blog.paleohacks.com Open in urlscan Pro
2606:4700:10::6816:2c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.paleohacks-mailing.com/a/168/click/10037802/746255798/_aa6c42cebb5da68d1b68314cb80beeb911ca54ce/614e537bf30cbba578dbb28...
Effective URL:
https://blog.paleohacks.com/contact-us/
Submission: On July 19 via api (July 19th 2023, 8:50:44 pm UTC) from US — Scanned from DE

Summary HTTP 196 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 41 IPs in 10 countries across 36 domains to perform 196 HTTP transactions. The main IP is 2606:4700:10::6816:2c, located in United States and belongs to CLOUDFLARENET, US. The main domain is blog.paleohacks.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 14th 2023. Valid for: a year.

This is the only time blog.paleohacks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.238.129.105 35.238.129.105	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 62	2606:4700:10:... 2606:4700:10::6816:2c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.72.185.240 52.72.185.240	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:9b2::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:480... 2a02:26f0:480:98a::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1901:0:4... 2600:1901:0:498c::	15169 (GOOGLE) (GOOGLE)
3	2600:9000:26d... 2600:9000:26da:8000:1c:9484:cec0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
4	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
2	104.18.37.231 104.18.37.231	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.144.208 172.64.144.208	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.224.132.90 13.224.132.90	16509 (AMAZON-02) (AMAZON-02)
2	18.66.188.69 18.66.188.69	16509 (AMAZON-02) (AMAZON-02)
1	104.237.62.211 104.237.62.211	18450 (WEBNX) (WEBNX)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
3 10	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
17	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	52.29.162.34 52.29.162.34	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:c546:7174:9ab4:ee8d	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.168 213.155.156.168	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	35.186.241.51 35.186.241.51	15169 (GOOGLE) (GOOGLE)
196	41

1 35.238.129.105 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.129.238.35.bc.googleusercontent.com

links.paleohacks-mailing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 2606:4700:10::6816:2c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

blog.paleohacks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.185.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-185-240.compute-1.amazonaws.com

178194.tracking.hyros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:9b2::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:98a::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

track.mypaleorecipe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:498c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:26da:8000:1c:9484:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.0.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.37.231 (None, )

ASN13335 (CLOUDFLARENET, US)

paleohacks.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.144.208 (United States)

ASN13335 (CLOUDFLARENET, US)

events.attentivemobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.132.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-132-90.lhr3.r.cloudfront.net

beacon-v2.helpscout.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.188.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-188-69.muc50.r.cloudfront.net

d3hb14vkzrxvla.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.237.62.211 (El Segundo, United States)

ASN18450 (WEBNX, US)
PTR: hosted-by.racknerd.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.211.12 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.162.34 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-162-34.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:c546:7174:9ab4:ee8d (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.168 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.241.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.241.186.35.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	paleohacks.com 1 redirects blog.paleohacks.com	364 KB
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 132 fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 153 ade.googlesyndication.com — Cisco Umbrella Rank: 327	162 KB
25	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 116 cm.g.doubleclick.net — Cisco Umbrella Rank: 243 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 355	308 KB
17	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 322	5 MB
7	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2609 www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 117	2 KB
5	attn.tv cdn.attn.tv — Cisco Umbrella Rank: 3875 paleohacks.attn.tv	43 KB
5	mypaleorecipe.com track.mypaleorecipe.com	35 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 56	22 KB
5	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 3576 ct.pinterest.com — Cisco Umbrella Rank: 768 log.pinterest.com — Cisco Umbrella Rank: 4608	20 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 164	352 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 245	3 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 612	3 KB
4	google.de www.google.de — Cisco Umbrella Rank: 5665	776 B
3	helpscout.net beacon-v2.helpscout.net — Cisco Umbrella Rank: 11272	33 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	2 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4461	739 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 910	2 KB
2	cloudfront.net d3hb14vkzrxvla.cloudfront.net	7 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 830	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 69	162 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 211	84 KB
1	mixpanel.com api-js.mixpanel.com — Cisco Umbrella Rank: 2469	373 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 588	363 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 461	749 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 726	578 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 900	776 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3025	104 B
1	attentivemobile.com events.attentivemobile.com — Cisco Umbrella Rank: 3627	160 B
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 5021	18 KB
1	gstatic.com fonts.gstatic.com	48 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2618 Failed	221 B
1	hyros.com 178194.tracking.hyros.com
1	media.net contextual.media.net — Cisco Umbrella Rank: 621	38 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74	1 KB
1	paleohacks-mailing.com 1 redirects links.paleohacks-mailing.com — Cisco Umbrella Rank: 846227	695 B
0	Failed function sub() { [native code] }. Failed
196	36

	Domain	Requested by
62	blog.paleohacks.com	1 redirects blog.paleohacks.com track.mypaleorecipe.com
18	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
17	s0.2mdn.net	blog.paleohacks.com s0.2mdn.net
10	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com blog.paleohacks.com s0.2mdn.net
7	securepubads.g.doubleclick.net	blog.paleohacks.com securepubads.g.doubleclick.net
5	www.google.com	blog.paleohacks.com tpc.googlesyndication.com fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com
5	track.mypaleorecipe.com	www.googletagmanager.com track.mypaleorecipe.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com blog.paleohacks.com
5	connect.facebook.net	blog.paleohacks.com connect.facebook.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.google.de	blog.paleohacks.com
3	beacon-v2.helpscout.net	blog.paleohacks.com beacon-v2.helpscout.net
3	ct.pinterest.com	s.pinimg.com blog.paleohacks.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	www.facebook.com	blog.paleohacks.com connect.facebook.net
3	cdn.attn.tv	www.googletagmanager.com blog.paleohacks.com cdn.attn.tv
3	googleads.g.doubleclick.net	www.googletagmanager.com fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com pagead2.googlesyndication.com
2	ade.googlesyndication.com
2	googleads4.g.doubleclick.net	blog.paleohacks.com
2	d5p.de17a.com	2 redirects
2	pm.w55c.net	2 redirects
2	fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	d3hb14vkzrxvla.cloudfront.net	beacon-v2.helpscout.net
2	paleohacks.attn.tv	cdn.attn.tv
2	s.pinimg.com	blog.paleohacks.com s.pinimg.com
2	www.googletagmanager.com	blog.paleohacks.com www.googletagmanager.com
2	www.googletagservices.com	blog.paleohacks.com fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com
1	api-js.mixpanel.com	cdn.mxpnl.com
1	dis.criteo.com	fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	sync.mathtag.com	1 redirects
1	dclk-match.dotomi.com	fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	log.pinterest.com	blog.paleohacks.com
1	events.attentivemobile.com	cdn.attn.tv
1	region1.analytics.google.com	www.googletagmanager.com
1	cdn.mxpnl.com	blog.paleohacks.com
1	assets.pinterest.com	blog.paleohacks.com
1	fonts.gstatic.com	fonts.googleapis.com
1	api.ipify.org	blog.paleohacks.com track.mypaleorecipe.com
1	178194.tracking.hyros.com	blog.paleohacks.com
1	contextual.media.net	blog.paleohacks.com
1	fonts.googleapis.com	blog.paleohacks.com
1	links.paleohacks-mailing.com	1 redirects
0	90f1d619-be9a-4fa0-8e2c-f0f18a8501ff Failed	blog.paleohacks.com
196	48

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
plus.google.com
www.pinterest.com
twitter.com
www.youtube.com
shop.paleohacks.com
secure.mypaleorecipe.com
paleohacks.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-14` - `2024-05-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-28` - `2023-07-27`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
tracking.hyros.com Amazon RSA 2048 M02	`2023-04-02` - `2024-04-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
*.mxpnl.com GeoTrust TLS RSA CA G1	`2023-07-12` - `2024-08-11`	a year	crt.sh
*.attn.tv Amazon RSA 2048 M01	`2023-05-02` - `2024-05-29`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
attn.tv Cloudflare Inc ECC CA-3	`2023-03-02` - `2024-02-29`	a year	crt.sh
attentivemobile.com Cloudflare Inc ECC CA-3	`2023-03-02` - `2024-02-29`	a year	crt.sh
*.helpscout.net Amazon RSA 2048 M02	`2023-04-02` - `2024-04-30`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.mixpanel.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-02-13` - `2024-03-15`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://blog.paleohacks.com/contact-us/
Frame ID: BB1D343EC415BB913A34ABB75B664610
Requests: 133 HTTP requests in this frame

Frame: https://www.facebook.com/v4.0/plugins/like.php?action=like&app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe4ca27b593494%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Ff228388cd111968%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Ffacebook.com%2Fpaleohacks&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Frame ID: 3635EDADD55651071898AAA3994DB590
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 6C221AF912BA4FB74DBE58B926971375
Requests: 1 HTTP requests in this frame

Frame: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F3F0032BC10CF03A8EDBE4D5BDE2374F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DD5044BD6DF392098A6E9BD29EBB8A25
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 435F57EC2CF817CC1DCF60A41BCA02F1
Requests: 2 HTTP requests in this frame

Frame: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A2A64219D191D459023853D298649A8A
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNW3Hh2886o7Q4-DZ3YbsDjOENM_g_dHEVkwD2VSwltpLR6EDN8-Rtn6fMsgpU9Ba6pW6Cx6K1Ur3li-tBJJ4SBqUznsjcWY9jFvYmJOll8naFP02sUucqatq_tq2CIEdnZo3fi_ha1eagGu0YaHKNvqpqylB8Miee7klA6Td79MeckWp2Y
Frame ID: 44EFB2A3184740B4C0762ED67E56F39A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CBBFADE57E5C87EE95C27AAA3A8CEEE1
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 80CAE0A452D1C717310D4D98379A0514
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9180998392321354284/index.html?e=69&leftOffset=0&topOffset=0&c=EGEOarzuIp&t=1&renderingType=2&ev=01_250
Frame ID: 6668BAE39E6685E0AB6CB256ED54CCB3
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js
Frame ID: 54D1441402CD5D3BFBB4C3599312B239
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Contact PaleoHacksFacebookGoogle+PinterestTwitterYouTube09FacebookPinterestTwitterYouTube

Page URL History Show full URLs

https://links.paleohacks-mailing.com/a/168/click/10037802/746255798/_aa6c42cebb5da68d1b68314cb80beeb911ca54ce/614... HTTP 302
http://blog.paleohacks.com/contact-us/ HTTP 301
https://blog.paleohacks.com/contact-us/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

196
Requests

94 %
HTTPS

57 %
IPv6

36
Domains

48
Subdomains

41
IPs

10
Countries

6911 kB
Transfer

10807 kB
Size

33
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/paleohacks
Title: Facebook

Search URL Search Domain Scan URL

URL: https://plus.google.com/+Paleohacks1/posts
Title: Google+

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/paleohacks/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://twitter.com/paleohacks
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Paleohacks
Title: YouTube

Search URL Search Domain Scan URL

URL: https://shop.paleohacks.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://secure.mypaleorecipe.com/order/portal/download.php
Title: If you need help finding a download link for a product you purchased, click here.

Search URL Search Domain Scan URL

URL: https://secure.mypaleorecipe.com/order/portal/orders-tracking-lookup.php
Title: If you need to retrieve your orders & tracking information, click here.

Search URL Search Domain Scan URL

URL: https://secure.mypaleorecipe.com/order/portal/refund-1.php
Title: If you’d like to be issued a refund for a product you purchased, click here.

Search URL Search Domain Scan URL

URL: http://paleohacks.com/
Title: Discussion

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.paleohacks-mailing.com/a/168/click/10037802/746255798/_aa6c42cebb5da68d1b68314cb80beeb911ca54ce/614e537bf30cbba578dbb28d2c2ae8aba2eda2cf HTTP 302
http://blog.paleohacks.com/contact-us/ HTTP 301
https://blog.paleohacks.com/contact-us/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 150

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO92M6AwAlurh9k1hIqnfCo&google_cver=1

Request Chain 151

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLhModCJ6AmXwwj5R5MIxgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO92M6AwAlurh9k1hIqnfCo&google_cver=1

Request Chain 152

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHEheDfmBaQyeq8z1tFhNmg&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHEheDfmBaQyeq8z1tFhNmg%26google_cver%3D1

Request Chain 153

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc1OTUxMzkyMjE3NDg5MjU1OQ%3D%3D

Request Chain 165

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMDyiCcoq196_h9iEf8a-CI&google_cver=1&google_push=AaAOQGEf9pFL9zO7lEviXNeuGK7OH3KXpwoHzf_ylGjs97zuO5u1zHv3JMfT6lSmeSU0tEaLl0O-1p18kxyocYL6XUrzByWP3zOAelcasVQOc5IZgZz5qwDU0WPfsLTm-VCwWElZ3ZqC3m7GTrk HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMDyiCcoq196_h9iEf8a-CI&google_cver=1&google_push=AaAOQGEf9pFL9zO7lEviXNeuGK7OH3KXpwoHzf_ylGjs97zuO5u1zHv3JMfT6lSmeSU0tEaLl0O-1p18kxyocYL6XUrzByWP3zOAelcasVQOc5IZgZz5qwDU0WPfsLTm-VCwWElZ3ZqC3m7GTrk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MDFPSzZ0RXIxUW1lODk1&google_gid=CAESEMDyiCcoq196_h9iEf8a-CI&google_cver=1&google_push=AaAOQGEf9pFL9zO7lEviXNeuGK7OH3KXpwoHzf_ylGjs97zuO5u1zHv3JMfT6lSmeSU0tEaLl0O-1p18kxyocYL6XUrzByWP3zOAelcasVQOc5IZgZz5qwDU0WPfsLTm-VCwWElZ3ZqC3m7GTrk

Request Chain 166

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJd1xiilQmjTgGgOG74fnY4&google_cver=1&google_push=AaAOQGGtnvPdgvvsoJHmmFMxSQ4yWG_9reK-PP6-CB-RFKZz3oVZ1ndGWighueWAcX6KL3xDqKd8yl7q_Yk6TDQqhoxOJsABtySxFoMWmLhnTTyijyQafJLo_hRmVcpxJ7VgZ7iuE36bWGKMmaA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGGtnvPdgvvsoJHmmFMxSQ4yWG_9reK-PP6-CB-RFKZz3oVZ1ndGWighueWAcX6KL3xDqKd8yl7q_Yk6TDQqhoxOJsABtySxFoMWmLhnTTyijyQafJLo_hRmVcpxJ7VgZ7iuE36bWGKMmaA

Request Chain 167

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFs5q_stfJIJk5RGRT9Wbis&google_cver=1&google_push=AaAOQGG714p7H2i8PoJo0-relndBEzFkuJw8rnq50pnq-MgbPoX71YZGO_2UkXcBNVSy4xieDpfzlTNmDDuZjbhk6cNxVQbZ2uS_w0lJb6-HWUw7yMqOordEwul88vIUWA-DPke5gNmwHBntvWo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFs5q_stfJIJk5RGRT9Wbis&google_push=AaAOQGG714p7H2i8PoJo0-relndBEzFkuJw8rnq50pnq-MgbPoX71YZGO_2UkXcBNVSy4xieDpfzlTNmDDuZjbhk6cNxVQbZ2uS_w0lJb6-HWUw7yMqOordEwul88vIUWA-DPke5gNmwHBntvWo

Request Chain 168

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEF-HnUUOL5DdnDwEx38wj-8&google_cver=1&google_push=AaAOQGGIn3JVxC1QUwEu9OyWGwa2cbzAeNFq9iZF9Mm4UC_j62bd9QbEuq_t-GbI_lYWO6yoIh_qEYrMvgxrm4GwOan4mt4hQmpOKSAwlX89dQcwdLRxWomJlhoaH_PV_nukPNDM1-Yde54K1w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGGIn3JVxC1QUwEu9OyWGwa2cbzAeNFq9iZF9Mm4UC_j62bd9QbEuq_t-GbI_lYWO6yoIh_qEYrMvgxrm4GwOan4mt4hQmpOKSAwlX89dQcwdLRxWomJlhoaH_PV_nukPNDM1-Yde54K1w&google_hm=eS1CNGQueXZoRTJwSFFuUUp4ckp0WXNTTnJMTGliSUxpYX5B

