5Tv-b9Yl45VVpnTVVQpxhso09L4-hNLgWq56IMGPTlMPZMnC3e2Bc-KSvyZ9yAjALd93xUUM-yzvg9-0OQk3m8XayuD2IWGpNX8uL5jYnarw0ANFddLEePFXTfgJU1WWlLQC4Mqo5ERVw01j5MetJyvwE9bJGUiGuo-lrlLrX9H15FEj3jbyl2t-nJR-F-qczcFJOHUs6gPGMvdZCnJXLLdiDWWl8-VeSdUUeFyoLI2c6YpXKbC4svbAx4CVI3ptH3sHiAeyp-OJ6ir56U-zGg9OL6bIkJqnimfWPbF29oyqBswBjNNyt8zUPldNLNgQnKEYY8EhX8dy-EmHOxcl6S924AevFqV8IzLBfRtb_54NX7o87O7Q2sSnKxZS-vu2WL5----6Ft0sFYsFMKjSBE5jI-pSGax9SzovKmwiLZ9crbSt41JostQDsP-2thWVurDAMv5EwO9j_wpdcMh93ZzI5m04IcoSu_SShgfBtllNBfmuBwZ4f84IJN3ZqaYYMXZNaX7fUqeg5UK-OpZ5Er_4CfxCWNEduySPJHgLitSwwX4IhoR6UvupncOaoDwZrmKboUEwyVGxrxNKjmJVy-0QV6TQYpR3U67Io49ekPjFu3g4CB9MSlq94qnPysJEX6_a-kt2lXZvC002pmmBL0U0TGv1PnQgAaDdcNgplZwueq7qj0lPTS0PBh13usdlS_7if9EwNLBkeFtsWIw9sxQdWzW0MPRr8Z2YIQ0tH6oVvM2hjNQDg483Xee3Aq5Ml22ZWDlVUyq4OGZUIFpdfPAljprRyUJdgE27hgX_be9h5mf0bcgE62Nz_ZzgPgHoRCHXBoEPANZSd_kdBoh60LPxSDwBciyC10dRwMkhD_uWLtv2FSzuKEC2F1Cfuj3Z17rewdl0KdeVOt9vgwTt94EwsYzO5prd7EmikX3aYxf62Bfe9tP3n6fvzVVIbBJpYMFDS9Lz10OrZumiyGxmffAwNOl_GkaDQi0qaar5RZbEe7AH7_E7ItkCV4A2kTctGaEKWFiNhdbOefL0QmpqzRoKHyWSw2ciBA3sKnW5l6AnC7ec5CwLBqBfpMpcTPR1fh3dPFqr1Ells6sbpriNeO-wx67L_Ry8dFfgupEcwJfrTdIHgUkJlpNdHB24CzYoBnw92FflIXsnksxxL48ie1349iVLLbwZfhUw7qyBbx_rMvkIdoAdY8OzAgoIGk-GsVsMJ-5JHfV91RrJfqOoP2IGqMvg2woRoKbB82BnJl5aps22V7Sl7SZOduBOs4B2DUCvo4nreHyVoYDvrpYtyf8vYdk0QkrQNaG1-2VXCAEQNfFYri3i7YkeAFR02CspfTf8QthR-yb6emLO3JlPc18tERgjiKKG_8iR2VIuu5Z4rORihuHT4NvjA0pwqStzj-I_Hco8SQcszOC_XUZTPvnwt0GgGt_acWWQVNjsgH5eACFbYIjB3lEGkjMWp_LQz0q3O4Pvet_sb8url4_jqo7Lbj9ZFcCKlfbEUO2l5fCq4S_OZ2wQBB__LAFxyje5ZFtok7HMqlKyOlS-1sIPC3FXjkk0sumw02mNQugAMtNT86urLEv-psntV3n1AvURM1jWpXq82PqEEvO0Y2B7ngj3h8XEIHRxRzS8g-h4K-knN9jed1S6aZH65-P_P5Ol3Kvv2FJUa3c1c7zmrhbkcWwnPou6I3Gnh1C_2SbUjrBWC5halAPyrGdNWlm21zhy6Ml6omtlYtx3K-TXPMWNx6pq_9pwhp-CkwVvjrUHJwX2nLjj_fRz5vPLN-xAQmi1E9BL3mJmHFSQef16Evyp1e-vtAQC1MaWDUAmpxv0KJIqZ4ghLr5eU00FFbNqqe-etY30Deb6KLrkt3GbQOZgLV8olrqmVBMJUpe74Kb8eCIb6n9-SOOCXFsGYx3wqTT6kYXtQutzfVDxNaUn8W9t8aFBWAAWluD9YkryiY0hvlhjgbOC6nOUMBcjEXlvbjsBbVVQXDJTUhsI5LiD7AJJf9n&pr=30:0.059117&cid=CAASBORo1eA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e7cf023a733ede7b7f2978833440d87027d41cadec42e2243d299b47f208e18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 13:48:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 19989
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 04BC 42 B
109 B 17ms
16ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ASUSzOkHkd7LYJqfWD0mjwsuy85boDUvdRkImed-RwnnRn5Ly-dbN6zbOExk7OS6cU7KfkDLs4LIyknysag3T2SULk3Nh5FT-3CY9R-zbhE988tcc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 13:48:24 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK impression
vap6ams1.lijit.com/rtb/ Frame 04BC 43 B
567 B 56ms
22ms Image
image/gif 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vap6ams1.lijit.com/rtb/impression?bannerid=69987&campaignid=1673&rtb_tid=8bef8b4b-3c1d-4374-a221-b7016aa8ed5a&rpid=23&seatid=362434&zoneid=571547&cb=84653071&tid=a_571547_c96d2cf42afc44c5a3e0696aed51129e
Requested by: Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=mOinGM9MTu5v-Lto835XLhlrSPY&tpid=bU9pbkdNOU1UdTV2LUx0bzgzNVhMaGxyU1BZL3NvdnJuOjMwMHg2MDA%3D&v=v2lgcycid&d=eyJ3aCI6ImJVOXBia2ROT1UxVWRUVjJMVXgwYnpnek5WaE1hR3h5VTFCWkwzTnZkbkp1T2pNd01IZzJNREE9Iiwid2QiOnsiay5oYl9iaWRkZXIiOiJzb3ZybiIsImsuaGJfc2l6ZSI6IjMwMHg2MDAifSwid3IiOjd9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Fri, 27 Mar 2020 13:48:24 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 04BC 74 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

