urlscan.io logo urlscan.io
SecurityTrails logo

paulamclain.com Open in urlscan Pro
52.116.201.88  Public Scan

Go To Rescan Add Verdict Report
URL: https://paulamclain.com/
Submission: On January 20 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 1 countries across 13 domains to perform 41 HTTP transactions. The main IP is 52.116.201.88, located in United States and belongs to SOFTLAYER, US. The main domain is paulamclain.com.
TLS certificate: Issued by R3 on January 19th 2024. Valid for: 3 months.
This is the only time paulamclain.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 52.116.201.88 36351 (SOFTLAYER)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
5 2600:9000:202... 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:212... 16509 (AMAZON-02)
1 2600:141b:1c0... 20940 (AKAMAI-ASN1)
1 2 63.140.38.226 14618 (AMAZON-AES)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2600:9000:212... 16509 (AMAZON-02)
2 4 68.67.160.186 29990 (ASN-APPNEX)
2 2 35.71.131.137 16509 (AMAZON-02)
2 2 54.172.228.89 14618 (AMAZON-AES)
1 1 44.218.239.184 14618 (AMAZON-AES)
1 34.230.134.41 14618 (AMAZON-AES)
41 14
16    52.116.201.88 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 58.c9.7434.ip4.static.sl-reverse.com
paulamclain.com
4    2607:f8b0:4006:823::200a (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4006:81e::200a (Colchester, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
5    2600:9000:2026:a400:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.tiqcdn.com
3    2607:f8b0:4006:81d::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:212f:e200:16:98e8:3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.b1js.com
1    2600:141b:1c00:e::172c:c9e4 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    63.140.38.226 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-226.data.adobedc.net
scode.randomhouse.com
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    2600:9000:212f:4600:1d:16cb:5a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.b1js.com
4    68.67.160.186 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
2    54.172.228.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-228-89.compute-1.amazonaws.com
dpm.demdex.net
1    44.218.239.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-218-239-184.compute-1.amazonaws.com
usermatch.krxd.net
1    34.230.134.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-134-41.compute-1.amazonaws.com
beacon.krxd.net
Apex Domain
Subdomains		 Transfer
16 paulamclain.com
paulamclain.com
2 MB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 349
www.linkedin.com — Cisco Umbrella Rank: 632
px4.ads.linkedin.com — Cisco Umbrella Rank: 6550
5 KB
5 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1194
45 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
ajax.googleapis.com — Cisco Umbrella Rank: 369
33 KB
4 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 490
4 KB
3 gstatic.com
fonts.gstatic.com
66 KB
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1811
beacon.krxd.net — Cisco Umbrella Rank: 784
557 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 239
1 KB
2 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 637
match.adsrvr.org — Cisco Umbrella Rank: 357
877 B
2 randomhouse.com
scode.randomhouse.com — Cisco Umbrella Rank: 105147
1 KB
2 b1js.com
js.b1js.com — Cisco Umbrella Rank: 177326
tags.b1js.com — Cisco Umbrella Rank: 189071
9 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 783
16 KB
0 b1img.com Failed
b1img.com Failed
41 13
Domain Requested by
16 paulamclain.com paulamclain.com
5 tags.tiqcdn.com paulamclain.com
tags.tiqcdn.com
4 secure.adnxs.com 2 redirects
4 px.ads.linkedin.com 3 redirects snap.licdn.com
4 fonts.googleapis.com paulamclain.com
3 fonts.gstatic.com fonts.googleapis.com
2 dpm.demdex.net 2 redirects
2 scode.randomhouse.com 1 redirects paulamclain.com
1 beacon.krxd.net
1 usermatch.krxd.net 1 redirects
1 match.adsrvr.org 1 redirects
1 insight.adsrvr.org 1 redirects
1 tags.b1js.com js.b1js.com
1 px4.ads.linkedin.com paulamclain.com
1 www.linkedin.com 1 redirects
1 snap.licdn.com tags.tiqcdn.com
1 js.b1js.com tags.tiqcdn.com
1 ajax.googleapis.com paulamclain.com
0 b1img.com Failed js.b1js.com
41 19
Subject Issuer Validity Valid
paulamclain.com
R3		 2024-01-19 -
2024-04-18		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
js.b1js.com
Amazon RSA 2048 M02		 2023-02-22 -
2024-03-22		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
tags.b1js.com
Amazon RSA 2048 M02		 2023-02-22 -
2024-03-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://paulamclain.com/
Frame ID: 99BB8CC84C51DF47A89A95876FE83D85
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Paula McLain - New York Times bestselling author | New York Times bestselling author