Request Chain 169

https://d5p.de17a.com/cookies/google?google_gid=CAESEG9OABlzphmEvrebzc-zmIA&google_cver=1&google_push=AaAOQGHNGk7jGCa1hUjw5MiR6Xn-kIy4i_5dng8yLbP9BRubE4DJeY2yMR9h2g8ScF-U9BL_8z3tIPUza7HcyDzvNB0Ro4u5uruFmKDBZB5WCS5S2ZmhkHSQiGjsEE2tckCUCYgVi2sNbb7VMA HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEG9OABlzphmEvrebzc-zmIA&google_cver=1&google_push=AaAOQGHNGk7jGCa1hUjw5MiR6Xn-kIy4i_5dng8yLbP9BRubE4DJeY2yMR9h2g8ScF-U9BL_8z3tIPUza7HcyDzvNB0Ro4u5uruFmKDBZB5WCS5S2ZmhkHSQiGjsEE2tckCUCYgVi2sNbb7VMA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHNGk7jGCa1hUjw5MiR6Xn-kIy4i_5dng8yLbP9BRubE4DJeY2yMR9h2g8ScF-U9BL_8z3tIPUza7HcyDzvNB0Ro4u5uruFmKDBZB5WCS5S2ZmhkHSQiGjsEE2tckCUCYgVi2sNbb7VMA

196 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
blog.paleohacks.com/contact-us/
Redirect Chain

https://links.paleohacks-mailing.com/a/168/click/10037802/746255798/_aa6c42cebb5da68d1b68314cb80beeb911ca54ce/614e537bf30cbba578dbb28d2c2ae8aba2eda2cf
http://blog.paleohacks.com/contact-us/
https://blog.paleohacks.com/contact-us/

108 KB
24 KB

755ms
670ms

Document
text/html

2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.23
Resource Hash: 17261e1e24b36f491b475535ae6a936355583b54a19f0fd6d4d897f7d4f702a8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7e95d67119c619ad-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 19 Jul 2023 20:50:36 GMT
expires: Wed, 19 Jul 2023 20:50:36 GMT
last-modified: Wed, 19 Jul 2023 10:40:05 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/7.3.23

Redirect headers

CF-RAY: 7e95d6704ea81b9f-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 19 Jul 2023 20:50:36 GMT
Expires: Wed, 19 Jul 2023 21:50:36 GMT
Location: https://blog.paleohacks.com/contact-us/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 cookie-popup.min.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/ 0
189 B 51ms
50ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/cookie-popup.min.css?ver=5.5.12
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: public
date: Wed, 19 Jul 2023 20:50:37 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 330250
etag: "60d1dffd-0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7e95d6755fe819ad-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Tue, 15 Aug 2023 01:06:27 GMT

GET
H2 200 dashicons.min.css
blog.paleohacks.com/wp-content/cache/min/1/wp-includes/css/ 58 KB
35 KB 69ms
67ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-includes/css/dashicons.min.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82fb2bfb03e32e45794938d1f65920a5340a725751292245d3de07ee8a8df0a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: public
date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
age: 2010716
etag: W/"643966cb-e6e4"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e95d6755fec19ad-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 26 Jul 2023 14:18:41 GMT

GET
H2 200 style.min.css
blog.paleohacks.com/wp-includes/css/dist/block-library/ 53 KB
8 KB 52ms
50ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.12
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: public
date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Oct 2020 19:09:15 GMT
server: cloudflare
age: 330250
etag: W/"5f7cc0db-d293"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e95d6755fef19ad-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 15 Aug 2023 01:06:27 GMT

GET
H2 200 style.min.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/ 187 KB
17 KB 63ms
61ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/style.min.css?ver=2.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa575e81bbad973d7554e7c58ca906b97472bd692566c3e79f27385f08d63ca1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: public
date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 2133178
etag: W/"60d1dffd-2ea5c"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e95d6755ff119ad-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 25 Jul 2023 04:17:39 GMT

GET
H2 200 font-awesome.min.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/font-awesome/css/ 31 KB
7 KB 56ms
54ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/font-awesome/css/font-awesome.min.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 339a321657ecb6479c45f7cec906302d7674934d0d2c7ae10053c395d866eca1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: public
date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
age: 2014239
etag: W/"643966cb-7b13"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e95d6755ff319ad-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 26 Jul 2023 13:19:58 GMT

GET
H2 200 fonts.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/ 3 KB
384 B 57ms
56ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c4491ff4342be2c096f05e243edd6fb1f26194269a5011adbf8076bf148bf58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: public
date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
age: 2010716
etag: W/"643966cb-a81"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e95d6756ff519ad-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 26 Jul 2023 14:18:41 GMT

GET
H2 200 front.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/other-popular-articles/assets/css/ 729 B
352 B 54ms
52ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/other-popular-articles/assets/css/front.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c9fe2628c371c8c54d05fa9dd406fc21a6d25f6d0261092e37243205efc639b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: public
date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
age: 2010716
etag: W/"643966cb-2d9"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e95d6756ff619ad-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 26 Jul 2023 14:18:41 GMT

GET
H2 200 style.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/paleohacks-tools-soften-it/assets/css/ 2 KB
824 B 69ms
67ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/paleohacks-tools-soften-it/assets/css/style.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3c230ff5a72ffe0510f19977e0736c7370056def5536e94085875756675ea84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
age: 528658
cf-polished: origSize=2221
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
etag: W/"643966cb-8ad"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e95d6756ff719ad-FRA
expires: Sat, 12 Aug 2023 17:59:39 GMT

GET
H2 200 twitter-feed.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/wp-to-twitter/css/ 1 KB
537 B 55ms
53ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/wp-to-twitter/css/twitter-feed.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 344d96950041cacaaa662fd937221ead75dbc7d565d7e0ed7bd62e6a65d85c04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
age: 2010716
cf-polished: origSize=1466
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
etag: W/"643966cb-5ba"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e95d6756ff819ad-FRA
expires: Wed, 26 Jul 2023 14:18:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 23 KB
1 KB 142ms
52ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%7CSatisfy&ver=1.2.0&display=swap

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

896b044a707a1efded250dc66dee47b0cf24ec64beb0fb3f6a5c9be70c80a539

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 20:50:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Jul 2023 20:50:37 GMT

GET
H2 200 mai-theme.min.css
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/ 74 KB
14 KB 58ms
56ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/mai-theme.min.css?ver=1.11.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3c9181e83a24ce8fd1aedc13a573daded27c8677a50cf879fbee552798158be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: public
date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:06:36 GMT
server: cloudflare
age: 2173909
etag: W/"606c5cdc-1264a"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e95d6756ffa19ad-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 24 Jul 2023 16:58:47 GMT

GET
H2 200 flexington.min.css
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/ 93 KB
8 KB 104ms
102ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/flexington.min.css?ver=2.5.0
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18dd8449dd7bd05b1b1a8a1640218993802b7e73a218b75c05acf5c9b47d6082

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: public
date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:06:36 GMT
server: cloudflare
age: 1571089
etag: W/"606c5cdc-174c5"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e95d675984c19ad-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 31 Jul 2023 16:25:48 GMT

GET
H2 200 style.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/simple-social-icons/css/ 1 KB
476 B 95ms
93ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/simple-social-icons/css/style.css?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 315c4601aeb913aecb4f659c9a9748bd163bb881867c5f6211578667bcc43cb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
age: 528658
cf-polished: origSize=1055
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
etag: W/"643966cc-41f"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e95d675984d19ad-FRA
expires: Sat, 12 Aug 2023 17:59:39 GMT

GET
H2 200 jquery-ui.min.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/ 43 KB
8 KB 95ms
94ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/jquery-ui.min.css?ver=5.5.12
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7104243950b6eff64b0d4d1fa98d354ae07a9605bb31dab31a488c765b32d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: public
date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 330250
etag: W/"60d1dffd-ac08"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e95d675985019ad-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 15 Aug 2023 01:06:27 GMT

GET
H2 200 formreset.min.css
blog.paleohacks.com/wp-content/plugins/gravityforms/legacy/css/ 4 KB
496 B 95ms
93ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/gravityforms/legacy/css/formreset.min.css?ver=2.5.5.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: public
date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:39 GMT
server: cloudflare
age: 43315
etag: W/"60d1e023-f14"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e95d675985119ad-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 18 Aug 2023 08:48:42 GMT

GET
H2 200 formsmain.min.css
blog.paleohacks.com/wp-content/plugins/gravityforms/legacy/css/ 78 KB
13 KB 115ms
114ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/gravityforms/legacy/css/formsmain.min.css?ver=2.5.5.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b7e03d96b7488534a42f105301448c6b44acc3309f0c28c9a7920542eeaa9d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: public
date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:39 GMT
server: cloudflare
age: 302149
etag: W/"60d1e023-139fc"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e95d675985219ad-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 15 Aug 2023 08:54:47 GMT

GET
H2 200 readyclass.min.css
blog.paleohacks.com/wp-content/plugins/gravityforms/legacy/css/ 30 KB
3 KB 95ms
94ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/gravityforms/legacy/css/readyclass.min.css?ver=2.5.5.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e74d79ea7ff2237e976687dbf185cb576b4fa4f2fa04647f611820dfff67268

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: public
date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:39 GMT
server: cloudflare
age: 43315
etag: W/"60d1e023-77fc"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e95d675985619ad-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 18 Aug 2023 08:48:42 GMT

GET
H2 200 browsers.min.css
blog.paleohacks.com/wp-content/plugins/gravityforms/legacy/css/ 9 KB
1 KB 103ms
103ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/gravityforms/legacy/css/browsers.min.css?ver=2.5.5.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 696518bd8dfc4146f7ddf61031068a38b84e326a0059e67038a3b61db40efb6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: public
date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:39 GMT
server: cloudflare
age: 302150
etag: W/"60d1e023-22ab"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e95d675985819ad-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 15 Aug 2023 08:54:47 GMT

GET
H2 200 sspop.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/css/ 3 KB
1 KB 95ms
94ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/css/sspop.css?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb2032a0b90cb58dc7bae39580e26c34a7b44d3aad4fb088f965e32ae8196822

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
age: 2014239
cf-polished: origSize=3500
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
etag: W/"643966cc-dac"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e95d675985919ad-FRA
expires: Wed, 26 Jul 2023 13:19:58 GMT

GET
H2 200 style.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/themes/paleohacks/ 22 KB
5 KB 103ms
103ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/themes/paleohacks/style.css?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b51d8339e2e6ed036a3564bb0a3a4043b8ef5f772763ff4f4f4b92f54d2ddfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
age: 2396940
cf-polished: origSize=22749
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
etag: W/"643966cc-58dd"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e95d675985a19ad-FRA
expires: Sat, 22 Jul 2023 03:01:37 GMT

GET
H2 200 jquery.js Show response
blog.paleohacks.com/wp-includes/js/jquery/ 95 KB
34 KB 104ms
103ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 23 Aug 2019 16:00:11 GMT
server: cloudflare
age: 521382
cf-polished: origSize=96873
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d675985e19ad-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 20 Jul 2023 20:00:55 GMT

GET
H3 200 service-facebook-pixel.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 53 B
330 B 56ms
56ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/service-facebook-pixel.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b831509c9907934028f980287d38cbee3b89644e7133c2f4b8b7c5dfca476aed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 444710
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f599274-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 17:18:47 GMT

GET
H3 200 634.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/856/public/assets/js/ 11 KB
4 KB 98ms
92ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/856/public/assets/js/634.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7dfd098effc4b854d5fcf8e7d2e39d0cc0e6a103642f97d724c438e515b9b71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 435118
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f619274-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 19:58:39 GMT

GET
H3 200 gtm4wp-form-move-tracker.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/duracelltomi-google-tag-manager/js/ 1 KB
536 B 99ms
93ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0380b273ec272e5f5235a704cc3fc8e3cb33e851bfeaef149b0f23a1edaec13f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 465672
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f639274-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 11:29:25 GMT

GET
H3 200 675.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/assets/ 5 KB
2 KB 99ms
93ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/assets/675.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c62d51aaf287fa88754ecf89dbca0cd85f151d2562a6f931afd060480b3adc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 439248
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f669274-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 18:49:49 GMT

GET
H3 200 svgxuse.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/simple-social-icons/ 4 KB
2 KB 99ms
94ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/simple-social-icons/svgxuse.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5af66875dcaa4376a37580dec17528f5c1348d104a3a7b949ab7228f942f73c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 439248
cf-polished: origSize=3843
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f679274-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 18:49:49 GMT

GET
H3 200 cookie-list.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 910 B
648 B 100ms
94ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/cookie-list.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 182d05c838e393157143b9aa48ae92cb00c8b6442e0a865149444e9f420991d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 439248
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f689274-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 18:49:49 GMT

GET
H3 200 653.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/33/881/775/ 90 KB
27 KB 59ms
54ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/33/881/775/653.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72ee83d94662d5c74646c88116b893ed59e98d9ec960433ab0e66f3481517289

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 439248
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f6a9274-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 18:49:49 GMT

GET
H3 200 jquery.json.min.js Show response
blog.paleohacks.com/wp-content/plugins/gravityforms/js/ 2 KB
1 KB 515ms
509ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.5.5.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Jun 2021 13:05:39 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f6b9274-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 26 Jul 2023 20:50:37 GMT

GET
H3 200 gravityforms.min.js Show response
blog.paleohacks.com/wp-content/plugins/gravityforms/js/ 45 KB
14 KB 137ms
132ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.5.5.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 833a47a0bb64a6d5647c22b94732cfd1baee4025b10d2cc0ad8b100e54f6da7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:39 GMT
server: cloudflare
age: 301271
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f6c9274-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 23 Jul 2023 09:09:26 GMT

GET
H3 200 dtag.js Show response
blog.paleohacks.com/wp-content/cache/min/1/paleohacks/ 3 KB
2 KB 58ms
52ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/paleohacks/dtag.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e5d5ef6607f115fb2745bb10dbbf0866820e13c3a1b90c87a3eddef3758d232

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 439248
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f6d9274-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 18:49:49 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 127ms
39ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

58133b0712cf520d51f84567083708af639db55e732a248248cb9aff2d79b97c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blog.paleohacks.com/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 19 Jul 2023 20:50:37 GMT
content-md5: Y5JpRMfdm9cEjyz6WJpQnA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-debug: Wo/zb/8dUJlNkMulhSFTZY9Za5Q02ncMzdqnM9Opl9Thw0ID98GQzT19S7tlEjEg7bueOsy7CSqNSMN6PidDEw==
x-fb-content-md5: 3ec4abf7b7d62fe8b46dfaafe4b76466
cross-origin-opener-policy: same-origin-allow-popups
etag: "3099e24aa5b320d72ebcca4172c4e4af"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 19 Jul 2023 20:54:30 GMT

GET
H3 200 gpt.js Show response
blog.paleohacks.com/wp-content/cache/min/1/tag/js/ 78 KB
27 KB 138ms
133ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/tag/js/gpt.js?ver=1681483469
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23bdea452f4ec5b686ace95399e60903426e9fa7352600c25b040f07c1eef325

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:29 GMT
server: cloudflare
age: 284685
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f6e9274-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 23 Jul 2023 13:45:52 GMT

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 102 KB
38 KB 273ms
167ms Script
text/javascript 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CUG3G308

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a30393da4743fa0ca3d93c14e3592728009fd1c7c531c1281b7877caa7fed1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-mnt-h: 21-gzkn
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 19 Jul 2023 20:50:37 GMT
server: Apache
etag: "ddfeba237dbf2e9691ebcff29ae624f8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-ks67
timing-allow-origin: *
content-length: 38735
expires: Wed, 19 Jul 2023 20:55:37 GMT

GET app.js
90f1d619-be9a-4fa0-8e2c-f0f18a8501ff/js/ 0
0

GET
H3 200 pinit.js Show response
blog.paleohacks.com/wp-content/cache/min/1/js/ 360 B
467 B 163ms
157ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/js/pinit.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b99d80835f66e8ccd6d6f6efec14101447ae061febd873c06f0bef9ba50786c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 440377
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f709274-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 18:31:00 GMT

GET
H3 200 cookie-popup.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 14 KB
3 KB 176ms
171ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/cookie-popup.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6102f07ce192d8f1e61b0a2e449a916e5d4d240dc47ab993fa1b39a5cdbcd84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 465672
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f719274-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 11:29:25 GMT

GET
H3 200 jquery.base64.min.js Show response
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 2 KB
928 B 176ms
171ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/jquery.base64.min.js?ver=2.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49416531519583e597dccc3856da2fa093b5e739baf9fda442b7047309e7f51c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 529103
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f759274-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 20 Jul 2023 17:52:14 GMT

GET
H3 200 front.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/other-popular-articles/assets/js/ 259 B
411 B 176ms
171ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/other-popular-articles/assets/js/front.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ede43b2ddb8f3b09a9062582da8619e3ade3da54e8e20c089848328488f0530a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 440377
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f769274-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 18:31:00 GMT