458860ce8b256b66b223ed10f813b32a012b91698bd98867374cfb24da8ce172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1585165059237800"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28264
x-xss-protection: 0
expires: Fri, 27 Mar 2020 13:48:24 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame DC4A 0
0 6ms
6ms Document
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://paleomg.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://paleomg.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Fri, 27 Mar 2020 13:35:35 GMT
expires: Sat, 27 Mar 2021 13:35:35 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 769
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3B71 0
57 B 20ms
19ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv768YBUR7SlLEnNNq6biOfvqa9LweBgnKZypiQv4qMoxpaC6TmdfNBQ31KrDLXv204FunmFv7ouflVEe4Vg81BZdceU9mo3e9ck5YHtQHC3OReNWFxdTxso43G_YpnQak_-WkcW0fLN1qW0htRtz084DfoF_chyb9Xa69HYBuXBD2txuyyIoeM0FJ4F456UQ6tMeO6FXNBUA6e_5u6mM-kUOhqXfKwwQ1JoSOXyLedLX-pqLzGvSi2AqTu257rNKXt2CutdbE_R_N6Yyyud24bFZv-Ou2Xep_TtvS7aDo-&sai=AMfl-YS2CxPmNrz3NMCZiT7YUiKpfdTk2GhumZVwcBfmrhXX7wYUlLrwWzXDNkv3l7dqwoEjqpx0gjuwQtSQSoGIPAXbguH3ET2lKaytY0qK&sig=Cg0ArKJSzGwlHqI-ZwNwEAE&adurl=&cbvp=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 13:48:24 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 15842465133016810807
tpc.googlesyndication.com/simgad/ Frame 3B71 43 B
106 B 6ms
6ms Image
image/gif 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15842465133016810807

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 05 Feb 2020 05:14:58 GMT
x-content-type-options: nosniff
age: 4437206
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
last-modified: Wed, 30 May 2018 18:01:52 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Feb 2021 05:14:58 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20200324/r20110914/ Frame 04BC 21 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200324/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16071c1b3382b5375f716314061201e529e7795554329a760582c43139f3536b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 14:53:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 8409
x-xss-protection: 0
server: cafe
etag: 13256447394473194051
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Apr 2020 14:53:13 GMT