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

80 %
HTTPS

50 %
IPv6

13
Domains

19
Subdomains

14
IPs

1
Countries

1726 kB
Transfer

2119 kB
Size

18
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://scode.randomhouse.com/b/ss/ranhrollup/1/JS-2.22.0/s35332541972679?AQB=1&ndh=1&pf=1&t=20%2F0%2F2024%2013%3A34%3A21%206%20600&fid=086D2B9AB3DAB402-3E4053152881C651&ce=UTF-8&pageName=Paula%20McLain%20-%20New%20York%20Times%20bestselling%20author%20%7C%20New%20York%20Times%20bestselling%20author&g=https%3A%2F%2Fpaulamclain.com%2F&cc=USD&ch=%2F&v9=D%3Ds_vi&c34=https%3A%2F%2Fpaulamclain.com%2F&c43=paulamclain.com%20%7C%20rh-rhpg&v51=https%3A%2F%2Fpaulamclain.com%2F&c54=Paula%20McLain%20-%20New%20York%20Times%20bestselling%20author%20%7C%20New%20York%20Times%20bestselling%20author&v54=Paula%20McLain%20-%20New%20York%20Times%20bestselling%20author%20%7C%20New%20York%20Times%20bestselling%20author&v80=user_&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
  • https://scode.randomhouse.com/b/ss/ranhrollup/1/JS-2.22.0/s35332541972679?AQB=1&pccr=true&vidn=32D62C3EE177D1C3-40001E03A35C2109&ndh=1&pf=1&t=20%2F0%2F2024%2013%3A34%3A21%206%20600&fid=086D2B9AB3DAB402-3E4053152881C651&ce=UTF-8&pageName=Paula%20McLain%20-%20New%20York%20Times%20bestselling%20author%20%7C%20New%20York%20Times%20bestselling%20author&g=https%3A%2F%2Fpaulamclain.com%2F&cc=USD&ch=%2F&v9=D%3Ds_vi&c34=https%3A%2F%2Fpaulamclain.com%2F&c43=paulamclain.com%20%7C%20rh-rhpg&v51=https%3A%2F%2Fpaulamclain.com%2F&c54=Paula%20McLain%20-%20New%20York%20Times%20bestselling%20author%20%7C%20New%20York%20Times%20bestselling%20author&v54=Paula%20McLain%20-%20New%20York%20Times%20bestselling%20author%20%7C%20New%20York%20Times%20bestselling%20author&v80=user_&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Request Chain 32
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=497116&time=1705793661658&url=https%3A%2F%2Fpaulamclain.com%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=497116&time=1705793661658&url=https%3A%2F%2Fpaulamclain.com%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D497116%26time%3D1705793661658%26url%3Dhttps%253A%252F%252Fpaulamclain.com%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=497116&time=1705793661658&url=https%3A%2F%2Fpaulamclain.com%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=497116&time=1705793661658&url=https%3A%2F%2Fpaulamclain.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQLuXP9ywx3f_QAAAY0pOax3o4HAARnhVc_aiYnCRLLpFSui1UC34kiJqhU9M6bZR-C9v4k
Request Chain 36
  • https://secure.adnxs.com/px?id=915858&order_id=Visitor&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D915858%26order_id%3DVisitor%26t%3D2
Request Chain 37
  • https://insight.adsrvr.org/track/evnt/?adv=mp74px5&ct=0:bpg299vw&fmt=3 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=9cfeafbb-26cf-4f91-8d5a-96e671779584&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=9cfeafbb-26cf-4f91-8d5a-96e671779584&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
  • https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=9cfeafbb-26cf-4f91-8d5a-96e671779584 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=9cfeafbb-26cf-4f91-8d5a-96e671779584
Request Chain 38
  • https://secure.adnxs.com/seg?add=11323232,10480575,9954445,2783938&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D11323232%2C10480575%2C9954445%2C2783938%26t%3D2

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
paulamclain.com/ 		28 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paulamclain.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.116.201.88 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
58.c9.7434.ip4.static.sl-reverse.com
Software
nginx/1.14.2 /
Resource Hash
fc215c1d07d2c3ea948176cbdba34687b4d5fdfa8776f200665e35628e68db7b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Age
287
Connection
keep-alive
Content-Encoding
gzip
Content-Length
7457
Content-Type
text/html; charset=UTF-8
Date
Sat, 20 Jan 2024 23:22:51 GMT
Front-End-Https
on
Server
nginx/1.14.2
Vary
Accept-Encoding
X-Cache
HIT
X-Cache-Hits
2
css
fonts.googleapis.com/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: paulamclain.com
URL: https://paulamclain.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1eda5a22ae0ee3edb6d629fa72ff806cbd1e54de7bafa122cd26ace6ee69679d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 20 Jan 2024 23:34:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 20 Jan 2024 23:24:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 20 Jan 2024 23:34:20 GMT
css
fonts.googleapis.com/ 		402 B
722 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Serif
Requested by
Host: paulamclain.com
URL: https://paulamclain.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0316c13c78215f53b18fc21e7f94789ed56484b5d964670a44ce6fca2f4c6fac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 20 Jan 2024 23:34:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 20 Jan 2024 23:10:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 20 Jan 2024 23:34:20 GMT
css
fonts.googleapis.com/ 		2 KB
459 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Serif:400,700,400italic,700italic
Requested by
Host: paulamclain.com
URL: https://paulamclain.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d480e4f6869fe772f8a64c20e711ec8d164ab0b6d4b4ef4b381aa088e583570e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 20 Jan 2024 23:34:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 20 Jan 2024 23:15:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 20 Jan 2024 23:34:20 GMT
css
fonts.googleapis.com/ 		1 KB
482 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400
Requested by
Host: paulamclain.com
URL: https://paulamclain.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7025d911099800ec6b8d8acc5cc18669d61e86753097885cb7646f86b249c03d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 20 Jan 2024 23:34:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 20 Jan 2024 23:33:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 20 Jan 2024 23:34:20 GMT
style.min.css
paulamclain.com/wp-includes/css/dist/block-library/ 		107 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paulamclain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by
Host: paulamclain.com
URL: https://paulamclain.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.116.201.88 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
58.c9.7434.ip4.static.sl-reverse.com
Software
nginx/1.14.2 /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 20 Jan 2024 23:22:51 GMT
Content-Encoding
gzip
Last-Modified
Sun, 05 Nov 2023 19:40:32 GMT
Server
nginx/1.14.2
Age
267
ETag
"1add3-6096ce9174c00-gzip"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css
Front-End-Https
on
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14499
X-Cache-Hits
1
normalize.css
paulamclain.com/wp-content/themes/paula_1.0/css/ 		1008 B
896 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paulamclain.com/wp-content/themes/paula_1.0/css/normalize.css
Requested by
Host: paulamclain.com
URL: https://paulamclain.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.116.201.88 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
58.c9.7434.ip4.static.sl-reverse.com
Software
nginx/1.14.2 /
Resource Hash
e046e1167854936f9fc62fb249805fde9c3fd7596be420649da4bf93d1fae704