GET
H3 200 popup.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/paleohacks-tools-soften-it/assets/js/ 2 KB
951 B 177ms
172ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/paleohacks-tools-soften-it/assets/js/popup.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f34b136e79d860a61095e1596b6a8a39b38c73d8bf4449daf6968d90386338c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 497046
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f789274-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 02:46:31 GMT

GET
H3 200 556.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/578/public/assets/js/ 4 KB
1 KB 177ms
172ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/578/public/assets/js/556.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd37e2cd931803994ea8f76c16d3d81aa0aa6d6488a049df19c78a078043c8bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 465672
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f799274-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 11:29:25 GMT

GET
H3 200 comment-reply.min.js Show response
blog.paleohacks.com/wp-includes/js/ 3 KB
1 KB 57ms
52ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/comment-reply.min.js?ver=5.5.12
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 11:54:45 GMT
server: cloudflare
age: 51065
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f7b9274-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 26 Jul 2023 06:39:32 GMT

GET
H3 200 hoverIntent.min.js Show response
blog.paleohacks.com/wp-includes/js/ 1 KB
716 B 177ms
172ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/hoverIntent.min.js?ver=1.8.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 495d2f8c8b7f1bbd664c2c10c086a644e63e4934b9734813b27956a34709eea4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 11:54:45 GMT
server: cloudflare
age: 145733
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f7d9274-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 25 Jul 2023 04:21:44 GMT

GET
H3 200 superfish.min.js Show response
blog.paleohacks.com/wp-content/themes/genesis/lib/js/menu/ 4 KB
2 KB 177ms
173ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/themes/genesis/lib/js/menu/superfish.min.js?ver=1.7.10
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Oct 2020 19:10:24 GMT
server: cloudflare
age: 137120
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f819274-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 25 Jul 2023 06:45:17 GMT

GET
H3 200 skip-links.min.js Show response
blog.paleohacks.com/wp-content/themes/genesis/lib/js/ 386 B
442 B 178ms
173ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/themes/genesis/lib/js/skip-links.min.js?ver=3.3.3
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Oct 2020 19:10:24 GMT
server: cloudflare
age: 506439
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f829274-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 00:09:58 GMT

GET
H3 200 mai-theme.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 10 KB
3 KB 178ms
173ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/mai-theme.min.js?ver=1.11.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdef9d92aa1c5e9d8e409303f5ee38caceeecf3c1bdbf6e2f7bec8fe273dd596

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:06:36 GMT
server: cloudflare
age: 506439
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f879274-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 00:09:58 GMT

GET
H3 200 basic-scroll.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 10 KB
3 KB 178ms
174ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/basic-scroll.min.js?ver=3.0.2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 508c6c8665bb4da4b211a97cdc3b2e791109204f82265d6af2eb79c51b61e014

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:06:36 GMT
server: cloudflare
age: 137120
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f8a9274-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 25 Jul 2023 06:45:17 GMT

GET
H3 200 mai-scroll.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 4 KB
1 KB 179ms
174ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/mai-scroll.min.js?ver=1.11.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6e7fcc13e9fa0b4541bf314c25c54bf91807667df0a57d7cf30a554a7c00cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:06:36 GMT
server: cloudflare
age: 506439
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f8c9274-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 00:09:58 GMT

GET
H3 200 fitvids.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 2 KB
950 B 179ms
174ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/fitvids.min.js?ver=1.2.0
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 150cbe5c514aa70efcd179127476f4f5451db2ed4d033c0608afabdf9d18ec92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:06:36 GMT
server: cloudflare
age: 506439
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f8d9274-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 00:09:58 GMT

GET
H3 200 fitvids-init.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 68 B
283 B 179ms
175ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/fitvids-init.min.js?ver=1.11.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1414a599611253b31746e91b77f168573dbb42cc13a705fd72104a7eaca15e93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:06:36 GMT
server: cloudflare
age: 506439
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f8f9274-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 00:09:58 GMT

GET
H2 200 wp-polyfill.min.js Show response
blog.paleohacks.com/wp-includes/js/dist/vendor/ 97 KB
34 KB 689ms
688ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 06 Oct 2020 19:09:15 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d675985f19ad-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 26 Jul 2023 20:50:37 GMT

GET
H3 200 dom-ready.min.js Show response
blog.paleohacks.com/wp-includes/js/dist/ 1 KB
803 B 529ms
524ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/dist/dom-ready.min.js?ver=93db39f6fe07a70cb9217310bec0a531
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4213eba6c464b3ca6fc71c748e2ba99f63f7f0b624199fd44127da67e40a3003

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Sep 2021 11:54:45 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f909274-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 26 Jul 2023 20:50:37 GMT

GET
H2 200 i18n.min.js Show response
blog.paleohacks.com/wp-includes/js/dist/ 9 KB
4 KB 102ms
102ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/dist/i18n.min.js?ver=4ab02c8fd541b8cfb8952fe260d21f16
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb94dccf2419dd78e21ecaba757fed0df6f51de96a941b02e7e10c5f12d3d360

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Sep 2021 11:54:45 GMT
server: cloudflare
age: 302149
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d675986119ad-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 23 Jul 2023 08:54:48 GMT

GET
H3 200 a11y.min.js Show response
blog.paleohacks.com/wp-includes/js/dist/ 3 KB
1 KB 179ms
175ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/dist/a11y.min.js?ver=f23e5b9c6e4214e0ec04d318a7c9f898
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc22b03cd2b5ae6dd2e8a557783fcad0f14d939e7eb8be2128dc3a75483087ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Sep 2021 11:54:45 GMT
server: cloudflare
age: 92701
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f949274-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 25 Jul 2023 19:05:35 GMT

GET
H3 200 sdk.js Show response
blog.paleohacks.com/wp-content/cache/min/1/en_US/ 2 KB
1 KB 179ms
175ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/en_US/sdk.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0943b32c80a724a40de925f3fa31c502829263cf2ebd090d3606cdbd0b32ed6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 440377
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f959274-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 18:31:00 GMT

GET
H3 200 sspop.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/js/ 3 KB
1 KB 179ms
175ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/js/sspop.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2681704b7a1a7233c8030f22511b5598fa4b03ba2c3a19e8689b4c4ec75a080e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 482683
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f969274-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 06:45:54 GMT

GET
H3 200 ea-share-count-support.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/js/ 3 KB
1 KB 179ms
175ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/js/ea-share-count-support.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e2bf21ab87ae83d5a2cb0f9ae0373e8eeb2ed0b7fb86ef8b4165a4bd381cf93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 465672
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f979274-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 11:29:25 GMT

GET
H3 200 lazyload.min.js Show response
blog.paleohacks.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 179ms
175ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:07:28 GMT
server: cloudflare
age: 218044
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e95d6764f989274-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 24 Jul 2023 08:16:33 GMT

GET
H2 200 universal-script Show response
178194.tracking.hyros.com/v1/lst/ 0
0 381ms
119ms Script
text/javascript 52.72.185.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://178194.tracking.hyros.com/v1/lst/universal-script?ph=be1460aad6057c7a1655c8e1f69701db974993aa8c5a8087d36bd921dbbd93db&tag=!tracking
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.185.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-185-240.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 125ms
40ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8e22de2f3daa81640b661557e04b0078e450dca1b4ac96005d657c6bc2f3ec28

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 19 Jul 2023 20:50:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46993
x-xss-protection: 0
pragma: public
x-fb-debug: fd8/0o/b1VChOLw/a5pcuTC7wNqvjLTyeyc4+1SdVhzeQyjg0yWr1D1FL/9ECERxzcAezqMjzNawPg8/N9OM0w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 211ms
119ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

634062706d04faaaffdd25d85147bfcc2b252e096cfad7ec3b8ae7b1e52296fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27574
x-xss-protection: 0
server: cafe
etag: 784 / 19557 / 31076240 / config-hash: 1636169572614523722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 20:50:37 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 230 KB
82 KB 151ms
58ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa695c44d39a9c3e4974ca59e09edd0dc507469d9522cf31165f87d45c1dc68d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83525
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 19:24:07 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 Jul 2023 20:50:37 GMT

GET
H3 200 symbol-defs.svg
blog.paleohacks.com/wp-content/plugins/simple-social-icons/ 19 KB
8 KB 181ms
177ms Other
image/svg+xml 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/simple-social-icons/symbol-defs.svg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 194388578fe16a8f6d0790e1af9f6f935a03b3ecb8d7620f0ebca642761ebc88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: public
date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 May 2020 13:04:10 GMT
server: cloudflare
age: 1952826
etag: W/"5ebd41ca-4b81"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
cf-ray: 7e95d6764f999274-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 27 Jul 2023 06:23:31 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00b2af963104a4dd04e77c1013957d37b0b43c86ba566301e77ab9a3e015280a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ed2cc414480e507b884d3c2faefa876fef943440c9d260933eebaf781ac4d87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73b749b1f5bc98174ea385921e3f5b1ad518875088115f30c90807560cc202f3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS /
api.ipify.org/ Frame 0
0

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87287076f288a27750d0c3737c4624bd59357c5b638cdf3f27f1763d85cd4a2f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET /
api.ipify.org/ 0
0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 128ms
39ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%7CSatisfy&ver=1.2.0&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 00:21:44 GMT
x-content-type-options: nosniff
age: 419333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 00:21:44 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
87 KB 41ms
40ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=bed2b69a1bb833984c155241a7931ae8

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

148b72e9450623cd1e23e795db2e6a991a4f6ce8c64fe999d4833a6f10fd971e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blog.paleohacks.com/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 19 Jul 2023 20:50:37 GMT
content-md5: TwKX9DwVoyW+Ub4Af8MWDw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88707
x-fb-debug: e3CkOK6Vgpeqk+zBR9KzGqXhWrgAmNJZWjH3LAGA95qYocsWpJR1oAVpgX37AECmU/aPbOg2IzLgEp31dpI8UQ==
x-fb-content-md5: 89ec238c487dd5f8008532dc4d344b3f
cross-origin-opener-policy: same-origin-allow-popups
etag: "fbb2cd5e7ecb94566391302b2bdbc1f6"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 18 Jul 2024 20:14:29 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/ 399 KB
124 KB 131ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/tag/js/gpt.js?ver=1681483469

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d1a754922199186d43c7e76757eddaeb26e350387294e0f69ac574bc54914f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 18:03:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10042
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126556
x-xss-protection: 0
server: cafe
etag: 15138777047932052885
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 18 Jul 2024 18:03:15 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 76 B
604 B 164ms
74ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=blog.paleohacks.com

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/tag/js/gpt.js?ver=1681483469

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fcc89ee1dcff30a72b389ba5afdc255829e83db910b0b1f3351af881f83c5ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
x-xss-protection: 0
expires: Wed, 19 Jul 2023 20:50:37 GMT

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
19 KB 203ms
41ms Script
application/javascript 2a02:26f0:480:9b2::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.2726170088328237
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/js/pinit.js?ver=1681483470
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9b2::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "3725764cf05d1a0938de73d398772331"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=168
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 18679

GET
H2 200 1143227772537202 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 107ms
107ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1143227772537202?v=2.9.115&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ce42c615aceae9800c058e8682c78f53614419b465b6fdc51c8e146b4b37b253

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 19 Jul 2023 20:50:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: wVDzo7jjb6eDsm4fHPvKd/JnkZjDxp1us3DUEVA0y712RRLxmQSMesB9bkXhiY0KIU+8k6knADZzsLSP/TYF0w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/955239029/ 3 KB
2 KB 168ms
79ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/955239029/?random=1689799837414&cv=11&fst=1689799837414&bg=ffffff&guid=ON&async=1&gtm=45He37h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F&hn=www.googleadservices.com&frm=0&tiba=Contact%20PaleoHacks&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90bacfc71a649080e024d4eaed45ad2ba74f7154e2d73ec16ad5e87ed5a3d0df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 129ms
40ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 19 Jul 2023 20:35:19 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 918
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 19 Jul 2023 22:35:19 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 3 KB
2 KB 186ms
65ms Script
application/javascript 2a02:26f0:480:98a::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:98a::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 682b27e54462f82c7d74362de52e2aa29a0a0fa5edc381d664970eb94470fc5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "b890a703adcb559f5e5d300aa7e4294f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1466

GET
H2 200 jquery-3.5.1.min.js Show response
track.mypaleorecipe.com/js/ 87 KB
32 KB 145ms
49ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Nov 2021 03:31:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6140
etag: W/"15d86-5d052be3dfc43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BvkNokDs8%2BwTWv%2B2yDOQFmYSaBFAe8Tle5rdGc77LUjDP0sHMkGw7aUKOaBuE51pJc5EFK1pEaYp1n8hndHLKCTrgxNk9JXinVXgDUtkol9xK%2F6Hc1UrvNrCljxHA3Cy6zMXCt0UWqz3bIGHmWGah%2FAbW%2BmdjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e95d6789fe0910a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 52 KB
18 KB 130ms
42ms Script
text/javascript 2600:1901:0:498c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3537aca32fd9019a921a280a6cb8ee3ee9e7443dc14dd04ed24486a04704203d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:23:39 GMT
content-encoding: gzip
age: 16018
x-guploader-uploadid: ADPycdvu_PcIYjKCawdKjHPZhoSRhaRS8NQsEvoBoA-nPOrSKnWmsQoIX3Jyol1MkWmlwPZA4f3z-6y9I-XHSejT6tsPbg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17969
last-modified: Fri, 05 May 2023 17:33:19 GMT
server: UploadServer
etag: "6eb612a000fc103e2769e576a68fc412"
vary: Accept-Encoding
x-goog-generation: 1683307999305716
x-goog-hash: crc32c=6XUl6A==, md5=brYSoAD8ED4naeV2po/EEg==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=86400
x-goog-stored-content-length: 17969
accept-ranges: bytes
expires: Thu, 20 Jul 2023 16:23:39 GMT

GET
H2 200 dtag.js Show response
cdn.attn.tv/paleohacks/ 3 KB
2 KB 1392ms
1294ms Script
text/javascript 2600:9000:26da:8000:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/paleohacks/dtag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:8000:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b47e2b5d041b401f4d6dc04b120f9ada18fdd87dc40f2c764879a7c7c5a2f93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: Y4H_bTaFBWRi9GimSEzzR9Px4JwIrNub
content-encoding: gzip
via: 1.1 0cf0bde9f9a6be1798d8b39249b30bc4.cloudfront.net (CloudFront)
date: Wed, 19 Jul 2023 20:50:39 GMT
last-modified: Wed, 08 Feb 2023 20:56:10 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
etag: W/"d943f1634cc781ba4142fc11b4ba2cd4"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: public, max-age=120
x-amz-replication-status: COMPLETED
x-amz-cf-id: ZpmTJi7Dc5kIOx-6hoqMj0BCNCs_-LE67YJxbru_tYNMAfDfvxaAIA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
80 KB 55ms
54ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QMKQQWEFHC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

44918679259de2afdf9b998ff76ab2b5ab545931c176a48a0eb0fc0534dd2288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81468
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 19 Jul 2023 20:50:37 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 122ms
39ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=510626776365517&ev=fb_page_view&dl=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F&rl=&if=false&ts=1689799837449&sw=1600&sh=1200&at=

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 19 Jul 2023 20:50:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 134ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QMKQQWEFHC&gtm=45je37h0&_p=781708415&_gaz=1&cid=221760506.1689799838&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689799837&sct=1&seg=0&dl=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F&dt=Contact%20PaleoHacks&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMKQQWEFHC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 147ms
49ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QMKQQWEFHC&cid=221760506.1689799838&gtm=45je37h0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMKQQWEFHC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 151ms
64ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QMKQQWEFHC&cid=221760506.1689799838&gtm=45je37h0&aip=1&z=38308675

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 405752247076167 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 102ms
102ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/405752247076167?v=2.9.115&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

679a1fcf545ea5d1a751b5a0fc4be99f73f4f2ee22fbfb3f0a90fdf6684b49fd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 19 Jul 2023 20:50:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 0O+ieU5EGRd4OyI0CH/pSNqSk+9EkcXO5i6FCDtMm4YOigprayAyL+uWDwv3QEAvCOvIHSkG36e55XlZKHruCg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 40ms
39ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1143227772537202&ev=PageView&dl=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F&rl=&if=false&ts=1689799837551&sw=1600&sh=1200&v=2.9.115&r=stable&ec=0&o=30&fbp=fb.1.1689799837549.539459098&cs_est=true&it=1689799837372&coo=false&rqm=GET

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 19 Jul 2023 20:50:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1035
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 19 Jul 2023 21:33:22 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 47ms
47ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=781708415&t=pageview&_s=1&dl=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F&ul=en-us&de=UTF-8&dt=Contact%20PaleoHacks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEAjAAAAACAAI~&jid=1283480381&gjid=1344361887&cid=221760506.1689799838&tid=UA-42752472-1&_gid=1563726620.1689799838&_r=1&_slc=1&gtm=45He37h0n81TJTDCJG&cd1=uncategorized&cd2=February%2028%2C%202013&cd3=PaleoHacks%20Team&z=779136587