GET
H2 200 lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 04BC 75 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bcw2TsK6KF-wF-byErpBgIXUwicWCPmRt18osgVTq018bqUHtPV6LQcjDixUuP32U0dhkmtq8v63Y0MZKnjbByYddL3w&dbm_d=AKAmf-BDYhTDxxwxv3dm6gJer2SRbdmkbOhRd_hc1lK3_fz-O3tNpxby3I4jLQSrpmuE9IDil64iwnxMzmXKoaNfJ7z0A_yTOiaNRwXmqzPQaogV9cnl_mulpFADBKh0zBhhb5LK3zPYm-LiegvdoHm3RP5yUWTvswnALLVPpu6FTrTaLYWrHrCMR9kf1v0BHpqWUt6heVluYMyHgdH1VizyjO2ujOceqxelmhcQHUbGh_D8Fvt-UqaoL-4NRK-WGyIzzOx8x8jmgBMoRLGyqNdN1-cctCCszv4eW8GLDeN1xXb_LbTYVKOCZBgdNkdVqO8LWwp9nBigStGiOVihprthN3OiFxLBtByvS30jZXmOJ00dmlGItaYtvryTIhBw85xbG1A-GMLOecB5nR3DhEZdAoLgl4oFECpjuqoIpnB0PmJ9RrqQYoUydobhI8oTvikup4oBVgACtZ0k6apTmeronDvUfO75hniSbbn4sVi3NXJdooh3ovVOfeJWOY_qWJ-UXdwBtl8vClTbOp8VMfysBJD4e2WOLw9n0AOwX2qvf0-JJz0iq5pJ3EU6QNfSH7vBspTV_8T8peGRsbsFF0Z2qBgIjyqD9MuLoWEnmlaeqXj5VBG3t5Tv-b9Yl45VVpnTVVQpxhso09L4-hNLgWq56IMGPTlMPZMnC3e2Bc-KSvyZ9yAjALd93xUUM-yzvg9-0OQk3m8XayuD2IWGpNX8uL5jYnarw0ANFddLEePFXTfgJU1WWlLQC4Mqo5ERVw01j5MetJyvwE9bJGUiGuo-lrlLrX9H15FEj3jbyl2t-nJR-F-qczcFJOHUs6gPGMvdZCnJXLLdiDWWl8-VeSdUUeFyoLI2c6YpXKbC4svbAx4CVI3ptH3sHiAeyp-OJ6ir56U-zGg9OL6bIkJqnimfWPbF29oyqBswBjNNyt8zUPldNLNgQnKEYY8EhX8dy-EmHOxcl6S924AevFqV8IzLBfRtb_54NX7o87O7Q2sSnKxZS-vu2WL5----6Ft0sFYsFMKjSBE5jI-pSGax9SzovKmwiLZ9crbSt41JostQDsP-2thWVurDAMv5EwO9j_wpdcMh93ZzI5m04IcoSu_SShgfBtllNBfmuBwZ4f84IJN3ZqaYYMXZNaX7fUqeg5UK-OpZ5Er_4CfxCWNEduySPJHgLitSwwX4IhoR6UvupncOaoDwZrmKboUEwyVGxrxNKjmJVy-0QV6TQYpR3U67Io49ekPjFu3g4CB9MSlq94qnPysJEX6_a-kt2lXZvC002pmmBL0U0TGv1PnQgAaDdcNgplZwueq7qj0lPTS0PBh13usdlS_7if9EwNLBkeFtsWIw9sxQdWzW0MPRr8Z2YIQ0tH6oVvM2hjNQDg483Xee3Aq5Ml22ZWDlVUyq4OGZUIFpdfPAljprRyUJdgE27hgX_be9h5mf0bcgE62Nz_ZzgPgHoRCHXBoEPANZSd_kdBoh60LPxSDwBciyC10dRwMkhD_uWLtv2FSzuKEC2F1Cfuj3Z17rewdl0KdeVOt9vgwTt94EwsYzO5prd7EmikX3aYxf62Bfe9tP3n6fvzVVIbBJpYMFDS9Lz10OrZumiyGxmffAwNOl_GkaDQi0qaar5RZbEe7AH7_E7ItkCV4A2kTctGaEKWFiNhdbOefL0QmpqzRoKHyWSw2ciBA3sKnW5l6AnC7ec5CwLBqBfpMpcTPR1fh3dPFqr1Ells6sbpriNeO-wx67L_Ry8dFfgupEcwJfrTdIHgUkJlpNdHB24CzYoBnw92FflIXsnksxxL48ie1349iVLLbwZfhUw7qyBbx_rMvkIdoAdY8OzAgoIGk-GsVsMJ-5JHfV91RrJfqOoP2IGqMvg2woRoKbB82BnJl5aps22V7Sl7SZOduBOs4B2DUCvo4nreHyVoYDvrpYtyf8vYdk0QkrQNaG1-2VXCAEQNfFYri3i7YkeAFR02CspfTf8QthR-yb6emLO3JlPc18tERgjiKKG_8iR2VIuu5Z4rORihuHT4NvjA0pwqStzj-I_Hco8SQcszOC_XUZTPvnwt0GgGt_acWWQVNjsgH5eACFbYIjB3lEGkjMWp_LQz0q3O4Pvet_sb8url4_jqo7Lbj9ZFcCKlfbEUO2l5fCq4S_OZ2wQBB__LAFxyje5ZFtok7HMqlKyOlS-1sIPC3FXjkk0sumw02mNQugAMtNT86urLEv-psntV3n1AvURM1jWpXq82PqEEvO0Y2B7ngj3h8XEIHRxRzS8g-h4K-knN9jed1S6aZH65-P_P5Ol3Kvv2FJUa3c1c7zmrhbkcWwnPou6I3Gnh1C_2SbUjrBWC5halAPyrGdNWlm21zhy6Ml6omtlYtx3K-TXPMWNx6pq_9pwhp-CkwVvjrUHJwX2nLjj_fRz5vPLN-xAQmi1E9BL3mJmHFSQef16Evyp1e-vtAQC1MaWDUAmpxv0KJIqZ4ghLr5eU00FFbNqqe-etY30Deb6KLrkt3GbQOZgLV8olrqmVBMJUpe74Kb8eCIb6n9-SOOCXFsGYx3wqTT6kYXtQutzfVDxNaUn8W9t8aFBWAAWluD9YkryiY0hvlhjgbOC6nOUMBcjEXlvbjsBbVVQXDJTUhsI5LiD7AJJf9n&pr=30:0.059117&cid=CAASBORo1eA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43375fcfee5f30dcbc71fdb1e244854961ed40e0de4d2dc6799004817a7fc1da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1585165059237800"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 27885
x-xss-protection: 0
expires: Fri, 27 Mar 2020 13:48:24 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 04BC 0
58 B 50ms
49ms Other
image/gif 172.217.16.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssj6_pPgLbJmTuRn-Ng_3wU9ZrGW8gzdxSm1uVhQtp40rzcKP4RKvOPxtXYYz1KqU2YOz38tVphMovNU923rWLtsV8Qw0a80qH3VwQSgpD1qcQOa0l8M0SZeIpZSyCs4GdLlckWzTxWk112iz3L-W8xWoCTLaXMCX60uE917Pj_Y141QXCKU-kdEBIjQf0rDiI5_rxITa5wzLbuhFKP-Pq-PvEGIADPhg4QuEPzpyyGYTRoPSUNdrJEGZh9hoTy3RNwvlYAWXSWijxSG8jYcXFeGx3ZoTxP6dZGXXHLj7sOz6rMLYEAdYHFxFmr0yixqgfAVYyMN0lZeEFiglXSIUY5efqprs6OR1LXj6lsjC2_JIOC43j5o0aD1XAZWTkPTA_Ip7nGEojSgqmBzsJuTMTvSjjXl2qLIAKTwU1ZHiJIUACAG7NJRiOsswTVpRnkNTMD-3MlUMhuOdjlN7ZHRvd2Fxwaa-lpTC1zMWs-G-bosotCSMpXt7TGQJXoLUX0BI4xcJxFNgNSZGmWlkNXhr9uWA43RhQIop6zzuy4wbfWffVCKxi0mW1KlWnDU_nR84YqwNYe_mi1BSIU-txnqMvO3MoehL05N-i1is-oh1WshjWn6T1XCJnUXmU1QdtQgIwfzm-9U9Gqr3sS4zXZiuL7vPSHmyHJTVazF7fUpakRrQdg1H8Ii5J0tqINauir-GTk_upMDjgZsDkddT8xqujBSTe8o6Pw9NH0bt_SBPOkIYUNwEeboJoHeH1I_6w48PZ8mcwrABkFFCIav1EWVY3ri7YcELcuoqC-WHqTxSKogMzdVGl_GJbfURNXevszLWQRwNHUdEAzXCmFY9C4rWPtVu7O3TUTwhMo6k6s2x7I8t9ZuOhQV1JqPAfxFjCwGlssPapYYG_1LWibYemwnjowddAd7nhSOCndYttj7hQOuIXoZOv_5EW76u8i0saCXFhn2w&sai=AMfl-YQDr9C8d8OHMeJNk7wS1gq6aZLL9y15lAbJNbfkml5K592ymzrtv7wFzR0xdRTkH8kTfYSP2uxx4Pfm0Y7oKWfzOHSFKfeG5Sl2qbjREEP0eSZTWHOliVp8XJSr7ktZCvWG&sig=Cg0ArKJSzNpzurQVOVbVEAE&pr=30:0.059117&urlfix=1&omid=0&rm=1&ctpt=1&cstd=0&cisv=r20200324.65229&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
date: Fri, 27 Mar 2020 13:48:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 04BC 41 KB
15 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 08:52:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17783
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Mar 2021 08:52:01 GMT