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 20 Jan 2024 23:22:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 May 2015 18:59:00 GMT
Server
nginx/1.14.2
Age
267
ETag
"3f0-5158281226500-gzip"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css
Front-End-Https
on
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
540
X-Cache-Hits
2
main.css
paulamclain.com/wp-content/themes/paula_1.0/css/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paulamclain.com/wp-content/themes/paula_1.0/css/main.css?v=1.28
Requested by
Host: paulamclain.com
URL: https://paulamclain.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.116.201.88 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
58.c9.7434.ip4.static.sl-reverse.com
Software
nginx/1.14.2 /
Resource Hash
01d1af1d50413f61e603aef393d86404a4cfe84deb760bc5f448fd91b0ed6b36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 20 Jan 2024 23:22:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Oct 2021 11:34:51 GMT
Server
nginx/1.14.2
Age
267
ETag
"3e07-5ceb30cb1ccc0-gzip"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css
Front-End-Https
on
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3461
X-Cache-Hits
2
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: paulamclain.com
URL: https://paulamclain.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 21:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 Jan 2025 21:30:03 GMT
jssor.slider.min.js
paulamclain.com/wp-content/themes/paula_1.0/lib/ 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paulamclain.com/wp-content/themes/paula_1.0/lib/jssor.slider.min.js
Requested by
Host: paulamclain.com
URL: https://paulamclain.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.116.201.88 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
58.c9.7434.ip4.static.sl-reverse.com
Software
nginx/1.14.2 /
Resource Hash
ec18793c68e14a0ba65f708cc04bfee6d38ff1f69f18efc873dfd15700197175

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 20 Jan 2024 23:22:51 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 May 2015 16:37:40 GMT
Server
nginx/1.14.2
Age
267
ETag
"cd01-5163594423d00-gzip"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/javascript
Front-End-Https
on
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19468
X-Cache-Hits
2
main.js
paulamclain.com/wp-content/themes/paula_1.0/lib/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paulamclain.com/wp-content/themes/paula_1.0/lib/main.js?v=1.9
Requested by
Host: paulamclain.com
URL: https://paulamclain.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.116.201.88 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
58.c9.7434.ip4.static.sl-reverse.com
Software
nginx/1.14.2 /
Resource Hash
4ef787c5fad080f48b8d242a8ffd566ee34277482a6f5ad08f86703634234ad5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 20 Jan 2024 23:22:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Oct 2021 11:35:06 GMT
Server
nginx/1.14.2
Age
267
ETag
"133c-5ceb30d96ae80-gzip"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/javascript
Front-End-Https
on
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1866
X-Cache-Hits
2
slider-stars.jpg
paulamclain.com/wp-content/uploads/2020/09/ 		253 KB
254 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paulamclain.com/wp-content/uploads/2020/09/slider-stars.jpg
Requested by
Host: paulamclain.com
URL: https://paulamclain.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.116.201.88 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
58.c9.7434.ip4.static.sl-reverse.com
Software
nginx/1.14.2 /
Resource Hash
8b645ee9327c9b16e06169f3470512745495e69271e4feedff14fa2c07f40521

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 20 Jan 2024 23:22:51 GMT
Last-Modified
Mon, 14 Sep 2020 22:03:09 GMT
Server
nginx/1.14.2
Age
3257
ETag
"3f517-5af4d3325a140"
Front-End-Https
on
X-Cache
HIT
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
259351
X-Cache-Hits
1
stars-pb-200x300.png
paulamclain.com/wp-content/uploads/2022/04/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paulamclain.com/wp-content/uploads/2022/04/stars-pb-200x300.png
Requested by
Host: paulamclain.com
URL: https://paulamclain.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.116.201.88 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
58.c9.7434.ip4.static.sl-reverse.com
Software
nginx/1.14.2 /
Resource Hash
efef860044dd3d12f2e31eb49800e656e38aa66a0fc3f28f8b46dbb0a6135e2f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 20 Jan 2024 23:22:51 GMT
Last-Modified
Tue, 12 Apr 2022 14:16:56 GMT
Server
nginx/1.14.2
Age
3257
ETag
"144cf-5dc75b6942600"
Front-End-Https
on
X-Cache
HIT
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
83151
X-Cache-Hits
1
paula_bio_sm_2018.png
paulamclain.com/wp-content/uploads/2017/12/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paulamclain.com/wp-content/uploads/2017/12/paula_bio_sm_2018.png
Requested by
Host: paulamclain.com
URL: https://paulamclain.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.116.201.88 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
58.c9.7434.ip4.static.sl-reverse.com
Software
nginx/1.14.2 /
Resource Hash
69c0f6f1acbf4164e41d69330603980e1cf79f22805e7f8d34160a2e57e22b0f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 20 Jan 2024 23:22:52 GMT
Last-Modified
Fri, 08 Dec 2017 20:48:15 GMT
Server
nginx/1.14.2
Age
13579
ETag
"8ee1-55fda4db881c0"
Front-End-Https
on
X-Cache
HIT
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36577
X-Cache-Hits
1
193a0f85-3cd3-4dab-8f0b-ca693b1ae738
https://paulamclain.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://paulamclain.com/193a0f85-3cd3-4dab-8f0b-ca693b1ae738
Requested by
Host: paulamclain.com
URL: https://paulamclain.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
utag.js
tags.tiqcdn.com/utag/random/rh-rhpg/prod/ 		94 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/random/rh-rhpg/prod/utag.js
Requested by
Host: paulamclain.com
URL: https://paulamclain.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2026:a400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
274f1288fa64084c0c4b2832582c2c6a923ea14cc8467e3370dc4e9d1cd51e89