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/955239029/ 42 B
455 B 145ms
51ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/955239029/?random=1689799837414&cv=11&fst=1689796800000&bg=ffffff&guid=ON&async=1&gtm=45He37h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F&frm=0&tiba=Contact%20PaleoHacks&fmt=3&is_vtc=1&random=125579992&rmt_tld=0&ipr=y

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/955239029/ 42 B
455 B 89ms
53ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/955239029/?random=1689799837414&cv=11&fst=1689796800000&bg=ffffff&guid=ON&async=1&gtm=45He37h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F&frm=0&tiba=Contact%20PaleoHacks&fmt=3&is_vtc=1&random=125579992&rmt_tld=1&ipr=y

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.cookie.js Show response
track.mypaleorecipe.com/js/ 2 KB
1 KB 48ms
47ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/js/jquery.cookie.js?v=1.0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dde3261ae85ead281a4f3120a5c4cee3bc7a1874c284c4a23874af1ada1f08ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6139
cf-polished: origSize=3254
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 09 Nov 2021 03:31:23 GMT
server: cloudflare
etag: W/"cb6-5d052be67bb4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6uiVKqPujUGLwaJDLy5TK7TA3JFsEdL%2B2j2%2FqpHBOSah7kTcm233k%2FlqblHD9df%2FGerIQYUzFlpWpKW939oQ14OUhr2eBdNbo0Zrk2BqbTo80xUShk%2BjKChDQ65hPq6L31hqrc%2F0s7fYiswTWS8tc1mfZaDDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e95d6792859910a-FRA

GET
H2 200 main.bd3e0b05.js Show response
s.pinimg.com/ct/lib/ 63 KB
18 KB 41ms
41ms Script
application/javascript 2a02:26f0:480:98a::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.bd3e0b05.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:98a::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ab6456ef0246f3d40fdb403bd81fed03ba17c7541266b465f06cc32f86649a73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "6dcfe4ec85689b22c849d9ef7f4b6487"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18133

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
70 B 47ms
47ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=781708415&t=pageview&_s=1&dl=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F&ul=en-us&de=UTF-8&dt=Contact%20PaleoHacks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAiEAjBAAAACAAI~&jid=1839837175&gjid=89161178&cid=221760506.1689799838&tid=UA-81910700-1&_gid=1563726620.1689799838&_slc=1&gtm=45He37h0n81TJTDCJG&z=1038447174

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 86ms
47ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-81910700-1&cid=221760506.1689799838&jid=1839837175&gjid=89161178&_gid=1563726620.1689799838&_u=aCDAiEAjBAAAAGAAI~&z=1632583955

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 19 Jul 2023 20:50:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 77ms
48ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-42752472-1&cid=221760506.1689799838&jid=1283480381&gjid=1344361887&_gid=1563726620.1689799838&_u=YADAAEAiAAAAACAAI~&z=2115862468

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 19 Jul 2023 20:50:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 568 B
617 B 192ms
67ms XHR
application/json 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2615989242318&cb=1689799837672&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.bd3e0b05.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 159ec23a6b35726aca57348e6615a6db4fa63c8bb12490cca4d260c8e05f9434

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pin-unauth: dWlkPU9UWmhaV0l3Wm1FdFlqbGtNQzAwTXpOakxUZzNNVGd0TXpNMFpUUTRaVGMwWXpaag
pragma: no-cache
content-encoding: gzip
referrer-policy: origin
date: Wed, 19 Jul 2023 20:50:37 GMT
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://blog.paleohacks.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1063523808557842
content-length: 385
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
247 B 190ms
66ms Image
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2615989242318&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22bd3e0b05%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1689799837673
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:37 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 4690089190881034
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 66ms
65ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-81910700-1&cid=221760506.1689799838&jid=1839837175&_u=aCDAiEAjBAAAAGAAI~&z=1554929521

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 65ms
65ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-81910700-1&cid=221760506.1689799838&jid=1839837175&_u=aCDAiEAjBAAAAGAAI~&z=1554929521

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 65ms
65ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-42752472-1&cid=221760506.1689799838&jid=1283480381&_u=YADAAEAiAAAAACAAI~&z=857979706

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 64ms
64ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-42752472-1&cid=221760506.1689799838&jid=1283480381&_u=YADAAEAiAAAAACAAI~&z=857979706

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 unified-tag.js Show response
cdn.attn.tv/tag/4-latest/ 120 KB
41 KB 46ms
45ms Script
application/javascript 2600:9000:26da:8000:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/paleohacks/dtag.js?ver=1681483468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:8000:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 702e454db68e51f654a1d78a03fa706a9f0c10bc3d198493ce2ae741d0889baa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: u8hhyyowUgAAW_hHPKd7xRepWss_KUhe
content-encoding: gzip
via: 1.1 0cf0bde9f9a6be1798d8b39249b30bc4.cloudfront.net (CloudFront)
date: Wed, 19 Jul 2023 20:48:25 GMT
x-amz-cf-pop: MUC50-P4
age: 137
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 17 Jul 2023 17:39:39 GMT
server: AmazonS3
etag: W/"03f7f757d404e9af36fd42f75d1df010"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
x-amz-cf-id: 4DWpSQAGGXe61kMNecbdQFtqITaV0IHXAQSxRtFY_V4WtGbAy7Up4w==

POST
H3 200 admin-ajax.php Show response
blog.paleohacks.com/wp-admin/ 10 KB
2 KB 1249ms
1248ms XHR
application/json 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.paleohacks.com/wp-admin/admin-ajax.php

Requested by

Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.23

Resource Hash

3482405bf8580b1a680bd75e09d9ae7e56c9d11794565e540bf2a913008f5a9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://blog.paleohacks.com/contact-us/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 19 Jul 2023 20:50:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-powered-by: PHP/7.3.23
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/json; charset: utf-8
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 7e95d67a1b1e9274-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 like.php Show response
www.facebook.com/v4.0/plugins/ Frame 3635 0
1 KB 69ms
69ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v4.0/plugins/like.php?action=like&app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe4ca27b593494%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Ff228388cd111968%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Ffacebook.com%2Fpaleohacks&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=bed2b69a1bb833984c155241a7931ae8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 19 Jul 2023 20:50:37 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: tuJsbO8snFX/+zrL8zAP4gz0/eAkMkAxxq97zMJfq19wDi+jZ0/fML5yrTxAtTnMFobWmo0HD7ucU1MnwLFpKA==
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
39ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=781708415&t=event&ni=Yes&_s=1&dl=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F&ul=en-us&de=UTF-8&dt=Contact%20PaleoHacks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=leadbox&ea=show&el=Contact%20PaleoHacks&_u=aCDACEAjBAAAAGAAI~&jid=&gjid=&cid=221760506.1689799838&tid=UA-42752472-1&_gid=1563726620.1689799838&gtm=45He37h0n81TJTDCJG&z=1318087480

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 14:34:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 22568
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo.png
blog.paleohacks.com/wp-content/uploads/2015/10/ 2 KB
2 KB 53ms
52ms Image
image/webp 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2015/10/logo.png
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83685ec127cc7475c7a3649e73986c90d87d037247409d80423f5caceed4681e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
cf-cache-status: HIT
age: 2358868
cf-polished: origFmt=png, origSize=1719
content-disposition: inline; filename="logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1536
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 09 Nov 2019 16:35:00 GMT
server: cloudflare
etag: "5dc6eab4-6b7"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7e95d67a4b459274-FRA
expires: Sat, 22 Jul 2023 13:36:09 GMT

GET
H3 200 cookbook-opt-in1.jpg
blog.paleohacks.com/wp-content/uploads/2015/08/ 15 KB
15 KB 51ms
50ms Image
image/webp 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2015/08/cookbook-opt-in1.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfc98d46b8948bdd10ecef95fe6292a8bfabac6782a441f6759b8bf9f5361af4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
cf-cache-status: HIT
age: 2343003
cf-polished: qual=85, origFmt=jpeg, origSize=19662
content-disposition: inline; filename="cookbook-opt-in1.webp"
alt-svc: h3=":443"; ma=86400
content-length: 15536
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 09 Nov 2019 16:20:14 GMT
server: cloudflare
etag: "5dc6e73e-4cce"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7e95d67a4b469274-FRA
expires: Sat, 22 Jul 2023 18:00:34 GMT

GET
H3 200 beginners-book-143x150.png
blog.paleohacks.com/wp-content/uploads/2018/06/ 8 KB
9 KB 51ms
51ms Image
image/webp 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2018/06/beginners-book-143x150.png
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 735b305aadf14dd683363407e953b1eec091e541f8d6172d459454e40d7074c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/contact-us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:37 GMT
cf-cache-status: HIT
age: 2420256
cf-polished: origFmt=png, origSize=9206
content-disposition: inline; filename="beginners-book-143x150.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8628
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sun, 10 Nov 2019 01:55:00 GMT
server: cloudflare
etag: "5dc76df4-23f6"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7e95d67a4b489274-FRA
expires: Fri, 21 Jul 2023 20:33:01 GMT

GET
H2 200 / Show response
paleohacks.attn.tv/d/ 5 B
257 B 529ms
408ms Fetch
application/json 104.18.37.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleohacks.attn.tv/d/?attn_vid=95b9efd6ddcc4a4e97ec31d9e1246b00
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.37.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:38 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: *
x-envoy-upstream-service-time: 4
cf-ray: 7e95d67b4d50bbd3-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 e
events.attentivemobile.com/ 0
160 B 245ms
146ms Ping
text/plain 172.64.144.208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://events.attentivemobile.com/e?v=4.24.1_badfefacda&pd=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F&u=95b9efd6ddcc4a4e97ec31d9e1246b00&c=paleohacks&ceid=UsU&lt=1689799837823&tag=modern&cs=2645033209&t=v&r=&m=%7B%22source%22%3A%22a%22%7D&cb=1689799837828
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:38 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain;charset=UTF-8
x-envoy-upstream-service-time: 4
cf-ray: 7e95d67b283a4d95-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 paleohacks.attn.tv.js Show response
cdn.attn.tv/growth-tag-assets/client-configs/ 0
384 B 427ms
426ms Script
text/javascript 2600:9000:26da:8000:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/growth-tag-assets/client-configs/paleohacks.attn.tv.js
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:8000:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: kGJjc2HxNgGNuk_7UqP1h9o.liqWLb8I
content-encoding
via: 1.1 0cf0bde9f9a6be1798d8b39249b30bc4.cloudfront.net (CloudFront)
date: Wed, 19 Jul 2023 12:02:02 GMT
last-modified: Mon, 17 Dec 2018 20:59:49 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 51280
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 0
x-amz-cf-id: 3pKz772FzcfqiWL4lNxTpqaDlTM2CkJQ8Vbh_hFHlcqfgBdA7l88qQ==

POST
H2 204 unrenderedCreative
paleohacks.attn.tv/ 0
0 412ms
412ms Fetch 104.18.37.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleohacks.attn.tv/unrenderedCreative?v=4.24.1&r=&id=95b9efd6ddcc4a4e97ec31d9e1246b00&pv=1&l=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F&w=1600&h=1200&ss_ref=ORGANIC&m=marketing&m=live-sms&m=backInStock&f=2
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.37.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 19 Jul 2023 20:50:38 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 16
cf-ray: 7e95d67d38dbbbd3-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 /
log.pinterest.com/ 0
237 B 74ms
73ms Image
text/plain 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=N3H9PYDsZn7u&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F&viaSrc=canonical
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 19 Jul 2023 20:50:38 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 4
x-pinterest-rid: 9385899634694523
content-length: 0
x-served-by: cache-fra-etou8220073-FRA
pragma: no-cache
server: envoy
x-timer: S1689799839.625161,VS0,VE31
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 admin-ajax.php Show response
blog.paleohacks.com/wp-admin/ 4 B
302 B 1104ms
1103ms XHR
text/html 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.paleohacks.com/wp-admin/admin-ajax.php?action=show_optin_async&post_id=22&_=1689799837609

Requested by

Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.23

Resource Hash

dba5166ad9db9ba648c1032ebbd34dcd0d085b50023b839ef5c68ca1db93a563

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://blog.paleohacks.com/contact-us/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:39 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.23
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
cf-ray: 7e95d68089059274-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 main.js Show response
track.mypaleorecipe.com/js/ 3 KB
1 KB 48ms
47ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/js/main.js?v=1.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ae0b0e74edee33dd3e9d91c15b595508fc05e1ced11a15dbe787d0f9862dfc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3824
cf-polished: origSize=4494
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 09 Nov 2021 03:31:21 GMT
server: cloudflare
etag: W/"118e-5d052be46686b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ccieCMvNFL0LZTHdaKTEghRL3pHFt1DCxkuwE94JBVCVXn7EkwWgOu73owRJr2FXiML1BfSS4YB3t4Db%2B1K3QKdhi9F1dncGrpBUOh2It%2FWetxFWfuTp8VNmj1ya%2BQR5hjo5tTmGoDmBu7N1plApOCYXdO20ig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e95d680b9de1e5c-FRA

GET
H2 200 / Show response
beacon-v2.helpscout.net/ 458 B
751 B 148ms
42ms Script
application/javascript 13.224.132.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon-v2.helpscout.net/
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.132.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-132-90.lhr3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 977da30a8da124325b245a1d67aa0c68d9b21df6f731350d9b3ab61a879350c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:48:57 GMT
content-encoding: gzip
via: 1.1 07b994ddf00f39c9e5b18a963a695fd4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR3-C2
age: 101
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 327
last-modified: Tue, 18 Jul 2023 09:35:39 GMT
server: AmazonS3
etag: "464a6f58e8a73a3dc276b1c4a64cf865"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120, s-maxage=120, public
accept-ranges: bytes
x-amz-cf-id: UxQFhFtNy0pp-B_wmVkpJuEEM83rCU4kB-Mc9JKe9wmMibM-3CBc5w==

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 6C22 565 B
400 B 72ms
71ms Document
text/html 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.bd3e0b05.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Wed, 19 Jul 2023 20:50:38 GMT
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 1
x-pinterest-rid: 8881429868314239

GET
H3 200 createVisitor Show response
track.mypaleorecipe.com/api/ 9 B
714 B 674ms
629ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/api/createVisitor
Requested by: Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 346d8e3ad2bb516e393fb20a70cedeb12adf52ea195bddd1e64f1aeff935d3b7

Request headers

Accept: */*
Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7irqS2e9yImcqehPucP6pHmvFDNM7d%2FOits9ifOmpmPCv8wmxHBPMpi0tAC%2FeRDHvAqEf2%2BekOTQ2A0hFi7UZlbEFNBa8rzsSTbBIxCmQYOovDBNv5EGiRcwPaeyVcafUh7C%2FvG5SY9WBRH0DoSFLdy%2FxRCREw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, max-age=0, no-cache
cf-ray: 7e95d6817afebb35-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 129ms
128ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/33/881/775/653.js?ver=1681483468

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bc9b14802b6d61f16a9bd1820c6634000fae75d5a390a69f5521b1f186e95ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27554
x-xss-protection: 0
server: cafe
etag: 173 / 19557 / m202307130101 / config-hash: 1636169572614523722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 20:50:39 GMT

GET
H2 200 vendor.51111976.js Show response
beacon-v2.helpscout.net/static/js/ 63 KB
22 KB 50ms
49ms Script
application/javascript 13.224.132.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon-v2.helpscout.net/static/js/vendor.51111976.js
Requested by: Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.132.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-132-90.lhr3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6a69a0f8da52f401b953914ed46f36a66de2a61dfd54fe5f92b4d6585773c76a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 19:33:10 GMT
content-encoding: gzip
via: 1.1 07b994ddf00f39c9e5b18a963a695fd4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR3-C2
age: 4650
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22209
last-modified: Thu, 06 Jul 2023 14:46:41 GMT
server: AmazonS3
etag: "341cb1fe5323fabbbb2b06b250159329"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: 1q5-VGuS7paxrSRmnm_vYFQuPvmyaFIsLIs-iKfhSmFcxyhFdawmJA==