GET
H2 200 default_300x600.jpg
s0.2mdn.net/9210267/ Frame 04BC 27 KB
27 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:815::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9210267/default_300x600.jpg

Requested by

Host: paleomg.com
URL: https://paleomg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cb5bf07f0c3efc07bc5bc61b0b003a566847a00646ef390dcc5842d70a92fc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 16:27:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 18 Mar 2019 17:06:08 GMT
server: sffe
age: 76855
content-type: image/jpeg
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=86400
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27277
x-xss-protection: 0
expires: Fri, 27 Mar 2020 16:27:29 GMT

GET
H2 200 img;adv=11132214846639;ec=11132214846816;adv.a=9210267;c.a=22405209;s.a=5282241;p.a=242934964;a.a=439354712;cache=3651832302;
ad.atdmt.com/i/ Frame 04BC 42 B
333 B 41ms
39ms Image
image/gif 2a03:2880:f02d:5:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.atdmt.com/i/img;adv=11132214846639;ec=11132214846816;adv.a=9210267;c.a=22405209;s.a=5282241;p.a=242934964;a.a=439354712;cache=3651832302;
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:5:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 13:48:24 GMT, Fri, 27 Mar 2020 13:48:24 GMT, Fri, 27 Mar 2020 13:48:24 GMT
x-atlas-debug: AYIbkPhFKqks7_cWGzfCnZ6fZ-AAHmKT5AG1BcTZ8Ukel0AdzSIRv9uYKWx0OA_fos2729SUCXVDXW0q_MSNwDo-
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
status: 200
cache-control: private, no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=3600
content-length: 42
expires: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 3B71 0
325 B 957ms
349ms Other
image/gif 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1585316904820&qqid=CMnFxtfluugCFdWhewodLjUCBQ&rt=a4a.link.4.c.6.6.0.0.174y.172b~a4a.script.4.c.4.8.0.0.174y.172b~aa.script.4.9.2.6.0.0.lx1.luw~simg.img.7.8.0.7.0.0.4n.17&met.a4a=dcl.0~ol.129~nvs.1585316904634~ini.1585316904821
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003101714470/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c03::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 13:48:25 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 204
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sovrn.containertag.new.min.js Show response
vap6ams1.lijit.com/res/ Frame 04BC 11 KB
4 KB 14ms
14ms Script
text/javascript 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://vap6ams1.lijit.com/res/sovrn.containertag.new.min.js?cid=3&zid=571547&v=4&tid=a_571547_c96d2cf42afc44c5a3e0696aed51129e&loc=https://paleomg.com/
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: b6e25970216d0de77206d3d3bd40ca7a9fd3c49e92feb0efa7e05ac2644b2dfa

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 27 Mar 2020 13:48:24 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"5e1fa0a8-2c39"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap6ams1

GET
DATA 200
OK truncated
/ Frame 04BC 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fcbb6a4209b8199bd5ec9e62584317bdd92d25f128e8a6421ca80f263ecd97d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 04BC 0
57 B 18ms
18ms Other
image/gif 172.217.16.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 27 Mar 2020 13:48:24 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 15842465133016810807
tpc.googlesyndication.com/simgad/ Frame FE3C 43 B
106 B 6ms
6ms Image
image/gif 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15842465133016810807

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 05 Feb 2020 05:14:58 GMT
x-content-type-options: nosniff
age: 4437206
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
last-modified: Wed, 30 May 2018 18:01:52 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Feb 2021 05:14:58 GMT

GET
H2 200 Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A416 0
0 6ms
6ms Document
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://paleomg.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://paleomg.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 8395
date: Fri, 27 Mar 2020 08:51:25 GMT
expires: Sat, 27 Mar 2021 08:51:25 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 17819
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H/1.1 200
OK containertag Show response
ap.lijit.com/ Frame 04BC 1 KB
1 KB 48ms
21ms Script
application/json 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/containertag?zoneId=571547&containerId=3&v=4&tid=a_571547_c96d2cf42afc44c5a3e0696aed51129e&loc=https://paleomg.com/
Requested by: Host: vap6ams1.lijit.com
URL: https://vap6ams1.lijit.com/res/sovrn.containertag.new.min.js?cid=3&zid=571547&v=4&tid=a_571547_c96d2cf42afc44c5a3e0696aed51129e&loc=https://paleomg.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: 8cef5bd2a987a11f5c690e08a11f6f155acdc9b2209a3118c94db86a77601968