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
0BhT7c19B3ZV0g2OapH2aO.LfjpyCP87
content-encoding
gzip
via
1.1 94d0933da2f9125873922490cab8e2b6.cloudfront.net (CloudFront)
date
Sat, 20 Jan 2024 23:34:21 GMT
last-modified
Wed, 19 Jul 2023 21:06:53 GMT
server
AmazonS3
x-amz-cf-pop
ORD53-C3
x-amz-server-side-encryption
AES256
etag
W/"8d8bdc2b093e0e602ec342998cfc994a"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
rBs44g2RK9d8MXjCy83vGtSDWdTVJVPCsuauPnYRq_3dCJ4Qc_dN7A==
bg.jpg
paulamclain.com/wp-content/themes/paula_1.0/images/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paulamclain.com/wp-content/themes/paula_1.0/images/bg.jpg
Requested by
Host: paulamclain.com
URL: https://paulamclain.com/wp-content/themes/paula_1.0/css/main.css?v=1.28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.116.201.88 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
58.c9.7434.ip4.static.sl-reverse.com
Software
nginx/1.14.2 /
Resource Hash
b501a90a547b69e86073ce23f741e5cfd0871df304ef85f4c151fc3154082717

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/wp-content/themes/paula_1.0/css/main.css?v=1.28
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 20 Jan 2024 23:22:52 GMT
Last-Modified
Tue, 26 May 2015 13:06:11 GMT
Server
nginx/1.14.2
Age
267
ETag
"8f12-516fbca5936c0"
Front-End-Https
on
X-Cache
HIT
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36626
X-Cache-Hits
1
sprite_social.png
paulamclain.com/wp-content/themes/paula_1.0/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paulamclain.com/wp-content/themes/paula_1.0/images/sprite_social.png
Requested by
Host: paulamclain.com
URL: https://paulamclain.com/wp-content/themes/paula_1.0/css/main.css?v=1.28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.116.201.88 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
58.c9.7434.ip4.static.sl-reverse.com
Software
nginx/1.14.2 /
Resource Hash
ecca7fd6a864c0445d3b773f6302b27d7728b2796dad5af22d15c3b090d67192

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/wp-content/themes/paula_1.0/css/main.css?v=1.28
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 20 Jan 2024 23:22:52 GMT
Last-Modified
Tue, 26 May 2015 13:29:08 GMT
Server
nginx/1.14.2
Age
266
ETag
"1155-516fc1c6c9100"
Front-End-Https
on
X-Cache
HIT
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4437
X-Cache-Hits
1
bg2_nav.png
paulamclain.com/wp-content/themes/paula_1.0/images/ 		677 B
982 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paulamclain.com/wp-content/themes/paula_1.0/images/bg2_nav.png
Requested by
Host: paulamclain.com
URL: https://paulamclain.com/wp-content/themes/paula_1.0/css/main.css?v=1.28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.116.201.88 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
58.c9.7434.ip4.static.sl-reverse.com
Software
nginx/1.14.2 /
Resource Hash
060b8a3909c0b19bc83f8482f1218279c675a7ad83ab25083d44ae54d9f5d531

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/wp-content/themes/paula_1.0/css/main.css?v=1.28
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 20 Jan 2024 23:22:52 GMT
Last-Modified
Wed, 13 Dec 2017 14:51:20 GMT
Server
nginx/1.14.2
Age
266
ETag
"2a5-56039e67e6a00"
Front-End-Https
on
X-Cache
HIT
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
677
X-Cache-Hits
1
bg2_footer.png
paulamclain.com/wp-content/themes/paula_1.0/images/ 		759 KB
759 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paulamclain.com/wp-content/themes/paula_1.0/images/bg2_footer.png
Requested by
Host: paulamclain.com
URL: https://paulamclain.com/wp-content/themes/paula_1.0/css/main.css?v=1.28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.116.201.88 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
58.c9.7434.ip4.static.sl-reverse.com
Software
nginx/1.14.2 /
Resource Hash
72b3c44602e7bd485bc8d2a1c5b9b7fe4f71460e0f00745d28aa5c2308b4e71a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/wp-content/themes/paula_1.0/css/main.css?v=1.28
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 20 Jan 2024 23:22:52 GMT
Last-Modified
Wed, 13 Dec 2017 15:09:32 GMT
Server
nginx/1.14.2
Age
266
ETag
"bdb13-5603a27950300"
Front-End-Https
on
X-Cache
HIT
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
776979
X-Cache-Hits
1
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://paulamclain.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:27:19 GMT
x-content-type-options
nosniff
age
122821
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 13:27:19 GMT
tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
fonts.gstatic.com/s/droidserif/v19/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidserif/v19/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Serif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://paulamclain.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:12:43 GMT
x-content-type-options
nosniff
age
123697
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22476
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:19:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 13:12:43 GMT
tDbK2oqRg1oM3QBjjcaDkOr4nAfcHg.woff2
fonts.gstatic.com/s/droidserif/v19/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidserif/v19/tDbK2oqRg1oM3QBjjcaDkOr4nAfcHg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Serif:400,700,400italic,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
722d1d506241600936dd8a2bd82430e214405cefb4ee2496194ddedc92f0d193
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://paulamclain.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:43:24 GMT
x-content-type-options
nosniff
age
121856
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20452
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:27:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 13:43:24 GMT
wp-emoji-release.min.js
paulamclain.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paulamclain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: paulamclain.com
URL: https://paulamclain.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.116.201.88 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
58.c9.7434.ip4.static.sl-reverse.com
Software
nginx/1.14.2 /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 20 Jan 2024 23:22:52 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Feb 2023 00:53:25 GMT
Server
nginx/1.14.2
Age
6109
ETag
"4904-5f3acfe01ab40-gzip"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/javascript
Front-End-Https
on
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5039
X-Cache-Hits
2
slider-stars.jpg
paulamclain.com/wp-content/uploads/2020/09/ 		253 KB
254 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paulamclain.com/wp-content/uploads/2020/09/slider-stars.jpg
Requested by
Host: paulamclain.com
URL: https://paulamclain.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.116.201.88 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
58.c9.7434.ip4.static.sl-reverse.com
Software
nginx/1.14.2 /
Resource Hash
8b645ee9327c9b16e06169f3470512745495e69271e4feedff14fa2c07f40521