GET
H2 200 main.142cfcf4.js Show response
beacon-v2.helpscout.net/static/js/ 25 KB
10 KB 57ms
56ms Script
application/javascript 13.224.132.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon-v2.helpscout.net/static/js/main.142cfcf4.js
Requested by: Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.132.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-132-90.lhr3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d906982254784c5b8534a00447f41450b873b1d6a7ca71885fba9f7ccf2d52bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 19:36:53 GMT
content-encoding: gzip
via: 1.1 07b994ddf00f39c9e5b18a963a695fd4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR3-C2
age: 4427
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 9711
last-modified: Tue, 18 Jul 2023 09:35:39 GMT
server: AmazonS3
etag: "f3c8bd6ac45bc3d8f66a3afb06980733"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: LUIjvGH_WYe64RY9EWkgu5QV6V6NyuKTqgEaOuzIU_Fe-n8aqHzffQ==

OPTIONS
H2 200 e98469a1-0233-40c9-b2f8-48d4622a650d
d3hb14vkzrxvla.cloudfront.net/v1/ Frame 0
0 257ms
143ms Preflight 18.66.188.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3hb14vkzrxvla.cloudfront.net/v1/e98469a1-0233-40c9-b2f8-48d4622a650d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.188.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-188-69.muc50.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: beacon-device-id,correlationid,helpscout-origin,helpscout-release
Access-Control-Request-Method: GET
Origin: https://blog.paleohacks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: beacon-device-id, correlationid, helpscout-origin, helpscout-release
access-control-allow-methods: GET
access-control-allow-origin: https://blog.paleohacks.com
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE, PATCH
content-length: 0
date: Wed, 19 Jul 2023 20:50:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin,Access-Control-Request-Method
via: 1.1 eec5ede1fdb15ceb2352a4ebfb155362.cloudfront.net (CloudFront)
x-amz-cf-id: 9PShAWsvvuYjFOuH-p05S7MElgnZGV7y9z0HhNVb9WY3N9nHhLyAGg==
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
x-ratelimit-limit-attachments-hour: 10
x-ratelimit-limit-chat-tokens-hour: 25
x-ratelimit-limit-conversations-hour: 10
x-ratelimit-limit-general-minute: 60
x-ratelimit-limit-identify-hour: 25
x-ratelimit-remaining-attachments-hour: 10
x-ratelimit-remaining-chat-tokens-hour: 25
x-ratelimit-remaining-conversations-hour: 10
x-ratelimit-remaining-general-minute: 60
x-ratelimit-remaining-identify-hour: 25

GET
H2 200 e98469a1-0233-40c9-b2f8-48d4622a650d Show response
d3hb14vkzrxvla.cloudfront.net/v1/ 6 KB
7 KB 202ms
202ms XHR
application/json 18.66.188.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3hb14vkzrxvla.cloudfront.net/v1/e98469a1-0233-40c9-b2f8-48d4622a650d

Requested by

Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/static/js/vendor.51111976.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.188.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-188-69.muc50.r.cloudfront.net

Software

Resource Hash

48df57e7d19711e52ea797ee1a0605cbe4b6972042545f59216ad04974a6a103

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

correlationId: 86fa96b3-c19b-47a9-9a86-771d60ada995
Helpscout-Release: 2.2.104
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Accept: application/json, text/plain, */*
Beacon-Device-ID: 7cd172ab-ded6-4190-8050-586dcc9c0028
Referer: https://blog.paleohacks.com/
Helpscout-Origin: Beacon-Embed

Response headers

date: Wed, 19 Jul 2023 20:50:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 eec5ede1fdb15ceb2352a4ebfb155362.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
x-ratelimit-remaining-identify-hour: 25
x-ratelimit-limit-general-minute: 60
x-ratelimit-remaining-conversations-hour: 10
x-ratelimit-limit-identify-hour: 25
x-ratelimit-remaining-chat-tokens-hour: 25
x-ratelimit-limit-conversations-hour: 10
x-ratelimit-limit-attachments-hour: 10
vary: Origin,Access-Control-Request-Method
content-type: application/json
access-control-allow-origin: https://blog.paleohacks.com
x-ratelimit-remaining-general-minute: 60
access-control-expose-headers: Resource-ID
cache-control: max-age=300
access-control-allow-credentials: true
x-ratelimit-remaining-attachments-hour: 10
x-amz-cf-id: SShbQ0GtZMcHWpDtvhJYW72KAxHMtkOxh9mPCJfE5pfDdl0ETgfWNA==
x-ratelimit-limit-chat-tokens-hour: 25

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 152ms
151ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/33/881/775/653.js?ver=1681483468

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56ae42d0c397a6e30fe68d290544dc4403525b0f84bd7fc05daaabae856cd92b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27589
x-xss-protection: 0
server: cafe
etag: 899 / 19557 / 31076241 / config-hash: 1636169572614523722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 20:50:39 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 116ms
115ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/33/881/775/653.js?ver=1681483468

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

766ae75d31bd669a0918b3b000893a0ede112fc353f188a2385b9b888ff106d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27574
x-xss-protection: 0
server: cafe
etag: 588 / 19557 / 31076191 / config-hash: 1636169572614523722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 20:50:39 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 142ms
142ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/33/881/775/653.js?ver=1681483468

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fdac48b9f68485c5d80454f135523e538a3cfc8518bfa19dad5eda287203a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27550
x-xss-protection: 0
server: cafe
etag: 219 / 19557 / m202307130101 / config-hash: 1636169572614523722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 20:50:39 GMT

GET
H/1.1 200
OK / Show response
api.ipify.org/ 21 B
221 B 530ms
177ms XHR
application/json 104.237.62.211
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.237.62.211 El Segundo, United States, ASN18450 (WEBNX, US),
Reverse DNS: hosted-by.racknerd.com
Software: nginx/1.25.1 /
Resource Hash: 8fc15a92e4e7c6cf01d7e052a3fdc141b0ac780dc447a3e64a08156226b1b362

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 19 Jul 2023 20:50:40 GMT
Server: nginx/1.25.1
Connection: keep-alive
Content-Length: 21
Vary: Origin
Content-Type: application/json

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 139ms
51ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=blog.paleohacks.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 119 KB
34 KB 1707ms
1707ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2353631156336106&correlator=95843760697993&eid=31072019&output=ldjh&gdfp_req=1&vrg=202304050101&ptt=17&impl=fifs&iu_parts=55892584%2CPH300x2502%2Cdesktopfooter%2Cph_widebanner%2Csitefooterbanner%2CPaleohacksSidebarBanner&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=300x250%2C728x90%2C970x250%7C728x90%2C970x250%7C728x90%2C300x250%7C300x600&ifi=1&adks=79842087%2C2912191614%2C3129430941%2C2355259855%2C698452367&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1689799839651&lmt=1689763205&dlt=1689799836996&idt=568&adxs=-9%2C0%2C-9%2C-9%2C-9&adys=-9%2C1110%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F&frm=20&vis=1&psz=0x-1%7C728x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C728x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C516%2C2%2C2%2C2&ohw=0%2C1600%2C0%2C0%2C0&ga_vid=221760506.1689799838&ga_sid=1689799840&ga_hid=781708415&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef8aa869fc625fecb5d34741f668243bd711f17935395b3aa86afd3a39e1bf0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34531
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 181ms
93ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1b08cc33f61379c0f55720697db90b8eaedd6a95e4f9c1ba4e505b2606f2ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11937
x-xss-protection: 0

GET
H2 200 container.html Show response
fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F3F0 6 KB
3 KB 160ms
48ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 20:50:39 GMT
expires: Thu, 18 Jul 2024 20:50:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 464ms
115ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 20:50:40 GMT

GET
H3 200 createActivityLog Show response
track.mypaleorecipe.com/api/ 8 B
611 B 232ms
232ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/api/createActivityLog?visitor_id=155665224&activity_type_id=1&fbp=fb.1.1689799837549.539459098&fbc=undefined&ga=GA1.2.221760506.1689799838&client_ip_address=80.255.7.103&client_user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/115.0.5790.98%20Safari/537.36&full_url=https%3A%2F%2Fblog.paleohacks.com%2Fcontact-us%2F&utm_source=0&utm_medium=0&utm_campaign=0&utm_content=0&utm_term=0
Requested by: Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 9780156160233045c4a72385f1b787a53d51deb520eb8f72010d7db92d82b4d0

Request headers

Accept: */*
Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ReTuaMRjeF0xLngSuWF6vbCVAlC%2BZbmAV16VWq5K%2B%2BIg6s6GRVOlhLaQCgHcNguoSwAdfY1F6AttRUmIofaZBYYugCZgmbgETPXgFiV%2BHMGGj235vUPkouoVgD2VFp3blpuGywMUxwGjzwVKoqtV4Sm1lHguoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, max-age=0, no-cache
cf-ray: 7e95d688cc01bb35-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DD50 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6748
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 18:58:12 GMT
expires: Thu, 18 Jul 2024 18:58:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 435F 783 B
951 B 51ms
50ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ce59d61dafa78070b3370d353a810e7d8843f65a1fa340452f768dd5a275f876

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xq362hVrM6yi56pdo223Cw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-xq362hVrM6yi56pdo223Cw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 20:50:40 GMT
expires: Wed, 19 Jul 2023 20:50:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js Show response
pagead2.googlesyndication.com/bg/ Frame DD50 37 KB
14 KB 120ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf821ac997d7f3c657dbf118b7de0675820f37b449ab5186a96356112ca6a0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 13:53:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jul 2024 13:53:16 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 435F 0
0 143ms
73ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304050101&jk=2353631156336106&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DD50 0
10 B 43ms
43ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?nrhOgA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304050101&jk=2353631156336106&bg=!jo2ljdnNAAa3SiIRl0o7ADkAdvg8WryH2ZfI4i7GMsx6g-uvOMzcg3lkJIk3kDS6PCyMA3-72MJCMarh4En2M3VEyxqRo0hwKJYCAAAAXVIAAAAIaAEHmQKxI-ve0lwRV9L2wOqOYfuOf4e_g7O4NcZKQ-ss5yMk4ex_Fjpz0lmOaSBPpxkRIKR7ivz2h_nlDnPx21OlSgUUqV9rcX8dsDwrIIT6tGxzSalM4VY2sjG8F2SqLiB7KlKKn6S8ZOFDr3N89-jiUpC2_xLLhjD8FNvIRAbkNcC173ZtW2KWPV8lyseaLNl3Jo3xMkhLkmffpg4cmipQHDODRpjVouldwV3nZBnoWdcFIXl6xYRKehM8QyUArNdO65hVeUuSIG9nLsU79BwB9ZKeeyBojXYkL8X-7pVWj4p23qWpUs_IioLVHQ7PR54iIGXVfjludE1QWqe-CL1JhLfDS1wfzSxVUNci4Ti8ab6LQEAWnzCtkNK5pcdyMsIzxJ2M3KgZgCEMIHDPiQe1K5mtai6_Nd87VWklZLryjMQg7g90SXtM5l23hhNhHOjslYLCJNPQ0Wm2mnWutMWtDj9ao7-DzYyqKjZFtH8iPeKhVkW0RBELcJ7U1-R4Q_Dx9yKGTeh5FcJlHYZFnId9OR5UUcRxSFhmU_sLpYIK1W1KPmchHKB9dojbK-XzUntY48t1h7XDf9ROVsNmwFywopvc_1Av58u-TDXDruUpf_LDQc0SBTEN1-4cFs4nCiozoyfwTbTYQ4XYdCy-GzkMQOeArgg1Bvcx2CGIyn3_mG4unc2LI8C-CTjyQLFB1_QJnQ6QRAnrhktiJvakBdHiCPTkxSBcRHF0bNMov_DqtMuPFcRxBmeUK_Qu-6R4tkNUufrdMCC7Xa1nvSo-82SFJ3JxkQt7mGujl6nIGm-352oHiICV-te2YFur-K6LLLj7FlEBmgZWfC178b8WiSVnC4ob-BZ7FH7KKaE4n5whk9yi6PirxkRyDjg8mUlUiB6JO6-teoTnzi8AH4JS-kswU4GRQkA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H2 200 container.html Show response
fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A2A6 6 KB
3 KB 41ms
40ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 20:50:39 GMT
expires: Thu, 18 Jul 2024 20:50:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 44EF 624 B
307 B 81ms
80ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNW3Hh2886o7Q4-DZ3YbsDjOENM_g_dHEVkwD2VSwltpLR6EDN8-Rtn6fMsgpU9Ba6pW6Cx6K1Ur3li-tBJJ4SBqUznsjcWY9jFvYmJOll8naFP02sUucqatq_tq2CIEdnZo3fi_ha1eagGu0YaHKNvqpqylB8Miee7klA6Td79MeckWp2Y

Requested by

Host: fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com
URL: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 20:50:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A2A6 85 KB
29 KB 123ms
123ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com
URL: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29781
x-xss-protection: 0
server: cafe
etag: 4315658989838864570
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 20:50:41 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A2A6 42 B
63 B 74ms
73ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C4t603J0Dl-bCQ-8FLrY5aBui1Ghk3vK1jJKhCLo5B3AJ7cOVKyyD8UXkM9LP4iHhjLsHBFI9CIxnu9-OXmAJTQ_1t85Zx_T2n7WKD9YTL9gG9fZg

Requested by

Host: fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com
URL: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A2A6 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10085145228626964749&x=1&ct=76

Requested by

Host: fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com
URL: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame A2A6 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/window_focus_fy2021.js

Requested by

Host: fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com
URL: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 16:17:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16407
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 16:17:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame A2A6 20 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com
URL: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 14:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 14:19:51 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A2A6 0
0 48ms
47ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS6YWhUXB3Cg12DfBk2iYla6OmydzY57BVhpSiXZHcGnxct4IWfMBItaNkezSYPfi3Z2ewfOsmElDOs3GcdxD0R7ZZoiA
Requested by: Host: fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com
URL: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A2A6 179 KB
56 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com
URL: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 20:50:41 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 44EF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO92M6AwAlurh9k1hIqnfCo&google_cver=1

43 B
766 B

76ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO92M6AwAlurh9k1hIqnfCo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNW3Hh2886o7Q4-DZ3YbsDjOENM_g_dHEVkwD2VSwltpLR6EDN8-Rtn6fMsgpU9Ba6pW6Cx6K1Ur3li-tBJJ4SBqUznsjcWY9jFvYmJOll8naFP02sUucqatq_tq2CIEdnZo3fi_ha1eagGu0YaHKNvqpqylB8Miee7klA6Td79MeckWp2Y
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Jul 2023 20:50:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO92M6AwAlurh9k1hIqnfCo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 44EF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLhModCJ6AmXwwj5R5MIxgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO92M6AwAlurh9k1hIqnfCo&google_cver=1

43 B
766 B

44ms
42ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO92M6AwAlurh9k1hIqnfCo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNW3Hh2886o7Q4-DZ3YbsDjOENM_g_dHEVkwD2VSwltpLR6EDN8-Rtn6fMsgpU9Ba6pW6Cx6K1Ur3li-tBJJ4SBqUznsjcWY9jFvYmJOll8naFP02sUucqatq_tq2CIEdnZo3fi_ha1eagGu0YaHKNvqpqylB8Miee7klA6Td79MeckWp2Y
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Jul 2023 20:50:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO92M6AwAlurh9k1hIqnfCo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 44EF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHEheDfmBaQyeq8z1tFhNmg&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHEheDfmBaQyeq8z1tFhNmg%26google_cver%3D1

43 B
894 B

51ms
50ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHEheDfmBaQyeq8z1tFhNmg%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNW3Hh2886o7Q4-DZ3YbsDjOENM_g_dHEVkwD2VSwltpLR6EDN8-Rtn6fMsgpU9Ba6pW6Cx6K1Ur3li-tBJJ4SBqUznsjcWY9jFvYmJOll8naFP02sUucqatq_tq2CIEdnZo3fi_ha1eagGu0YaHKNvqpqylB8Miee7klA6Td79MeckWp2Y

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:41 GMT
an-x-request-uuid: f077b563-3f0c-41c1-a68d-a251684ab162
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.103; 80.255.7.103; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:41 GMT
an-x-request-uuid: 6d0e783d-24a1-4bc5-adb7-f3f56cc1289a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHEheDfmBaQyeq8z1tFhNmg%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.103; 80.255.7.103; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 44EF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc1OTUxMzkyMjE3NDg5MjU1OQ%3D%3D