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Fri, 27 Mar 2020 13:48:25 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: raptor
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap6ams1
Content-Type: application/json;charset=utf-8
X-Application-Context: application:prod:9080
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 15ms
15ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020030501&jk=1446888532636114&bg=!AgGlARlYqpivBOuX6kUCAAAANlIAAAAKmQFXtgPKwgBmAONOMNPIb3PUMvx2--fOgTtuollziafQa_Sweh1WHvL0hsKwKO7eJzMAXYEP6QjDRYKcibsnHG11mEC90r1eROMQVQB6-VL7O07vzMzpwIRhAjEQy04goq_fmfpCIb8LdX4-lfFZK1W1tpwXQaWth9LZ56uWkCSh-DSjhVjC-ksdfmVYDy38f8PC2IsedqwdHMI3_vEmYs8UHPWP_8TPn49zghllT41XiUItbi1FF9pJiNh42NaOV4CjE2C7mTUYtCCSFheJZJCbQ3ORDugSZFXtGoZbkj521ZpHsZbGgstoreNtac5FrUxRFrvRh5OHYF0MSeHtRzvFNF4aETyQfr2rP1v_ekxxuQXdmGqraZzzQvdG91pCjy5O_7JgvpLOHZ0K4AZ3bfkTSBexi54J0mRiDFIAjaLLcl_4KWVv3yO-d3II_966IWHCF8ooJVnBDw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 13:48:25 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ct
ap.lijit.com/data/ Frame 04BC 43 B
210 B 17ms
16ms Image
image/gif 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/data/ct?tid=a_571547_c96d2cf42afc44c5a3e0696aed51129e&zoneid=571547&cid=3&geo=DE&all_tags=509&count=undefined&status=4&elapsed_ms=50
Requested by: Host: paleomg.com
URL: https://paleomg.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / podlogging
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 27 Mar 2020 13:48:25 GMT
Server: nginx
X-Sovrn-Pod: ad_ap6ams1
X-Powered-By: podlogging
Content-Length: 43
Content-Type: image/gif

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 04BC 52 KB
20 KB 8ms
7ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: paleomg.com
URL: https://paleomg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

8fc74bee456271084ab8b6864f9fb3eb9a773ff59a544999b34adf15de20bccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 13:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2359
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 20366
x-xss-protection: 0
server: cafe
etag: 13830495953492609904
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 27 Mar 2020 14:09:06 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 04BC 0
56 B 577ms
350ms Other
image/gif 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~k8a8r4sm&chm=1&ctx=2&qqid=COO6x9fluugCFb3luwgdlCUBRg&met.4=fb.2s~lb.6r~ol.f5~idt.hi~dt.-6o&met.3=197.6l~123.6j_8~118.6z_1~378.7a~118.7c_1~118.7d~118.7e~374.7e~143.dc_1~118.de~118.de~118.ev~117.f5~118.f6_1~113.g2_b~112.fy_g&met.1=1.k8a8r4cn~14.0~15.0~16.0~17.0~18.0~19.0~20.f4~21.f5~22.69~23.6w&met.7=CBsQCiAGOAs~CCgQBRgBIGsoazCEATgZaG1wgwF4OrABAbgBAw~CCgQChgBIG0obTCfATgyaG1wnAF46pwBgAGVnAGIAabqArABAbgBAw~CBwQBhgBIG0obTB-OBFobnB-eG2AASqIASqwAQG4AQM~CBsQBiBtODk~CCoQChgBIG4objB-OBA~CAkQChgBIMQBKMQBMMoBOAdoxAFwygF4nkKAAdlBiAHDqwGwAQG4AQM~CCoQChgBIMcBKMcBMNcBOBA~CCIQARgBIMgBKMgBMPoBODJoyAFw-gF4OrABAbgBAw~CCcQChgBIMgBKMgBMNEBOAloyQFw0AF4rXeAAed2iAGKxQKwAQG4AQM~CCkQBhgBIMgBKMgBMNIBOAo~CBsQBiDJATgq~CBsQCiDpATgP~CCIQARgBIPQBKPQBMIcCOBNo9QFwhwJ4ObABAbgBAw~CCcQBRgBIIMCKIMCMIoCOAhohAJwigJ4kkKAActBiAHqsgGwAQG4AQM~CBsQCiDdAzgx~CBsQBiCPBDgR~CCgQChgBIKMEKKMEMK0EOApoowRwqgR4wqABgAGOnwGIAZufA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c03::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paleomg.com/
Origin: https://paleomg.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 13:48:25 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 204
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3B71 42 B
110 B 14ms
14ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVRPWFCc7vgpRFQ1VsGyCroofhiBeXVtIgRTbRPh2JXm7GKmtt_VdiO2SASUcEgUtjtZR1XyL03c9mPWis1N4REm_iBq6fTovvpQVcXeg&sig=Cg0ArKJSzGviL9SU5cILEAE&id=ampim&o=792,1199&d=1,1&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=98&tls=1098&g=100&h=100&tt=1098&r=v&adk=296308953&avms=ampa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paleomg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 13:48:25 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

207 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paleomg.com/	1970-01-19 08:21:56	Name: _gat_gtag_UA_27299094_1 Value: 1
.paleomg.com/	1970-01-19 08:23:23	Name: _gid Value: GA1.2.778438698.1585316894
.paleomg.com/	1970-01-20 01:53:08	Name: _ga Value: GA1.2.1716197016.1585316894
.paleomg.com/	1970-01-19 09:05:08	Name: __cfduid Value: d7a2fec42baa898156c420494aca01c8c1585316892