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 20 Jan 2024 23:22:52 GMT
Last-Modified
Mon, 14 Sep 2020 22:03:09 GMT
Server
nginx/1.14.2
Age
0
ETag
"3f517-5af4d3325a140"
Front-End-Https
on
X-Cache
HIT
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
259351
X-Cache-Hits
1
paula_nl_bg2.jpg
paulamclain.com/wp-content/themes/paula_1.0/images/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paulamclain.com/wp-content/themes/paula_1.0/images/paula_nl_bg2.jpg
Requested by
Host: paulamclain.com
URL: https://paulamclain.com/wp-content/themes/paula_1.0/css/main.css?v=1.28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.116.201.88 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
58.c9.7434.ip4.static.sl-reverse.com
Software
nginx/1.14.2 /
Resource Hash
81d836850fa38af59e51922cb1ad0dec9cc0cf9b329f3c5ceac9e4c950d4c51f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/wp-content/themes/paula_1.0/css/main.css?v=1.28
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 20 Jan 2024 23:22:52 GMT
Last-Modified
Tue, 19 Oct 2021 11:26:10 GMT
Server
nginx/1.14.2
Age
266
ETag
"1272c-5ceb2eda3f880"
Front-End-Https
on
X-Cache
HIT
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
75564
X-Cache-Hits
1
utag.255.js
tags.tiqcdn.com/utag/random/rh-rhpg/prod/ 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/random/rh-rhpg/prod/utag.255.js?utv=ut4.39.202212142217
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rh-rhpg/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2026:a400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41ba758ce9d1e4232736cd3b96631752158e18d61105aa2e13fd46d04b41758e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
g8L8zlsPXn_5kK5ps5qcIdjTjFYru7Qi
content-encoding
br
via
1.1 94d0933da2f9125873922490cab8e2b6.cloudfront.net (CloudFront)
date
Sat, 20 Jan 2024 23:34:22 GMT
last-modified
Wed, 19 Jul 2023 21:06:49 GMT
server
AmazonS3
x-amz-cf-pop
ORD53-C3
x-amz-server-side-encryption
AES256
etag
W/"c6c099084c07b93894c018c60d523286"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
EHTacDCr2W5Um36rGg0V9QZ7CKV75z7fJwUQk4F5XAoxdy2GLn7vWQ==
utag.581.js
tags.tiqcdn.com/utag/random/rh-rhpg/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/random/rh-rhpg/prod/utag.581.js?utv=ut4.39.202212142217
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rh-rhpg/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2026:a400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54466e88401344780e4d1eea2b0bcd7733102010ead68420d9068c66d4ba4709