170 B
188 B

50ms
50ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc1OTUxMzkyMjE3NDg5MjU1OQ%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:41 GMT
an-x-request-uuid: 072b5a9e-adb5-4fbe-b419-63b68e827ee6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc1OTUxMzkyMjE3NDg5MjU1OQ%3D%3D
x-proxy-origin: 80.255.7.103; 80.255.7.103; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A2A6 0
20 B 74ms
73ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7768427957143&version=m202306200101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A2A6 0
20 B 75ms
74ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7768427957143&version=m202306200101&ct=76&x=1&cor=10085145228626964000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A2A6 101 KB
38 KB 92ms
91ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APqFWTSESclT6_qW0z9uLUX8JtVl2tt2U0T1bnHL2w6ORGap4Cnu5RIkmoeTGXQqFjlzrjtFWAgmsuAV6dgujPn-wSMxILu3fCvWzfa50VYuV81eiTHatR-YD14kvjLwVVqobb833OExiiLr2euRXLNibXYGvdrRIuoOeKHLmKh_jdRy4&dbm_d=AKAmf-Co9FlgilYNE5pvP7852ncXMx3hgIyKwTQ7Hb0o-BXYip2St8XAUPgn6uCfcj_il_LKl8M60nZDqsRYGtpUVFMSJUNhGHcTHQqpAlVqidpwMAe_puo58sLTGvw_fvbh_hQoaCeyyxM6gfXpc6hwX1YwAAlv0GKolMc0onW8QJ-MmyzKaXM0OWrrbs1jAXLpVRb6d4aY3y_-h9hxsiTjh_FNH8BQpz61Exdu2L0E2JaTc5vCDzecU3Xla8abeNSdDEZ-aPvBAnK4nUhe0HzpzHSQj5Q89wA49zvJAvSHWtqd1ozV0e0B2t-QFGcwGy0X0s2MuF51jD1VxvgoL22zsQVl-2UFjz2fT8uul5xnsHOG9-EIcLinMeoy73QJP0rygleK_WFT3h4m8UNIddwQEZSP01TOKpDCab2Jv3u49MftW-I5366tQg3AKljShgzdG-WbFeX4DoAGcl8bjxNf50SDRtUmaqLsqQM_AqRefuy34yjEAsXi6RS2ycZhhbNcho0gje8YpfwKdefokWcy1jeK08-L8_OYkFl5sibldXHbszUG7MuRQLfWEwkHgYos2JlsyGzLdbh33yrJ8LPgRFmRFFWLb8Awl1ZDYVQAxKNTAu0vUKeu2O8Ve2-CMuXdOd4CmBoNxWcxy032dTa6UGBErJBmvc0baFfGUPOvLL9bDZrJ7M2A8SFAzwzCAl8AJR3RnpJbYXWPTTP_AhssJCJZznRFGnlV0TqSlCs4_6WwCGcGBPWFSjtoPFFv803NA2cY0C-a84Qkb3HM48cmWWhbNtwFOUoK7bFKeGA1mJVYITES5VUUeRJU4So8nj6oTtGESoDM_LUkq8AuMNvL8MWUM8ivrfzjNe4-5hsDe17cdvw7d6fs0R_YADtwg1UiEh3XGElqf4Rgi_z7m9lOFPjuvtyMPMmhQK9-r3p-kSi-BJXdvKVzSctRMRf8DPJGk8zJekauoAf3Hy3lCD612VX8ns-n6gmpIAI-RFkPvxcPCIFTzv1HPG_j_JvwgzfLIiPocK3v8--CWjgDzv8Mt8rLY8NgGrCpCxv7Q055Pe-DJP94laibI3sroeVeVK1bc6_sZTDdaoqaAX3otRmOOx8vi_kdzv6pug1q5S1fvY7buj6Brfl9poDLPJmOs5Fyi-phWG1MIm8VKG6ZYkt46wqcEMJgLV_x12U1qUGOzsRS9m3pzuYRZM-DRL2Xz-xKCtCj9NMhpaI17o6z8IcgTv4fwmzQLqkv43uz9ppMBRSmsH-iThCK46w8VH0O3H0uCN6CCoMirSvx-2uiJI3Kn0o01VNb0XkDRwlfHPcOHiC-pVfTe0Ok2xUqUsuXGjDSI_WWRyCOwnv4D6NhVBjqd2PytMGZKSylgZM_mWi5p01c0lfYiqGMYttpIIGkUX8E35FTxUIeOH_SfNAbfbbXBwoWyRT6ZqmVk5FBggjvry8eS2SpTOQxacggbrW-kBDgj2_rxD6Tf5VfWDHpNdETno93t6xpFZfR2D26ElHaF_Iy8PcLmdrOQPtiD9fikMOPEUX9sGEIcMyNPgpmScj4LyD6p-lIeGODLbcP8nAqZgm3-P3fh0Cnva8W_3Nfhvt4sUuq3O5MkXCnUlrjxux-ZTW8Yzfk_dUH1FzVWeCWX3JO81BqwHhqDL-OKT2xLHEejXNTgqREV99mO0532fMZp-z573IXPEpAwBU3noCeEgUzaVafUI2y2Hq6-XCVEogy9D6NqEhMLKTxHuUG8nTkTR5zYpZwQxx4texK5dzpINh20VsDmpah6Ym5aDlb5GlGWE40LXHJlDMk623ni8ZhZg-3QqMe-5t91BYdX3Yx1dvDxq4BzBRmBQ1tEOpMJJ-B0THlyt1SWJVt13a7Q3-hlkF8pK162zf6w3vyLA_785dkhWt5kqXhWmsvVYVt3s9kdzBSzPoDv0SNpni3Hy-jUd_gmy4Jhm3W0sESc93naEcWCUOhfnG-rE46PnngALiLZNLjePJ9j0orcDLKyQ-hEqGJlpFSvnrStoc6KXz1OTh30hFYii8qGBynaYT8h1pzGpkESl2ujGV7-ZQyxwsiFbiwKAt55DvZ-FfgZlOWYbRUhsvmrsVtJoobaBbQvDXbmWSpfO4UyLbFJ48-FX3MvBX-3Q2dlGnWieFBRJ5ssxUdj4DM8J5SOm6oydF811Xc0P4l2GOnDSSc1PlXK5WJ04WiUNSgdKz8jVNU8QB73ppvYyTlP6aGGdOcIGi1rDqBmhVcuCHrfPvxpVumbbudk1i8ihqOBVtHhtPvFUiU8Km3-z65uBLpuLWMHGjSRwOTXpBBbAcptmh87b2_tW0xcSEPbmdsypBo9CzhDmxJCQyngI4pVSI4SLHjtvlRMdHcZhWw6aSU6blwkxGMftZLj_M38G3_tId4ALO2HJnZj0N9AJESNjz_ep7UMC_LTSnkTohIs_OuByEefgUHq5JSloUPpRcyCNLSjN_v6Gg1lHMCNpRgqhzXf5XcyJNoXf1coaebVqNcyJFeZiDQ2qPZDKCHkymZMXOBWIXIbrmvfp31Nlqlu_zw_NbO21r797676OPXfLU5stPJZLTHoJESrZvRPcIXayLovkt6ofnvMkSZW-SUxTTcS1RwIm6wmWEU1vjgnH0OqM4L7s5GWdcLybxRO2RVUJCfvFawCEu6tGT6La_k6cjyivXhsmoJHDK0LlHKlGCKbKzglbJlWbuhljotqFHX9l0-Znzo8lbhYY5ZAXuZUjHaZak2EzcE0mj9GAwN4avYNGD3Ley2u7FcyCl8Ue-8PD0IEtr9nznJuIBWDS_CDPC4iFiECUbgTIkbpBIoIYENJ_4g-Xtmyygq5mwzQ1n_v4aTbQAhBu2n46g1vcuJs7SIdZue1P2uFRbIVSenQ7V73F6sEeAUadGzLXv6IXp7f2MD3AHQOe6X0JR9rdom9HbROAPvJsPDMpTnVk17lRB5qmk0Gyxf43wY6ESgUe1_BryrfHmnDUQ_owL_YtzGXo0iUrmDhGwt8gpeoAi7SD89ukY_rd2jV-YcEgu0lxjE25XvWTpT-87EnFeqXvYHQcycRgrvz9Gmx7hCyFigSEBLughLrZGQpakAR2XekRJSabrQBQgd5_siM4ne0sIA6Qg4BU6GXXIlWpGc3fzRPGn6eUV0lwVLH1zaCsiCjrvZh0VqMcMr_nNSYapcPioq6zvoUaitzOQl5gH1SHA0-4l8MvHxkOANAlmQ6XqUGyDe7vJ1w4ZlixfqywJpwDl66G8FzRqdtieY0FitsHuR78uCzO0WFH2JAJbM5dbiWyjI3RYaN8hcrZxoWEGkQO-io_3Zy3Y19owOYmL-cO8rBik9oo28yz3BjkBqkOyowJ_KP6ZoZiG73uDj26r6iOSvwOoRgCcwwhtQTVPwFmq7UAxq60tcXOwMtPe1HK2D8QnxUofirEIkT3EdRW5YQHdzlhZ-gzqNDh1oePOWhk_FzCbuAyWZX1tjAba23GUgYDRyG85kHno9sphzg-L01EEyNycC4rcBQxTcOX1FM4cbbOcP&cid=CAQSPABpAlJW7A0XedimL1_1FLVhj0bp4zHEwwdzUPanqwBErPc53ZlGo5oc_WIOmy7lvMhTz5SIZ7Wm5ZOinBgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fblog.paleohacks.com%2F&ds=l&xdt=1&iif=1&cor=10085145228626964000&adk=2228999115&idt=137&cac=0&dtd=19

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd0ca68e81ff1bab8be9add7a258d92b20e6aff9dc841cf21339ff405b002e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38654
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame A2A6 172 KB
61 KB 151ms
39ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/
Origin: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 19:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jul 2023 19:02:43 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230718/r20110914/elements/html/ Frame A2A6 11 KB
4 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230718/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APqFWTSESclT6_qW0z9uLUX8JtVl2tt2U0T1bnHL2w6ORGap4Cnu5RIkmoeTGXQqFjlzrjtFWAgmsuAV6dgujPn-wSMxILu3fCvWzfa50VYuV81eiTHatR-YD14kvjLwVVqobb833OExiiLr2euRXLNibXYGvdrRIuoOeKHLmKh_jdRy4&dbm_d=AKAmf-Co9FlgilYNE5pvP7852ncXMx3hgIyKwTQ7Hb0o-BXYip2St8XAUPgn6uCfcj_il_LKl8M60nZDqsRYGtpUVFMSJUNhGHcTHQqpAlVqidpwMAe_puo58sLTGvw_fvbh_hQoaCeyyxM6gfXpc6hwX1YwAAlv0GKolMc0onW8QJ-MmyzKaXM0OWrrbs1jAXLpVRb6d4aY3y_-h9hxsiTjh_FNH8BQpz61Exdu2L0E2JaTc5vCDzecU3Xla8abeNSdDEZ-aPvBAnK4nUhe0HzpzHSQj5Q89wA49zvJAvSHWtqd1ozV0e0B2t-QFGcwGy0X0s2MuF51jD1VxvgoL22zsQVl-2UFjz2fT8uul5xnsHOG9-EIcLinMeoy73QJP0rygleK_WFT3h4m8UNIddwQEZSP01TOKpDCab2Jv3u49MftW-I5366tQg3AKljShgzdG-WbFeX4DoAGcl8bjxNf50SDRtUmaqLsqQM_AqRefuy34yjEAsXi6RS2ycZhhbNcho0gje8YpfwKdefokWcy1jeK08-L8_OYkFl5sibldXHbszUG7MuRQLfWEwkHgYos2JlsyGzLdbh33yrJ8LPgRFmRFFWLb8Awl1ZDYVQAxKNTAu0vUKeu2O8Ve2-CMuXdOd4CmBoNxWcxy032dTa6UGBErJBmvc0baFfGUPOvLL9bDZrJ7M2A8SFAzwzCAl8AJR3RnpJbYXWPTTP_AhssJCJZznRFGnlV0TqSlCs4_6WwCGcGBPWFSjtoPFFv803NA2cY0C-a84Qkb3HM48cmWWhbNtwFOUoK7bFKeGA1mJVYITES5VUUeRJU4So8nj6oTtGESoDM_LUkq8AuMNvL8MWUM8ivrfzjNe4-5hsDe17cdvw7d6fs0R_YADtwg1UiEh3XGElqf4Rgi_z7m9lOFPjuvtyMPMmhQK9-r3p-kSi-BJXdvKVzSctRMRf8DPJGk8zJekauoAf3Hy3lCD612VX8ns-n6gmpIAI-RFkPvxcPCIFTzv1HPG_j_JvwgzfLIiPocK3v8--CWjgDzv8Mt8rLY8NgGrCpCxv7Q055Pe-DJP94laibI3sroeVeVK1bc6_sZTDdaoqaAX3otRmOOx8vi_kdzv6pug1q5S1fvY7buj6Brfl9poDLPJmOs5Fyi-phWG1MIm8VKG6ZYkt46wqcEMJgLV_x12U1qUGOzsRS9m3pzuYRZM-DRL2Xz-xKCtCj9NMhpaI17o6z8IcgTv4fwmzQLqkv43uz9ppMBRSmsH-iThCK46w8VH0O3H0uCN6CCoMirSvx-2uiJI3Kn0o01VNb0XkDRwlfHPcOHiC-pVfTe0Ok2xUqUsuXGjDSI_WWRyCOwnv4D6NhVBjqd2PytMGZKSylgZM_mWi5p01c0lfYiqGMYttpIIGkUX8E35FTxUIeOH_SfNAbfbbXBwoWyRT6ZqmVk5FBggjvry8eS2SpTOQxacggbrW-kBDgj2_rxD6Tf5VfWDHpNdETno93t6xpFZfR2D26ElHaF_Iy8PcLmdrOQPtiD9fikMOPEUX9sGEIcMyNPgpmScj4LyD6p-lIeGODLbcP8nAqZgm3-P3fh0Cnva8W_3Nfhvt4sUuq3O5MkXCnUlrjxux-ZTW8Yzfk_dUH1FzVWeCWX3JO81BqwHhqDL-OKT2xLHEejXNTgqREV99mO0532fMZp-z573IXPEpAwBU3noCeEgUzaVafUI2y2Hq6-XCVEogy9D6NqEhMLKTxHuUG8nTkTR5zYpZwQxx4texK5dzpINh20VsDmpah6Ym5aDlb5GlGWE40LXHJlDMk623ni8ZhZg-3QqMe-5t91BYdX3Yx1dvDxq4BzBRmBQ1tEOpMJJ-B0THlyt1SWJVt13a7Q3-hlkF8pK162zf6w3vyLA_785dkhWt5kqXhWmsvVYVt3s9kdzBSzPoDv0SNpni3Hy-jUd_gmy4Jhm3W0sESc93naEcWCUOhfnG-rE46PnngALiLZNLjePJ9j0orcDLKyQ-hEqGJlpFSvnrStoc6KXz1OTh30hFYii8qGBynaYT8h1pzGpkESl2ujGV7-ZQyxwsiFbiwKAt55DvZ-FfgZlOWYbRUhsvmrsVtJoobaBbQvDXbmWSpfO4UyLbFJ48-FX3MvBX-3Q2dlGnWieFBRJ5ssxUdj4DM8J5SOm6oydF811Xc0P4l2GOnDSSc1PlXK5WJ04WiUNSgdKz8jVNU8QB73ppvYyTlP6aGGdOcIGi1rDqBmhVcuCHrfPvxpVumbbudk1i8ihqOBVtHhtPvFUiU8Km3-z65uBLpuLWMHGjSRwOTXpBBbAcptmh87b2_tW0xcSEPbmdsypBo9CzhDmxJCQyngI4pVSI4SLHjtvlRMdHcZhWw6aSU6blwkxGMftZLj_M38G3_tId4ALO2HJnZj0N9AJESNjz_ep7UMC_LTSnkTohIs_OuByEefgUHq5JSloUPpRcyCNLSjN_v6Gg1lHMCNpRgqhzXf5XcyJNoXf1coaebVqNcyJFeZiDQ2qPZDKCHkymZMXOBWIXIbrmvfp31Nlqlu_zw_NbO21r797676OPXfLU5stPJZLTHoJESrZvRPcIXayLovkt6ofnvMkSZW-SUxTTcS1RwIm6wmWEU1vjgnH0OqM4L7s5GWdcLybxRO2RVUJCfvFawCEu6tGT6La_k6cjyivXhsmoJHDK0LlHKlGCKbKzglbJlWbuhljotqFHX9l0-Znzo8lbhYY5ZAXuZUjHaZak2EzcE0mj9GAwN4avYNGD3Ley2u7FcyCl8Ue-8PD0IEtr9nznJuIBWDS_CDPC4iFiECUbgTIkbpBIoIYENJ_4g-Xtmyygq5mwzQ1n_v4aTbQAhBu2n46g1vcuJs7SIdZue1P2uFRbIVSenQ7V73F6sEeAUadGzLXv6IXp7f2MD3AHQOe6X0JR9rdom9HbROAPvJsPDMpTnVk17lRB5qmk0Gyxf43wY6ESgUe1_BryrfHmnDUQ_owL_YtzGXo0iUrmDhGwt8gpeoAi7SD89ukY_rd2jV-YcEgu0lxjE25XvWTpT-87EnFeqXvYHQcycRgrvz9Gmx7hCyFigSEBLughLrZGQpakAR2XekRJSabrQBQgd5_siM4ne0sIA6Qg4BU6GXXIlWpGc3fzRPGn6eUV0lwVLH1zaCsiCjrvZh0VqMcMr_nNSYapcPioq6zvoUaitzOQl5gH1SHA0-4l8MvHxkOANAlmQ6XqUGyDe7vJ1w4ZlixfqywJpwDl66G8FzRqdtieY0FitsHuR78uCzO0WFH2JAJbM5dbiWyjI3RYaN8hcrZxoWEGkQO-io_3Zy3Y19owOYmL-cO8rBik9oo28yz3BjkBqkOyowJ_KP6ZoZiG73uDj26r6iOSvwOoRgCcwwhtQTVPwFmq7UAxq60tcXOwMtPe1HK2D8QnxUofirEIkT3EdRW5YQHdzlhZ-gzqNDh1oePOWhk_FzCbuAyWZX1tjAba23GUgYDRyG85kHno9sphzg-L01EEyNycC4rcBQxTcOX1FM4cbbOcP&cid=CAQSPABpAlJW7A0XedimL1_1FLVhj0bp4zHEwwdzUPanqwBErPc53ZlGo5oc_WIOmy7lvMhTz5SIZ7Wm5ZOinBgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fblog.paleohacks.com%2F&ds=l&xdt=1&iif=1&cor=10085145228626964000&adk=2228999115&idt=137&cac=0&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 14:38:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22357
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 14:38:04 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230718/r20110914/ Frame A2A6 30 KB
11 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230718/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cf6b0041792515d9036fad75e278ddc885672587d77908729cc9b5d66ca3dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 14:38:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22357
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11528
x-xss-protection: 0
server: cafe
etag: 1206305422853166885
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 14:38:04 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A2A6 41 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 17:29:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12075
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jul 2024 17:29:26 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CBBF 1 KB
643 B 40ms
40ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com
URL: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31587
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 12:04:14 GMT
etag: 48472445140208031
expires: Thu, 20 Jul 2023 12:04:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A2A6 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a88d91cf92eb6234c20e22f94fd80207b737dcadc964054af28096b75e9914e3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 80CA 22 KB
8 KB 41ms
39ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 121793
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 11:00:48 GMT
expires: Wed, 17 Jul 2024 11:00:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame CBBF 0
104 B 168ms
81ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEL3T_aa6VXwZBZUZLw-q04g&google_cver=1&google_push=AaAOQGFlH6X8k5kAxuPosKcsBJfbg_gaxmeRb110e54BZDV38VC0oNkby5DoGd5bTIMJHpalAp-UFf5TFv0GF2gSRgDBbEQ-1y4sD7OlVoFs6_VMAmTFm5g5kO21gn31D4R0HNK3zPTvLKhTW-w
Requested by: Host: fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com
URL: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:41 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CBBF
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMDyiCcoq196_h9iEf8a-CI&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMDyiCcoq196_h9iEf8a-CI&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MDFPSzZ0RXIxUW1lODk1&google_gid=CAESEMDyiCcoq196_h9iEf8a-CI&google_cver=1&google_push=AaAOQGEf9pFL9zO7lEviXNeuGK7OH3KXpwoHzf_ylGjs97z...