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://paleomg.com/wp-content/cache/busting/1/wp-includes/js/jquery/jquery-migrate.min-1.4.1.js(Line 1) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	warning	URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js(Line 3) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://ads.adthrive.com/core/v1/js/adthrive.min.js?threshold=54(Line 15) Message: %cAdThrive::init started color: #999; font-weight: bold;
console-api	error	URL: https://ads.adthrive.com/core/v1/js/adthrive.min.js?threshold=54(Line 15) Message: %cVideoUtils::getPlacementElement color: #999; font-weight: bold; Error: PSNF: body.single does not exist on the page
console-api	info	URL: https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js(Line 407) Message: Powered by AMP ⚡ HTML – Version 2003101714470 https://paleomg.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js(Line 407) Message: Powered by AMP ⚡ HTML – Version 2003101714470 https://paleomg.com/
console-api	warning	URL: https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js(Line 20) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv768YBUR7SlLEnNNq6biOfvqa9LweBgnKZypiQv4qMoxpaC6TmdfNBQ31KrDLXv204FunmFv7ouflVEe4Vg81BZdceU9mo3e9ck5YHtQHC3OReNWFxdTxso43G_YpnQak_-WkcW0fLN1qW0htRtz084DfoF_chyb9Xa69HYBuXBD2txuyyIoeM0FJ4F456UQ6tMeO6FXNBUA6e_5u6mM-kUOhqXfKwwQ1JoSOXyLedLX-pqLzGvSi2AqTu257rNKXt2CutdbE_R_N6Yyyud24bFZv-Ou2Xep_TtvS7aDo-&sai=AMfl-YS2CxPmNrz3NMCZiT7YUiKpfdTk2GhumZVwcBfmrhXX7wYUlLrwWzXDNkv3l7dqwoEjqpx0gjuwQtSQSoGIPAXbguH3ET2lKaytY0qK&sig=Cg0ArKJSzGwlHqI-ZwNwEAE&adurl=&cbvp=2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
ad.atdmt.com
ads.adthrive.com
adservice.google.com
adservice.google.de
ap.lijit.com
as-sec.casalemedia.com
bidder.criteo.com
cafemedia-d.openx.net
cdn.ampproject.org
cdnjs.cloudflare.com
clarium.global.ssl.fastly.net
csi.gstatic.com
dmx.districtm.io
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hbopenbid.pubmatic.com
ib.adnxs.com
logger.adthrive.com
pagead2.googlesyndication.com
paleomg.com
prebid.adnxs.com
s0.2mdn.net
sb.scorecardresearch.com
scontent.cdninstagram.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tlx.3lift.com
tpc.googlesyndication.com
vap6ams1.lijit.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
104.16.68.69
151.101.13.194
172.217.16.162
172.217.18.98
178.250.0.165
185.33.223.203
185.64.189.112
2.16.105.54
2.21.37.179
216.52.2.30
2404:6800:4003:c03::5e
2606:4700:3036::681f:5b56
2606:4700::6811:4004
2a00:1450:4001:800::2008
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::200a
2a00:1450:4001:815::2006
2a00:1450:4001:817::200e
2a00:1450:4001:81b::2001
2a00:1450:4001:820::2003
2a00:1450:4001:821::2001
2a00:1450:400c:c07::9b
2a03:2880:f02d:5:face:b00c:0:8c
2a03:2880:f22d:c4:face:b00c:0:43fe
34.247.95.233
34.95.120.147
37.252.161.190
52.58.202.213
69.173.144.141
95.101.185.51
99.84.155.129
99.84.155.65
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
063494efe5db9677b188f187dea896a0a2d30f25cc3cdca94d8c57a165335d87
08ab98d0a9cd1bcd2e1af9dcb5002a21896064b3fee94a42ae31ba9f34c594a9
0bd11ec4488f9663bd3a5e8492453901c1b7a332278c85bcfd86228c1658ef33
0e01ba779095edf8cb6af15bd9da3622145744b4c5a687958082b6844dfc7cfc
0e063443c9fc17b47a6c56347534058fd75e60bf5b6ff58cbfdc72472ecd93ab
0e91952335106ae7864cf9a97a0494f4854d1b991c8570ed1d60fbbbd0b508dc
16071c1b3382b5375f716314061201e529e7795554329a760582c43139f3536b
16571bdbaa62bc0addca648c4cd1820bdbf4825184aadb1fea3bc3d5f845e7e4
16caf6876e37f47ce71297ba02143f61e6cb36656d51797cb68f6a89d9d36d09
1758ec0e1eee8a45ff1098f973edfbc77270e3e51df6d60da27c6643f8f49ea9
1b8c7dc99c30fe81b0377419931f00e563727ee2993c633c0142e6ffa1f84524
1c96282835320ddbdcc4c6c3cb943e2b7d5a2b6cce61ab2f7068d099a66396ef
1c99fac19abe5e3063eb5631faa2c084f5dc3f8a788fbd94e3ae1949d7fb04a1
1cf547ae99e538d5b1dac74dc2cc6f4c49c647c7d6010bbc199728aae3f87571
1de7109cf88809d1147254e999d83b9b8d5cb79b487b22eb4aefe3ce25409990
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c
1e3eb7699723c7389b2dab820c745eef6346df618b14afb44a5178bedc874520
1e7cf023a733ede7b7f2978833440d87027d41cadec42e2243d299b47f208e18
1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473
1f8d26097f5d22ed36174bbce17840dfd883295135b533d49b7bb41f16c74c04
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