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
ZI2aaWIwPgU5uYnViuiT_orGiUpAlf_C
content-encoding
br
via
1.1 94d0933da2f9125873922490cab8e2b6.cloudfront.net (CloudFront)
date
Sat, 20 Jan 2024 23:31:53 GMT
last-modified
Wed, 19 Jul 2023 21:06:43 GMT
server
AmazonS3
x-amz-cf-pop
ORD53-C3
age
165
x-amz-server-side-encryption
AES256
etag
W/"37f40c6a7e0977468cc1e4d6dae70de9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
DbvIk5grmw_C3LXCshE888eTh_2sGMo8Y9hgD73MrxqeaKjxQnpB6w==
utag.600.js
tags.tiqcdn.com/utag/random/rh-rhpg/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/random/rh-rhpg/prod/utag.600.js?utv=ut4.39.202212142217
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rh-rhpg/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2026:a400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aab2422ece63898adcc780934d6e91e8120bfe82f851740902f6fe5fa6fbf71e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
XaNpWDn3LEK9gp2fwCFFlKaCm4U5B3O8
content-encoding
br
via
1.1 94d0933da2f9125873922490cab8e2b6.cloudfront.net (CloudFront)
date
Sat, 20 Jan 2024 23:31:53 GMT
last-modified
Wed, 19 Jul 2023 21:06:44 GMT
server
AmazonS3
x-amz-cf-pop
ORD53-C3
age
165
x-amz-server-side-encryption
AES256
etag
W/"632d3e4926f8b0b09efc0a78396d435e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
_gEPNIStGMcMCB1e2MUXcxuf2e3IfGk2Ya6IFwUJapgriSea49F3fg==
tagcontainer.js
js.b1js.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.b1js.com/tagcontainer.js?id=1b4a926512c3472491471a3c1e91e7fb&type=1
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rh-rhpg/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:e200:16:98e8:3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa6d246b346ce3563f8a1b58e7e5bb0633f84c98f24d1c4f841eb6b0253940fe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 02:00:04 GMT
content-encoding
gzip
via
1.1 33a89f27becabefce49116de5fab23d8.cloudfront.net (CloudFront)
last-modified
Thu, 10 Jun 2021 11:14:57 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C1
age
77658
etag
W/"bbde918773ffa89049b954bdb5f0a9c1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
xhUOU5YAlAbs4OCmd2zO5TYcolbcBLk_rPtmPXw01cvHUuNF6SRH7Q==
insight.min.js
snap.licdn.com/li.lms-analytics/ 		43 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rh-rhpg/prod/utag.600.js?utv=ut4.39.202212142217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:e::172c:c9e4 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 23:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Jan 2024 16:29:26 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=27343
accept-ranges
bytes
content-length
15732
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=random/rh-rhpg/202307192105&cb=1705793661351
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/random/rh-rhpg/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2026:a400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Sat, 20 Jan 2024 23:32:32 GMT
via
1.1 94d0933da2f9125873922490cab8e2b6.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD53-C3
age
110
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
Qu7eqcnXuiQFP14FwHC4os-kQTCG8V2GqqoXH1Cj67bLyjvKWMC-4A==
s35332541972679
scode.randomhouse.com/b/ss/ranhrollup/1/JS-2.22.0/
Redirect Chain
  • https://scode.randomhouse.com/b/ss/ranhrollup/1/JS-2.22.0/s35332541972679?AQB=1&ndh=1&pf=1&t=20%2F0%2F2024%2013%3A34%3A21%206%20600&fid=086D2B9AB3DAB402-3E4053152881C651&ce=UTF-8&pageName=Paula%20M...
  • https://scode.randomhouse.com/b/ss/ranhrollup/1/JS-2.22.0/s35332541972679?AQB=1&pccr=true&vidn=32D62C3EE177D1C3-40001E03A35C2109&ndh=1&pf=1&t=20%2F0%2F2024%2013%3A34%3A21%206%20600&fid=086D2B9AB3DA...
43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scode.randomhouse.com/b/ss/ranhrollup/1/JS-2.22.0/s35332541972679?AQB=1&pccr=true&vidn=32D62C3EE177D1C3-40001E03A35C2109&ndh=1&pf=1&t=20%2F0%2F2024%2013%3A34%3A21%206%20600&fid=086D2B9AB3DAB402-3E4053152881C651&ce=UTF-8&pageName=Paula%20McLain%20-%20New%20York%20Times%20bestselling%20author%20%7C%20New%20York%20Times%20bestselling%20author&g=https%3A%2F%2Fpaulamclain.com%2F&cc=USD&ch=%2F&v9=D%3Ds_vi&c34=https%3A%2F%2Fpaulamclain.com%2F&c43=paulamclain.com%20%7C%20rh-rhpg&v51=https%3A%2F%2Fpaulamclain.com%2F&c54=Paula%20McLain%20-%20New%20York%20Times%20bestselling%20author%20%7C%20New%20York%20Times%20bestselling%20author&v54=Paula%20McLain%20-%20New%20York%20Times%20bestselling%20author%20%7C%20New%20York%20Times%20bestselling%20author&v80=user_&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Requested by
Host: paulamclain.com
URL: https://paulamclain.com/
Protocol
H2
Server
63.140.38.226 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-226.data.adobedc.net
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jan 2024 23:34:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Sun, 21 Jan 2024 23:34:21 GMT
server
jag
etag
3663163994912784384-4617945719050138765
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 19 Jan 2024 23:34:21 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Jan 2024 23:34:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Sun, 21 Jan 2024 23:34:21 GMT
server
jag
vary
Origin
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
location
https://scode.randomhouse.com/b/ss/ranhrollup/1/JS-2.22.0/s35332541972679?AQB=1&pccr=true&vidn=32D62C3EE177D1C3-40001E03A35C2109&ndh=1&pf=1&t=20%2F0%2F2024%2013%3A34%3A21%206%20600&fid=086D2B9AB3DAB402-3E4053152881C651&ce=UTF-8&pageName=Paula%20McLain%20-%20New%20York%20Times%20bestselling%20author%20%7C%20New%20York%20Times%20bestselling%20author&g=https%3A%2F%2Fpaulamclain.com%2F&cc=USD&ch=%2F&v9=D%3Ds_vi&c34=https%3A%2F%2Fpaulamclain.com%2F&c43=paulamclain.com%20%7C%20rh-rhpg&v51=https%3A%2F%2Fpaulamclain.com%2F&c54=Paula%20McLain%20-%20New%20York%20Times%20bestselling%20author%20%7C%20New%20York%20Times%20bestselling%20author&v54=Paula%20McLain%20-%20New%20York%20Times%20bestselling%20author%20%7C%20New%20York%20Times%20bestselling%20author&v80=user_&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
content-type
text/plain;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 19 Jan 2024 23:34:21 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=497116&time=1705793661658&url=https%3A%2F%2Fpaulamclain.com%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=497116&time=1705793661658&url=https%3A%2F%2Fpaulamclain.com%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D497116%26time%3D1705793661658%26url%3Dhttps%253A%252F%252Fpaulamclain.com%252F%26...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=497116&time=1705793661658&url=https%3A%2F%2Fpaulamclain.com%2F&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=497116&time=1705793661658&url=https%3A%2F%2Fpaulamclain.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQLuXP9ywx3f_QAAAY0pOax3o4HAARnhVc_aiYnCRLLpFS...
0
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=497116&time=1705793661658&url=https%3A%2F%2Fpaulamclain.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQLuXP9ywx3f_QAAAY0pOax3o4HAARnhVc_aiYnCRLLpFSui1UC34kiJqhU9M6bZR-C9v4k
Requested by
Host: paulamclain.com
URL: https://paulamclain.com/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 23:34:22 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: E3CB692B1FC04EE189FA3D65DFA8F5CF Ref B: MIAEDGE1722 Ref C: 2024-01-20T23:34:22Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYPaQlMzMQGZWDhP3o/eQ==