170 B
188 B

51ms
51ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MDFPSzZ0RXIxUW1lODk1&google_gid=CAESEMDyiCcoq196_h9iEf8a-CI&google_cver=1&google_push=AaAOQGEf9pFL9zO7lEviXNeuGK7OH3KXpwoHzf_ylGjs97zuO5u1zHv3JMfT6lSmeSU0tEaLl0O-1p18kxyocYL6XUrzByWP3zOAelcasVQOc5IZgZz5qwDU0WPfsLTm-VCwWElZ3ZqC3m7GTrk

Requested by

Host: fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com
URL: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 19 Jul 2023 20:50:41 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-783-g46ba6fe#rel-ec2-master i-0d2a77f9c6d8820ba@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MDFPSzZ0RXIxUW1lODk1&google_gid=CAESEMDyiCcoq196_h9iEf8a-CI&google_cver=1&google_push=AaAOQGEf9pFL9zO7lEviXNeuGK7OH3KXpwoHzf_ylGjs97zuO5u1zHv3JMfT6lSmeSU0tEaLl0O-1p18kxyocYL6XUrzByWP3zOAelcasVQOc5IZgZz5qwDU0WPfsLTm-VCwWElZ3ZqC3m7GTrk
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CBBF
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJd1xiilQmjTgGgOG74fnY4&google_cver=1&google_push=AaAOQGGtnvPdgvvsoJHmmFMxSQ4yWG_9reK-PP6-CB-RFKZz3oVZ1ndGWighueWAcX6KL3xDqKd8yl7q_Yk6TDQq...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGGtnvPdgvvsoJHmmFMxSQ4yWG_9reK-PP6-CB-RFKZz3oVZ1ndGWighueWAcX6KL3xDqKd8yl7q_Yk6TDQqhoxOJsABtySxFoMWmLhnTTyijyQafJ...

170 B
188 B

51ms
50ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGGtnvPdgvvsoJHmmFMxSQ4yWG_9reK-PP6-CB-RFKZz3oVZ1ndGWighueWAcX6KL3xDqKd8yl7q_Yk6TDQqhoxOJsABtySxFoMWmLhnTTyijyQafJLo_hRmVcpxJ7VgZ7iuE36bWGKMmaA

Requested by

Host: fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com
URL: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 19 Jul 2023 20:50:41 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x26 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGGtnvPdgvvsoJHmmFMxSQ4yWG_9reK-PP6-CB-RFKZz3oVZ1ndGWighueWAcX6KL3xDqKd8yl7q_Yk6TDQqhoxOJsABtySxFoMWmLhnTTyijyQafJLo_hRmVcpxJ7VgZ7iuE36bWGKMmaA
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 19 Jul 2023 20:50:40 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CBBF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFs5q_stfJIJk5RGRT9Wbis&google_push=AaAOQGG714p7H2i8PoJo0-relndBEzFkuJw8rnq50pnq-MgbPoX71YZGO_...

170 B
188 B

50ms
50ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFs5q_stfJIJk5RGRT9Wbis&google_push=AaAOQGG714p7H2i8PoJo0-relndBEzFkuJw8rnq50pnq-MgbPoX71YZGO_2UkXcBNVSy4xieDpfzlTNmDDuZjbhk6cNxVQbZ2uS_w0lJb6-HWUw7yMqOordEwul88vIUWA-DPke5gNmwHBntvWo

Requested by

Host: fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com
URL: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220090-FRA
pragma: no-cache
date: Wed, 19 Jul 2023 20:50:42 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1689799842.923801,VS0,VE90
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFs5q_stfJIJk5RGRT9Wbis&google_push=AaAOQGG714p7H2i8PoJo0-relndBEzFkuJw8rnq50pnq-MgbPoX71YZGO_2UkXcBNVSy4xieDpfzlTNmDDuZjbhk6cNxVQbZ2uS_w0lJb6-HWUw7yMqOordEwul88vIUWA-DPke5gNmwHBntvWo
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CBBF
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEF-HnUUOL5DdnDwEx38wj-8&google_cver=1&google_push=AaAOQGGIn3JVxC1QUwEu9OyWGwa2cbzAeNFq9iZF9Mm4UC_j62bd9QbEuq_t-GbI_lYWO6yoIh_qEYrMvgxrm4GwOan4mt4...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGGIn3JVxC1QUwEu9OyWGwa2cbzAeNFq9iZF9Mm4UC_j62bd9QbEuq_t-GbI_lYWO6yoIh_qEYrMvgxrm4GwOan4mt4hQmpOKSAwlX89dQcwdLRxWomJlhoaH_PV_nukP...

170 B
188 B

51ms
50ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGGIn3JVxC1QUwEu9OyWGwa2cbzAeNFq9iZF9Mm4UC_j62bd9QbEuq_t-GbI_lYWO6yoIh_qEYrMvgxrm4GwOan4mt4hQmpOKSAwlX89dQcwdLRxWomJlhoaH_PV_nukPNDM1-Yde54K1w&google_hm=eS1CNGQueXZoRTJwSFFuUUp4ckp0WXNTTnJMTGliSUxpYX5B

Requested by

Host: fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com
URL: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 19 Jul 2023 20:50:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGGIn3JVxC1QUwEu9OyWGwa2cbzAeNFq9iZF9Mm4UC_j62bd9QbEuq_t-GbI_lYWO6yoIh_qEYrMvgxrm4GwOan4mt4hQmpOKSAwlX89dQcwdLRxWomJlhoaH_PV_nukPNDM1-Yde54K1w&google_hm=eS1CNGQueXZoRTJwSFFuUUp4ckp0WXNTTnJMTGliSUxpYX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CBBF
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEG9OABlzphmEvrebzc-zmIA&google_cver=1&google_push=AaAOQGHNGk7jGCa1hUjw5MiR6Xn-kIy4i_5dng8yLbP9BRubE4DJeY2yMR9h2g8ScF-U9BL_8z3tIPUza7HcyDzvNB0Ro4u...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEG9OABlzphmEvrebzc-zmIA&google_cver=1&google_push=AaAOQGHNGk7jGCa1hUjw5MiR6Xn-kIy4i_5dng8yLbP9BRubE4DJeY2yMR9h2g8ScF-U9BL_8z3tIPUza7HcyDzvNB0Ro...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHNGk7jGCa1hUjw5MiR6Xn-kIy4i_5dng8yLbP9BRubE4DJeY2yMR9h2g8ScF-U9BL_8z3tIPUza7HcyDzvNB0Ro4u5uruFmKD...

170 B
188 B

51ms
51ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHNGk7jGCa1hUjw5MiR6Xn-kIy4i_5dng8yLbP9BRubE4DJeY2yMR9h2g8ScF-U9BL_8z3tIPUza7HcyDzvNB0Ro4u5uruFmKDBZB5WCS5S2ZmhkHSQiGjsEE2tckCUCYgVi2sNbb7VMA

Requested by

Host: fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com
URL: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHNGk7jGCa1hUjw5MiR6Xn-kIy4i_5dng8yLbP9BRubE4DJeY2yMR9h2g8ScF-U9BL_8z3tIPUza7HcyDzvNB0Ro4u5uruFmKDBZB5WCS5S2ZmhkHSQiGjsEE2tckCUCYgVi2sNbb7VMA
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame CBBF 43 B
363 B 167ms
49ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3D%25%25GOOGLE_PUSH%25%25&google_gid=CAESEEiZVuNApO6PCoSg8xZcANw&google_cver=1&google_push=AaAOQGGArk1Lw5qz9WBVXfMbrKBbz0pVwnTVNlOxK9EWzBNS0fmpi6wInPdiCtRNNcnm6AMlamB_tBVhpnKQGvFHWmD5OLOK56i5UEonxGF0IlwnH6lC4PghhEfEyNpKAIewndhNdhKdfTiuzeg

Requested by

Host: fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com
URL: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:41 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 201909
expires: Wed, 19 Jul 2023 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CBBF 0
12 B 49ms
48ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JQ2MSgqe9fbHejEBuQZp5lLiX_gCVfCC9ZJn8kNMG1-KI7IAp5qgmKzPTexoIQ5_zmPMvr

Requested by

Host: fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com
URL: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 80CA 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf821ac997d7f3c657dbf118b7de0675820f37b449ab5186a96356112ca6a0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 13:53:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jul 2024 13:53:16 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9180998392321354284/ Frame 6668 671 B
438 B 130ms
49ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9180998392321354284/index.html?e=69&leftOffset=0&topOffset=0&c=EGEOarzuIp&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ede5cfe5cd85ffdb96cb1fe0cfd5632a40fd4a5fb7f2ee2f4666c937a35e1611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 410
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 20:50:42 GMT
expires: Thu, 18 Jul 2024 20:50:42 GMT
last-modified: Mon, 10 Jul 2023 11:51:54 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A2A6 0
0 205ms
85ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstrhS28-EHAvGzu3Gt20kYG0F3LHAcolKA60z51HSRL1XiuZc-0cPvNHvrp2f0pLSLzyP1ESCJXpVuJZeEnqR03CBxenNJgClTSDvmM9Iyso30BkCEp49pWaOa-0Y20nkcRN4l-EtrFM_svQE4CTK7oEZy4vN63oqUYxKwwAwKR4yUSeGIZC9sGrL9TbT2_ycFDbbzliFm_NibzoEbIFKeFs3O9FwrSaFnmrRssmcGmoCsKBq1pyWqSJSOVRZOM_Pgffk41fGaEPOOGtZg-JEPmgAy_8I0VddmbSdERGlhYzidkC9uhtubNEKMOzev9Sc8O95OnnTZk5brniMyJ8hmq1eVi93iT4b96Zio5oBcrtfPoT5k5eh6Y21qIIKwlRx2lRbIuZ3lZDioNNQ6JBvQg588U_F18bpEbFjg0RJ0h6eV5NHARtrjgXCRr_cq65XBvLaAmexoypgX5fpJQZSojOGBPMwohUvGX0zAgOKedJRCyKJmIIQ-EDiI1fYuenAro76twwJW-isa0lan13B68rr7jU1RRwkhtIpW1tmVEhD-9PTQLi5InUfPE93FnSDH4uLtpENs3uWbHdkRSgYQYXcCfl1IcTDXf8fkJONQxn_XzI5i08064WL9m2BCfE8vvAlEcdxEemxElKLZwEAjanIYcneG7LHwieIMvEWgy5vZD5y5rbE4hVjMpzMSJRNbRZ8QMECiw-GjPCzfiW3ymRvOjM9hqXU9scwayqJFCkJEnhGXtlArlmZ08vsOiSScjeZnvtcpB3luZBKsisRsrmbuDfE9gx3I4W5482f9Bh-t9JkSuvcME_S7rJi9Y3aRok-z_i5-ZJ4LgLDOxDvy-O50acjsIBLrrNp6ZOhns8I8ve3tRNIm9-tlbHaW26ri8Lcyr38MwtVkR6tu3ByXO0JywXb4K0dvzIElTXxQOV9o-ssYlGTCd1P1e-eiA9RYAnJ-iHl-PoYdY9uf0BFbbHpxGw26fPISozITjaezQC3uptpjckSnNt0H5t62p2wXmrnJ3bK8HeuO0b2aNTxLbPjCTX1-4iaINA-QriPrJYg_S2ahwpfYvjkREdURvP9urpUIEKtsfUDzipVY47ZlpzvbocPcuIlMYRfd4wP0n1TuFlH1xwcs-fX-d65C4DOsjXGdKyWgZpflMaikaXrJwdDxlZmWPkHjiJReMGp3dqdSfemIOObdC1QuQY-j-Snr8LRionIoNMW2wYY9kxpPLRgeUVGMIdBE4woLkR5x0ebNk1jM_B8Pxc3YgzBz_SI_012srShhFw3rX0M4ldoCPVAZu&sai=AMfl-YTC9G9SQNu9-4QyVfvxmWNy1JlIymFiFduoomKV4FujUV0KHaIGTtbcz-TOKs7YDdGOCjhtX5zxnlqzR_SFEjT-qYqAe5zoOYCZsqAdvdPo36tYGpe5NHvDgU7IJY6weW7J3Qw1WpT5jJZSvvVVC1-Y_MFPoR0zsyOPAfQTefoDZcHjccS5haw7kzATsPuBZ7nZTwEHPxpl9nEisicNefYaGKb1cWzkmGjDtUzti7qKmwBDGFxEn9DM93PvJgDLecj0650&sig=Cg0ArKJSzGbPmFA6ImN5EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=245&cbvp=1&cstd=235&cisv=r20230718.39226&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 19 Jul 2023 20:50:42 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 19 Jul 2023 20:50:42 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 80CA 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlV6ooUy4ZJLBJrvqx_APs8WdwAcAAAAAOAHgBAI&bg=!bW6lbjrNAAa3SiIRl0o7ADkAdvg8WuzbrFmLPZUikSduuAwqUHdLch0hFF5ClAirn9QYs5mydDRUF37sQ97-HuMZUvL8AoiZSw0CAAAAaFIAAAAEaAEHmQLxzH3Sq4E0N8-u_rqH0OQ6epH8MNoiwPQJ0sUJoMPvmSs6T0etOKZoAZJs_ogLh8GhNvrLE_tZAbKAYVg34UF9us4Ih4WMm8vSJn84sG1N0WISpt6mz3pYn43R_Gpf3n0sdrjh5xYpZKcEZn6bu50ezbg8SHfLr7PG0BoCwuKGe5gPs6vr3i9jPHFCCUBl8Al9e_rAsVHJLU8KQ2K-tykUnCITMBzi_996sE5vq-0t3bj6UaEg1HEmsbq0jutBg2Fy3e6P86OXRhuOdZgNE2P-Obg5kEAacytqVtGqvq3fA3E6a6d_PtOOkEYRa3JQ-RR3TstW5bUeRqP4AT765MDZUwQxUzT6CoDY8eBgHjKM_FAm83WPk35ueJDQVvYIjBlXIYT_SRJPDI40kkTBfGw5kpYboRvPrOAShHazih1pYv5Cm7lMgelaCicTEaUF8ofSK7WpmSRFCoS0QrZ91ueKAVuP710B2TXtSy05N2MfCyqMfiFG7sr5Sp5xPshdo6NWG1OZW2FYNILgRebm65zPEhA0t7CZ2wEKlB08RhJLrS2A6Fnx431QHGDCQ4eWRuWXcXFFrOfb_PsPMf1LPhtIrF1a0NdTWwh-Z_Snk5lko_pOzZRELQnFy44EKXC5f9Z-uqUuubOJHaOhy3oHuskvNo7JzUoQ9D-1OGFLMZPT1Sn_4fw1Sny0KLiS8y6PnhW8-zoA-jGJ-F674Hc7YH2SaY13fYsmxUpnDalrK9sXhqO4YvppzbhaY_2IkBSfmLdtKweLyjqUGmEXxqFxbgGWozkKKaprPT9vrowDRkwTnPjqX8E9BV2VjMUD3edS_HWarBW9CMSlsPjF3fAzj3uz8PcLi9SPesljkOJVCp1uG9xRu4WjkNLFfSvXhKhRGmLhnKaujU54hhiUZZ7570-lfrhhhrZCxJE6mQe8Rt1wuyECrKilI1jZwXkHw9Ekuk_wwGZi0y-IQnE-qnW1kzXVuK72ZHX5vMXnK0svjPI_oK-k