22e2d9b657abd4fb21794436118da9a1e7c2ba252ce865ff12f509fc2bc68c3b
262a256ce668989cc9ac4afac1f8b3288d86b4e3934f4b5c11712f2a60ba523f
291db5576c9ded6d5cf6cd2d8bc35e4b18b02d8715ee6b610167f56006f4bdcd
295b0b0e59d38337be9e51cf57843cd8a4d1194f900413eba413a724135f6581
2ba72b39b2f9dc97a987dffe00a3a289f5db89d0bf6630d0fa26f0920fbd811a
2c40a818f39f56145bd1ea87bec8dfbc39c3fbbf4ce40c595383343b27905da7
2c52fb9f4ecd9a025352647544a01c6f1206073d9dab3d44a753de6b34ea8ca1
2d5bf97cfa0c407e56135f1b87a9c0bc1e389b8bb9db709c7ec7e0cf3eddf37f
2f22ada33ab08f30d4c13ef3f0f088eb45612d089693467e1196c88a458358a8
2f408ba9ec65c6c3be1da500fc74c5c9a12d49356ce3fafb682a2300c4b0ed69
36a7806d00adf644dc0cb904bf662e690bbb8382b7e0b5899737632788342e9b
37dbf4b6012d4e23cbc1cba50baa3572c93a5c371b9873fb5440cb84dfbf9902
395a375f4a2df3ce8c94e35d7c1fa6a49389e67d9d5dbf8a9915d1a5207c71eb
3fcceed08354a98ddc23dedf5238e9abe6198a44b57344285e5587fbe55632e9
40888936f3dc9567204785d9d55fdaf5506d753e25ed5e45f7bd199501a0b1db
40994c918b77f4a8ce6f0e61789e6275be07955d3fa8cf2ecf2172f8a2e74375
4332baadf258338c077fabb9e6e2339b5c64876c8e7a483bed34840c0687de6d
43375fcfee5f30dcbc71fdb1e244854961ed40e0de4d2dc6799004817a7fc1da
4411a4384267c53f10bd9a3e3d25457de6f6ad64a7347058e5a3867b4f0f3c96
4486f4e70d7321e8f64da51c38b50767e846bdaf4ef3441d628f27a4f8952c10
458860ce8b256b66b223ed10f813b32a012b91698bd98867374cfb24da8ce172
479acd9045d8a89cd3fc25f230e7f98da0cfaf0bb8089c26fa73962bf8070a0b
4a0f2e8706dd009285af735ee68a4e164626f6c11f0b33e21a91c03022afdad1
4a94415d6106b3d286738503ec065af4d8259e7ac3c0372340532f9cd4a4272f
4ccca45202b4e73ed11d9ffe0cfff5ff8ca69ce4d0eef703edc3795d1f4536d8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51792d876ad46401a206cb2ff927b6906e60ffec5e03676d6f4f4d92a33c3490
51a4fafcd0f32e591d016c1d31e3d518755dd3956912421af8cb12c244e82a00
57107d803f4727297e60dcc98f85716a0fc1002f5643b8418282007d0105b7ce
57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf
5a5027f3a100b94f1318545fddb02b34e33d15da01612826a2a04081fa4db41d
5b1f7559ce195f182e7a58b2bd8ba3f72e98195509a46ef281848c4fee1aeec6
62a7dffeb8158e97bf356edd0e0ced0c8bcdfce4d88ce22152c54e15f5e7e3b1
6344ebc6b0202216ae61603e2253e0f1098ac93364d1681518a4346a0f589040
643917ace551a5027e7bc9ac9c35fe1bee2c47da3fc6c86d87e15b5cdb118ec7
697d1a7cef4a81a35b632004bc762e42389fafaaad5e5fddb5a2ff487bfd8015
69b1903d3ca709c14811fede9f4f74441ea462b162df65d1cbf2ee5ba387a507
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b4df79ccc28be4a4460f8a33f0893464e6931b63331eaf0cfe5e94ea01514fa
6b89c2c48e6942196637b3aa07419641bfa646dcf961af92d73d3f28e25fa2f7
6c2db6a6716af33e4c21c41360b1a3833e05a34156012c405177e1b6915fb838
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
72f2a78ef2d65d609b724dc340c8b850b16597ff4221ea789b5676df57c9d5db
7b082daadd28b14604f37e9476dab0a901dbc19f82808056e27be8ca2af1fd98
7d9efaeeca294a982e4e2af800db5437438858e5484096b0ddfc7160b89f568e
7d9ff94a107be6d6187c01f4d5756e582a8eed27f324788cd77f6969a6a45953
80634677692d91186de362515b606efdefc6d36c755c1d350b974d5b8656cbc9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8993752f584b211f124e48a8fc555c405d6426527e2e353ee2a61ab7fd0eda8f
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8ca577e4b37f7a7d1197c5559b94958d3add0e32c2398a3ba380ae90d7c8060b
8cda28ece609be83cd0069c0dcacd0927b1eff73bdd4def01485ae841a6f1b3e
8cef5bd2a987a11f5c690e08a11f6f155acdc9b2209a3118c94db86a77601968
8ee04e0441c9e51785d17ac835a93cf4d30d90826f87350b42ba233496a26f55
8ef05446336abbed29bc35633a9b6495290ea63989695928bbb4d746fc07a8d7
8fc74bee456271084ab8b6864f9fb3eb9a773ff59a544999b34adf15de20bccf
8fcbb6a4209b8199bd5ec9e62584317bdd92d25f128e8a6421ca80f263ecd97d
90fd527000fb01744f8fb320cf786d3ab2e37d2153b994160a0888dde3479d04
910669ba88e39635abec79818e58c9b519c06730c336ff5befe1b38d12b7ee99
9334cdaf070f9ee65784c5448038092e73648a63bbcca70cc837df2534acdde4
939acce83659d5d087fd095e018d7ef8cc82b9a9e9cf6fe1e8926543c32502f7
947af2cc538c34dc77d0e494a141a7242c09ee5eddbe4a8476d1f644ae1c5930
95f9141ed1e643ae87e9d43ad7d48ae83d0888a44555b9f49e2852a26249051e
9647cff1fdeb978db6ef2b03a8f39e45f12b7fe689ab6c5a57a1bfd4e7058dbf
989e0f1e493bc96574d606d07c5ea20db5536e20a091f0237f7e4d8a71915f1a
9954d39643c0297bc304c7ace8dca87364967239844ae944949dab3be1cebd63
9964907f4cd8ef26e3eb28c19186e00875aab9faaad2c6c567aae6045ee2218b
9acec9bbf365abaa5e650e14d3dc9150cf07408c9fb72ace5d0f1a81743aae88