Redirect headers

date
Sat, 20 Jan 2024 23:34:21 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 297A608DF9354F1E88E24BC1D3A2F1DC Ref B: MIAEDGE2007 Ref C: 2024-01-20T23:34:22Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=497116&time=1705793661658&url=https%3A%2F%2Fpaulamclain.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQLuXP9ywx3f_QAAAY0pOax3o4HAARnhVc_aiYnCRLLpFSui1UC34kiJqhU9M6bZR-C9v4k
x-li-proto
http/2
content-length
0
x-li-uuid
AAYPaQlJmtrfhgH2ewrCmg==
/
px.ads.linkedin.com/wa/ 		0
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://paulamclain.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 20 Jan 2024 23:34:22 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 5DD93DEB56364897BD71D9CE011FC692 Ref B: MIAEDGE2007 Ref C: 2024-01-20T23:34:22Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
access-control-allow-origin
https://paulamclain.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYPaQlOXgvDBIjUMM6ZbQ==
1b4a926512c3472491471a3c1e91e7fb.js
tags.b1js.com/tags/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.b1js.com/tags/1b4a926512c3472491471a3c1e91e7fb.js
Requested by
Host: js.b1js.com
URL: https://js.b1js.com/tagcontainer.js?id=1b4a926512c3472491471a3c1e91e7fb&type=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:4600:1d:16cb:5a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c70538b08bf83235d00d9ac2b58e8f90700747b9741ba5ac64fb315b7e623dcb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 22:49:28 GMT
content-encoding
gzip
via
1.1 8947f739c9a373d1bcab90a3dfa13970.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 20:51:30 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C1
age
2695
etag
"ad5327f78fee7d6b3143618887e519cd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
5686
x-amz-cf-id
AST3aRtPQQzllXLnO4uXlehy-S5qCOAuB3AFIeqTTIacSElvfHrIrQ==
js_container
b1img.com/ 		0
0
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=915858&order_id=Visitor&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D915858%26order_id%3DVisitor%26t%3D2
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D915858%26order_id%3DVisitor%26t%3D2
Protocol
H2
Server
68.67.160.186 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jan 2024 23:34:22 GMT
an-x-request-uuid
68ec3d17-c036-4141-8331-5dcf39bc7543
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.67; 38.132.118.67; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Jan 2024 23:34:22 GMT
an-x-request-uuid
b94fffa2-03ff-4abb-b509-3bae79e872f4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D915858%26order_id%3DVisitor%26t%3D2
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.67; 38.132.118.67; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch.gif
beacon.krxd.net/
Redirect Chain
  • https://insight.adsrvr.org/track/evnt/?adv=mp74px5&ct=0:bpg299vw&fmt=3
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=9cfeafbb-26cf-4f91-8d5a-96e671779584&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=9cfeafbb-26cf-4f91-8d5a-96e671779584&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
  • https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=9cfeafbb-26cf-4f91-8d5a-96e671779584
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=9cfeafbb-26cf-4f91-8d5a-96e671779584
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=9cfeafbb-26cf-4f91-8d5a-96e671779584
Protocol
H2
Server
34.230.134.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-134-41.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
beacon-n011-ash-prod.krxd.net
date
Sat, 20 Jan 2024 23:34:23 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1705793663
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=9cfeafbb-26cf-4f91-8d5a-96e671779584
date
Sat, 20 Jan 2024 23:34:23 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a016-ash-prod.krxd.net
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=11323232,10480575,9954445,2783938&t=2
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D11323232%2C10480575%2C9954445%2C2783938%26t%3D2
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D11323232%2C10480575%2C9954445%2C2783938%26t%3D2
Protocol
H2
Server
68.67.160.186 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paulamclain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jan 2024 23:34:22 GMT
an-x-request-uuid
657f03db-cc1f-4201-aca9-ec8f42b87701
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.67; 38.132.118.67; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 20 Jan 2024 23:34:22 GMT
an-x-request-uuid
e5f8ca9a-c2c8-4c5e-9e85-0421f7c3a547
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D11323232%2C10480575%2C9954445%2C2783938%26t%3D2
x-proxy-origin
38.132.118.67; 38.132.118.67; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
b1img.com/1b4a926512c3472491471a3c1e91e7fb/cs_tag/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
b1img.com
URL
https://b1img.com/js_container?site_id=1b4a926512c3472491471a3c1e91e7fb&type=1&callback=b1Ctn.parseUuidResponse
Domain
b1img.com
URL
https://b1img.com/1b4a926512c3472491471a3c1e91e7fb/cs_tag/?ids=11323232,10480575,9954445,2783938

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings function| $ function| jQuery object| $JssorEasing$ object| $JssorDirection$ object| $Jssor$ object| $JssorSlideshowFormations$ function| $JssorSlideshowRunner$ function| $JssorSlider$ function| $JssorSlideo$ function| $JssorBulletNavigator$ function| $JssorArrowNavigator$ function| $JssorThumbnailNavigator$ function| $JssorCaptionSlider$ function| console_log function| is_touch_device function| wkd_set_cookie function| wkd_get_cookie function| wkd_remove_cookie function| wkd_toggle_menu object| jssor_slider1 function| wkd_toggle_newsletter_pop object| utag_data object| twemoji object| wp boolean| utag_condload object| utag object| _gaq object| pageTracker boolean| __tealium_twc_switch object| _linkedin string| _linkedin_data_partner_id object| s function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap object| s_c_il number| s_c_in number| s_objectID number| s_giq object| s_i_ranhrollup function| lintrk boolean| _already_called_lintrk object| ORIBILI object| b1Ctn