9ae563030be6d0ccd3f9b141d878569a8fa4ae6768ab6114ab34ea34f2caf0d7
9bd25db4b989822d807ecc61e0d44337c34dedec6b0b61a2d9d9761f746befd2
9cb5bf07f0c3efc07bc5bc61b0b003a566847a00646ef390dcc5842d70a92fc3
9e485537874a69803cbf4152bcc65862807a717cbc0744180015b2c8d24ce983
9f17f745142a47fe2595a89aa7b697b19ed9eed691131903faa4ce0ba3d972e5
a0d544de4c91c30690c6274fbe310631a1b98906f5aceab84d4f71ebec3de9ba
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a48dea362116d7516a2cf97066a32758d353760ee02dbf900ddff86b02a16473
a5734034b51582f245fc1346bf6e31448b86c3afa9ed6f1b6e2ea47763486d96
a92190b8bbe424badf0c5291a4a7a2124fb6b72cfd5326c268e5ddd62f935b5d
ac74553ab1e339940dc7b1813856122a764d8372275d91c23b21f80cee385023
adacda3005479f23f4daad15d5b245c163e3b97144724a1d44f621a3a56290ac
aeff035a5784ff0b87c5e989843e4b766e044f92ae07fe7fff32430a5d65dbf4
af460fd7a4bfd27fd71257a54bf9824854c2920d95ba6a7e26cc20cd957e9ac8
affa28efb0c6bb6f9bb296d2e171e38589f3534b5d39081577bbc0eb2cd7a0cc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6e25970216d0de77206d3d3bd40ca7a9fd3c49e92feb0efa7e05ac2644b2dfa
b7ab658563182cbd6b2f0cd7707bac1b9b449520154fed95f0d6928446122868
b917c5ed9deeca6ae9c398ed6b31172666f80ea382d8944f7e227224ce5d9ffb
bbded05e2a8beb545e8af4da910434bd3731a74c19b6658cb40d4941fc3ee93b
be6cb87334dcea67082729dd3804cc9e950f82929e9496db4d87dcb356c4f1fd
bed0bd033705c33f1742d8fab2bfed8e945567319fd00e529838392eca49eac0
bf40ddd9133a7446364eee1122f986469cd73178ce141c9537488b6a68f9f36b
bf9ff78a0cccb900bc93e3111b08be734ec7bdb52e0a2e17a727df34fc5d1f63
c2b0d171a4179bf00898c430c1c15464e528aff5762fc70a5d02184834c82eff
c4154129ebd028c6a491139f744aef258c77f427ce2155b03a0466fb84c4e165
c425507a5ee5ac4874115caa2435a993badde1cf61478ae63c690e0d6b96ca16
c5f00cae378780ce01b7faaf047ccf2b1b6b000822d57927133b5c83e3df2212
c8ab19a7651ec971b6fbc4c0ad6381086b9709b80c92e26b61af4de5cccda6f0
c97bbcb44a6699c57fa8899e82852518358654e7ae21191c00b1c1753e6eb717
cbd1775fb3d794ab6b75d862edbc0b29f07e5cd24428d526d74c037cbf726a1b
cc8258233bcf96e84b0515a545a05357cc8b13cbd1487339f2c0131632de35b3
ccc670224e424e862792b15086aad72692b18691db1ee7aad673311fa2bac51f
cceecffd814c897c8028f26df881a4786caf6337f060dcab303951b9473412a9
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
d014d65336bed3d85fcb0250c85454e00e3c9b0f21fc155372c8731f496de382
d1d4ce1f4487d5124a6765ee0894e80b4108c091da1e52696d403b8d6df9d666
d2b06633f9caa52f89fab8a76882b20dd30103013b3160fad821b472791dd49b
d4bf93c15b79b9222a388d4732df3749c1bd27a53ee059db1db50209771aa777
d8daba673562081f9769b0eb2dd1303fa8844bd0b00be2c78714936806101ced
d99cd5cb1caa432a75fd11005c52773334caa776cd03a727fd5178b6fb48d797
de9c061c382b3989f2b1f82963fba5e646aba5ea769226ae3fed994d45f9ca0f
dfa0a61954689d4085cea992d0367a9854fe0b0cb0d63786f87131d4c51363da
e0c963c53840c03fa7dbf0a571050fe0c8f3edb054b29015e72351547fd9dcac
e17e03dc3ff1767a8d185975a2bf392068a0b2f2848503c38ceaa3f10fb0ea84
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea8fe3a6fe54d0d4749ece5329abf3ff07b19cb603425cf6c5c8febe9ae138ad
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
eb43e8f62a0a26affd917433d135eff06b5108ebff2045ab38d37b24e56c7365
ec538ac959780a016c9ad8bb8160e9b31bbe2570a73a206ba4bbaa2ad5318208
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2e60d0a77f1d63a9fd3b21fbb9d21345a61dc43d6c9b749e45753c5d993a6e8
f6f939cea1c46e5479112edb0ff79a651079dcb8d81f28b16e61f22dbce6e26d
f7d8e2c1b5119acda80f2535fafe66cd32864be9372fbf0d0d3ec8aeefa39ae7
fc47087b93472c0c75f7830652611523322318a5204cafb03f61324c9eeb925d
fccff3451eed13caae3793ae4538b11d7eceb9860191afec3bfc5cc40c1c6aaf
ffdc18ac8f47bcd50dd9c33532c334e7073717a62b367d95b9cb1561048547dc

paleomg.com Open in urlscan Pro 2606:4700:3036::681f:5b56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

163 Requests

100 %HTTPS

45 %IPv6

29 Domains

37 Subdomains

34 IPs

9 Countries

3013 kBTransfer

7068 kBSize

4 Cookies

8 Outgoing links

Page URL History

Redirected requests

163 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 24 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

paleomg.com Open in urlscan Pro
2606:4700:3036::681f:5b56 Public Scan

Screenshot
Live screenshot

Full Image

163
Requests

100 %
HTTPS

45 %
IPv6

29
Domains

37
Subdomains

34
IPs

9
Countries

3013 kB
Transfer

7068 kB
Size

4
Cookies

163 HTTP transactions
24 data transactions