18 Cookies

Domain/Path Name / Value
paulamclain.com/ Name: pmnlpop_06
Value: 1
.paulamclain.com/ Name: utag_main
Value: v_id:018d2939a8120002f449fc4348fb03074001806c00b08$_sn:1$_ss:1$_pn:1%3Bexp-session$_st:1705795460946$ses_id:1705793660946%3Bexp-session$vapi_domain:paulamclain.com
.paulamclain.com/ Name: s_fid
Value: 086D2B9AB3DAB402-3E4053152881C651
.paulamclain.com/ Name: s_cc
Value: true
.linkedin.com/ Name: li_sugr
Value: da3db078-b9f3-4e01-b557-4a4c62b8245d
.linkedin.com/ Name: bcookie
Value: "v=2&1e34f24f-42c2-4cb8-8cfd-14e944ec66c2"
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=3226:u=1:x=1:i=1705793661:t=1705880061:v=2:sig=AQGUOsZm6xx6_jkHD0vVQP96a12swwFf"
.linkedin.com/ Name: UserMatchHistory
Value: AQJAj72RRSi3mAAAAY0pOau9k_W1rXcfe07GfyNjHldOjan5lZHEpymfzEQpc6xIQoWdfgHFevmipQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLuaESVw7uruQAAAY0pOau9gN6Eai7DmimdMjXCGmwj4NO5m2ZAEGyWiog2gbkBLv8GARBwxQddTTAJWwucVQ
.www.linkedin.com/ Name: bscookie
Value: "v=1&20240120233421761dc7b7-f705-4081-8059-d22b88acd3c4AQG40vh9ahxFb0xP9XlrBgz1FgXjlp6-"
.adsrvr.org/ Name: TDID
Value: 9cfeafbb-26cf-4f91-8d5a-96e671779584
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2In8nQ3YB!]tbP6j2F-XstGt!@ECY%5S['
.adnxs.com/ Name: XANDR_PANID
Value: MTX2qEkyQ0Pk_J7LR9jBYNdBz-iz2MwkobxLT7Mk0_XdZ5K5CHjfPOINaJwc-PwMwRx584xKuAd-9t1hKj92rw4FP87uAZKKV7WiIn5d86Q.
.adnxs.com/ Name: uuid2
Value: 7650792585900307286
.demdex.net/ Name: demdex
Value: 51431487188650725612130319847282946381
.dpm.demdex.net/ Name: dpm
Value: 51431487188650725612130319847282946381
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsIopmG9ZHUwTwQBRITCgRrcnV4EgsIioCj-JHUwTwQBRgFIAEoATILCJj33oHihs08EAU4AUIEIgIIAVoHbXA3NHB4NWABcgRrcnV4
.krxd.net/ Name: _kuid_
Value: QDEKD25t

2 Console Messages

Source Level URL
Text
security warning URL: https://paulamclain.com/
Message:
Mixed Content: The page at 'https://paulamclain.com/' was loaded over HTTPS, but requested an insecure element 'http://paulamclain.com/wp-content/uploads/2017/12/paula_bio_sm_2018.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://paulamclain.com/(Line 246)
Message:
Mixed Content: The page at 'https://paulamclain.com/' was loaded over HTTPS, but requested an insecure element 'http://paulamclain.com/wp-content/uploads/2017/12/paula_bio_sm_2018.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
b1img.com
beacon.krxd.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
insight.adsrvr.org
js.b1js.com
match.adsrvr.org
paulamclain.com
px.ads.linkedin.com
px4.ads.linkedin.com
scode.randomhouse.com
secure.adnxs.com
snap.licdn.com
tags.b1js.com
tags.tiqcdn.com
usermatch.krxd.net
www.linkedin.com
b1img.com
13.107.42.14
2600:141b:1c00:e::172c:c9e4
2600:9000:2026:a400:7:2bfb:7c00:93a1
2600:9000:212f:4600:1d:16cb:5a80:93a1
2600:9000:212f:e200:16:98e8:3c0:93a1
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81e::200a
2607:f8b0:4006:823::200a
2620:1ec:21::14
34.230.134.41
35.71.131.137
44.218.239.184
52.116.201.88
54.172.228.89
63.140.38.226
68.67.160.186
01d1af1d50413f61e603aef393d86404a4cfe84deb760bc5f448fd91b0ed6b36
0316c13c78215f53b18fc21e7f94789ed56484b5d964670a44ce6fca2f4c6fac
060b8a3909c0b19bc83f8482f1218279c675a7ad83ab25083d44ae54d9f5d531
1eda5a22ae0ee3edb6d629fa72ff806cbd1e54de7bafa122cd26ace6ee69679d
274f1288fa64084c0c4b2832582c2c6a923ea14cc8467e3370dc4e9d1cd51e89
41ba758ce9d1e4232736cd3b96631752158e18d61105aa2e13fd46d04b41758e
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ef787c5fad080f48b8d242a8ffd566ee34277482a6f5ad08f86703634234ad5
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
54466e88401344780e4d1eea2b0bcd7733102010ead68420d9068c66d4ba4709
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
69c0f6f1acbf4164e41d69330603980e1cf79f22805e7f8d34160a2e57e22b0f
7025d911099800ec6b8d8acc5cc18669d61e86753097885cb7646f86b249c03d
722d1d506241600936dd8a2bd82430e214405cefb4ee2496194ddedc92f0d193
72b3c44602e7bd485bc8d2a1c5b9b7fe4f71460e0f00745d28aa5c2308b4e71a
81d836850fa38af59e51922cb1ad0dec9cc0cf9b329f3c5ceac9e4c950d4c51f
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8b645ee9327c9b16e06169f3470512745495e69271e4feedff14fa2c07f40521
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
aab2422ece63898adcc780934d6e91e8120bfe82f851740902f6fe5fa6fbf71e
aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0
b501a90a547b69e86073ce23f741e5cfd0871df304ef85f4c151fc3154082717
b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0
c70538b08bf83235d00d9ac2b58e8f90700747b9741ba5ac64fb315b7e623dcb
d480e4f6869fe772f8a64c20e711ec8d164ab0b6d4b4ef4b381aa088e583570e
e046e1167854936f9fc62fb249805fde9c3fd7596be420649da4bf93d1fae704
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec18793c68e14a0ba65f708cc04bfee6d38ff1f69f18efc873dfd15700197175
ecca7fd6a864c0445d3b773f6302b27d7728b2796dad5af22d15c3b090d67192
efef860044dd3d12f2e31eb49800e656e38aa66a0fc3f28f8b46dbb0a6135e2f
fa6d246b346ce3563f8a1b58e7e5bb0633f84c98f24d1c4f841eb6b0253940fe
fc215c1d07d2c3ea948176cbdba34687b4d5fdfa8776f200665e35628e68db7b