Requested by

Host: fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com
URL: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 6668 120 KB
41 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9180998392321354284/index.html?e=69&leftOffset=0&topOffset=0&c=EGEOarzuIp&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9180998392321354284/index.html?e=69&leftOffset=0&topOffset=0&c=EGEOarzuIp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 13:53:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25059
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jul 2023 13:53:03 GMT

GET
H3 200 template-43bf74fd.js Show response
s0.2mdn.net/sadbundle/9180998392321354284/ Frame 6668 40 KB
14 KB 59ms
59ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9180998392321354284/template-43bf74fd.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9180998392321354284/index.html?e=69&leftOffset=0&topOffset=0&c=EGEOarzuIp&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1083d32b6bd31c5bb8b662eb0bd3840484d66a62b699da6acd56b83f7ba05a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9180998392321354284/index.html?e=69&leftOffset=0&topOffset=0&c=EGEOarzuIp&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 11:52:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205085
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13999
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 11:51:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jul 2024 11:52:37 GMT

GET
H3 200 index-09647504.css
s0.2mdn.net/sadbundle/9180998392321354284/ Frame 6668 4 KB
1 KB 43ms
42ms Stylesheet
text/css 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9180998392321354284/index-09647504.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9180998392321354284/index.html?e=69&leftOffset=0&topOffset=0&c=EGEOarzuIp&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09647504671a7ef9bb925c74c26e6be969edc1ded8ef8a94aa4b1ab1cdfc60af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9180998392321354284/index.html?e=69&leftOffset=0&topOffset=0&c=EGEOarzuIp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 11:52:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205085
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1375
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 11:51:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jul 2024 11:52:37 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A2A6 0
0 78ms
77ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstrhS28-EHAvGzu3Gt20kYG0F3LHAcolKA60z51HSRL1XiuZc-0cPvNHvrp2f0pLSLzyP1ESCJXpVuJZeEnqR03CBxenNJgClTSDvmM9Iyso30BkCEp49pWaOa-0Y20nkcRN4l-EtrFM_svQE4CTK7oEZy4vN63oqUYxKwwAwKR4yUSeGIZC9sGrL9TbT2_ycFDbbzliFm_NibzoEbIFKeFs3O9FwrSaFnmrRssmcGmoCsKBq1pyWqSJSOVRZOM_Pgffk41fGaEPOOGtZg-JEPmgAy_8I0VddmbSdERGlhYzidkC9uhtubNEKMOzev9Sc8O95OnnTZk5brniMyJ8hmq1eVi93iT4b96Zio5oBcrtfPoT5k5eh6Y21qIIKwlRx2lRbIuZ3lZDioNNQ6JBvQg588U_F18bpEbFjg0RJ0h6eV5NHARtrjgXCRr_cq65XBvLaAmexoypgX5fpJQZSojOGBPMwohUvGX0zAgOKedJRCyKJmIIQ-EDiI1fYuenAro76twwJW-isa0lan13B68rr7jU1RRwkhtIpW1tmVEhD-9PTQLi5InUfPE93FnSDH4uLtpENs3uWbHdkRSgYQYXcCfl1IcTDXf8fkJONQxn_XzI5i08064WL9m2BCfE8vvAlEcdxEemxElKLZwEAjanIYcneG7LHwieIMvEWgy5vZD5y5rbE4hVjMpzMSJRNbRZ8QMECiw-GjPCzfiW3ymRvOjM9hqXU9scwayqJFCkJEnhGXtlArlmZ08vsOiSScjeZnvtcpB3luZBKsisRsrmbuDfE9gx3I4W5482f9Bh-t9JkSuvcME_S7rJi9Y3aRok-z_i5-ZJ4LgLDOxDvy-O50acjsIBLrrNp6ZOhns8I8ve3tRNIm9-tlbHaW26ri8Lcyr38MwtVkR6tu3ByXO0JywXb4K0dvzIElTXxQOV9o-ssYlGTCd1P1e-eiA9RYAnJ-iHl-PoYdY9uf0BFbbHpxGw26fPISozITjaezQC3uptpjckSnNt0H5t62p2wXmrnJ3bK8HeuO0b2aNTxLbPjCTX1-4iaINA-QriPrJYg_S2ahwpfYvjkREdURvP9urpUIEKtsfUDzipVY47ZlpzvbocPcuIlMYRfd4wP0n1TuFlH1xwcs-fX-d65C4DOsjXGdKyWgZpflMaikaXrJwdDxlZmWPkHjiJReMGp3dqdSfemIOObdC1QuQY-j-Snr8LRionIoNMW2wYY9kxpPLRgeUVGMIdBE4woLkR5x0ebNk1jM_B8Pxc3YgzBz_SI_012srShhFw3rX0M4ldoCPVAZu&sai=AMfl-YTC9G9SQNu9-4QyVfvxmWNy1JlIymFiFduoomKV4FujUV0KHaIGTtbcz-TOKs7YDdGOCjhtX5zxnlqzR_SFEjT-qYqAe5zoOYCZsqAdvdPo36tYGpe5NHvDgU7IJY6weW7J3Qw1WpT5jJZSvvVVC1-Y_MFPoR0zsyOPAfQTefoDZcHjccS5haw7kzATsPuBZ7nZTwEHPxpl9nEisicNefYaGKb1cWzkmGjDtUzti7qKmwBDGFxEn9DM93PvJgDLecj0650&sig=Cg0ArKJSzGbPmFA6ImN5EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=474&vt=11&dtpt=229&dett=3&cstd=235&cisv=r20230718.39226&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/contact-us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 19 Jul 2023 20:50:42 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6668 7 KB
6 KB 83ms
83ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d65165bc97cfd3ca4d71f2780b1daab90570a4b5b7c392854ab3d1b6a7adb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0

GET
H3 200 06232023-053002206-background_quadratisch.png
s0.2mdn.net/4528404/ Frame 6668 28 KB
28 KB 45ms
44ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/06232023-053002206-background_quadratisch.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4338b399e437bda69b997b7de46a7869b9244a1f7cebc91ddaf57329c41e7ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9180998392321354284/index.html?e=69&leftOffset=0&topOffset=0&c=EGEOarzuIp&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 17:24:56 GMT
x-content-type-options: nosniff
age: 12346
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28774
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 12:30:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jul 2023 17:24:56 GMT

GET
H3 200 annick_sitzend.png
s0.2mdn.net/4528404/ Frame 6668 2 MB
2 MB 53ms
52ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/annick_sitzend.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7327225cdf3eb28cd7f8ed4ab98de9d079fe2f007c3d73fd58dc4c757cf6b4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9180998392321354284/index.html?e=69&leftOffset=0&topOffset=0&c=EGEOarzuIp&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 08:00:01 GMT
x-content-type-options: nosniff
age: 46241
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2539328
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 12:30:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jul 2023 08:00:01 GMT

GET
H3 200 congstar-stoerer_gb-plus_full.svg
s0.2mdn.net/4528404/1687525202405/ Frame 6668 4 KB
2 KB 44ms
43ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687525202405/congstar-stoerer_gb-plus_full.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd5e51e4be28957472ed34851536685ff162bb43dec37c9a7be46de1c1b72ee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9180998392321354284/index.html?e=69&leftOffset=0&topOffset=0&c=EGEOarzuIp&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1929
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 13:00:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jul 2023 20:13:13 GMT

GET
H3 200 logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame 6668 5 KB
2 KB 53ms
52ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687521602712/logo.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9180998392321354284/index.html?e=69&leftOffset=0&topOffset=0&c=EGEOarzuIp&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 08:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46242
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 12:00:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jul 2023 08:00:00 GMT

GET
H3 200 cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame 6668 2 KB
1 KB 52ms
51ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9180998392321354284/index.html?e=69&leftOffset=0&topOffset=0&c=EGEOarzuIp&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 08:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46242
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1134
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 07:30:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jul 2023 08:00:00 GMT

GET
H3 200 congstar-stoerer_gb-plus_small.svg
s0.2mdn.net/4528404/1687525202075/ Frame 6668 2 KB
1000 B 51ms
50ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687525202075/congstar-stoerer_gb-plus_small.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644aace6e359180bf6b29b4a7b172f7b6cb8c937fa531eed22a6447fab6a2c8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9180998392321354284/index.html?e=69&leftOffset=0&topOffset=0&c=EGEOarzuIp&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 974
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 13:00:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jul 2023 20:13:13 GMT

GET
H3 200 logo-d0d80991.svg
s0.2mdn.net/sadbundle/9180998392321354284/ Frame 6668 5 KB
2 KB 51ms
50ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9180998392321354284/logo-d0d80991.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9180998392321354284/index.html?e=69&leftOffset=0&topOffset=0&c=EGEOarzuIp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98373
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 11:51:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Jul 2024 17:31:09 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6668 17 KB
6 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 20:50:42 GMT

GET
H3 200 z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 54D1 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf821ac997d7f3c657dbf118b7de0675820f37b449ab5186a96356112ca6a0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 13:53:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jul 2024 13:53:16 GMT

GET
H3 200 InterstateCondensedBlack.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 6668 14 KB
14 KB 45ms
44ms Font
font/woff2 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensedBlack.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9180998392321354284/index-09647504.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9180998392321354284/index-09647504.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:45:59 GMT
x-content-type-options: nosniff
age: 283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14644
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 09:13:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Jul 2023 21:00:59 GMT

GET
H3 200 InterstateCondensed.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 6668 28 KB
28 KB 43ms
42ms Font
font/woff2 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensed.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9180998392321354284/index-09647504.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9180998392321354284/index-09647504.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:45:42 GMT
x-content-type-options: nosniff
age: 300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28596
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 09:13:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Jul 2023 21:00:42 GMT

GET
H3 200 06232023-053002206-background_quadratisch.png
s0.2mdn.net/4528404/ Frame 6668 28 KB
28 KB 40ms
39ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/06232023-053002206-background_quadratisch.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4338b399e437bda69b997b7de46a7869b9244a1f7cebc91ddaf57329c41e7ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9180998392321354284/index.html?e=69&leftOffset=0&topOffset=0&c=EGEOarzuIp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 17:24:56 GMT
x-content-type-options: nosniff
age: 12346
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28774
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 12:30:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jul 2023 17:24:56 GMT

GET
H3 200 annick_sitzend.png
s0.2mdn.net/4528404/ Frame 6668 2 MB
2 MB 41ms
40ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/annick_sitzend.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7327225cdf3eb28cd7f8ed4ab98de9d079fe2f007c3d73fd58dc4c757cf6b4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9180998392321354284/index.html?e=69&leftOffset=0&topOffset=0&c=EGEOarzuIp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 08:00:01 GMT
x-content-type-options: nosniff
age: 46241
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2539328
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 12:30:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jul 2023 08:00:01 GMT

GET
H3 200 congstar-stoerer_gb-plus_full.svg
s0.2mdn.net/4528404/1687525202405/ Frame 6668 4 KB
2 KB 41ms
41ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687525202405/congstar-stoerer_gb-plus_full.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd5e51e4be28957472ed34851536685ff162bb43dec37c9a7be46de1c1b72ee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9180998392321354284/index.html?e=69&leftOffset=0&topOffset=0&c=EGEOarzuIp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 20:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1929
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 13:00:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jul 2023 20:13:13 GMT

GET
H2 200 dc_oe=ChMI0pW1-tKbgAMVO_URCB2zYgd4EAAYACCq2oNdQhMIxezA-dKbgAMVgnnTCh2rAQgh;stragg=1;&timestamp=1689799842611;str=nextSlide;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame A2A6 42 B
401 B 198ms
75ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI0pW1-tKbgAMVO_URCB2zYgd4EAAYACCq2oNdQhMIxezA-dKbgAMVgnnTCh2rAQgh;stragg=1;&timestamp=1689799842611;str=nextSlide;strtype=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI0pW1-tKbgAMVO_URCB2zYgd4EAAYACCq2oNdQhMIxezA-dKbgAMVgnnTCh2rAQgh;stragg=1;&timestamp=1689799842612;str=nextSlide;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame A2A6 42 B
107 B 198ms
76ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI0pW1-tKbgAMVO_URCB2zYgd4EAAYACCq2oNdQhMIxezA-dKbgAMVgnnTCh2rAQgh;stragg=1;&timestamp=1689799842612;str=nextSlide;strtype=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
373 B 179ms
73ms XHR
application/json 35.186.241.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1689799842618

Requested by

Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

51.241.186.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Wed, 19 Jul 2023 20:50:42 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://blog.paleohacks.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 24
access-control-allow-headers: X-Requested-With
content-length: 25
alt-svc: clear

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A2A6 42 B
64 B 84ms
84ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssA-U1nQIqLhFs8OcwUTEKx5miFu1aLxlqLRLkIBSXes88dxHF7Hx2AaubcMOz1QU3W-2i5vUCJgamnMrjXMloCDDdZni9amLyBOquMtwYEccxEHMG5Z0Uz-tKAn9OXnF9nvVWWQp05H80p&sai=AMfl-YT7H4PyDBEBu2MBeEth7JYCyfLIHEzKaZOCAN---_H30tzvrN4fYxaZd_f7YPBxBQ9KOiQC2C1hq_V8lMCvFZ6RxuRygHv9SVZf9Lsq26Gcnko_hT7VPoiryv8W&sig=Cg0ArKJSzF4gGVvP2otbEAE&cid=CAQSPABpAlJW7A0XedimL1_1FLVhj0bp4zHEwwdzUPanqwBErPc53ZlGo5oc_WIOmy7lvMhTz5SIZ7Wm5ZOinBgB&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230717&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2912191614&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689799841386&rpt=384&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A2A6 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7768427957143&version=m202306200101&ct=76&x=1&cor=10085145228626964000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 20:50:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 90f1d619-be9a-4fa0-8e2c-f0f18a8501ff
URL: moz-extension://90f1d619-be9a-4fa0-8e2c-f0f18a8501ff/js/app.js

Domain: api.ipify.org
URL: https://api.ipify.org/?format=json

Domain: api.ipify.org
URL: https://api.ipify.org/?format=json

Verdicts & Comments Add Verdict or Comment

225 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
blog.paleohacks.com/contact-us	1969-12-31 23:59:59	Name: phvid Value: 155665224
links.paleohacks-mailing.com/	1970-01-20 13:24:03	Name: _session_id Value: 8acc28ff9f9ff8015270679852fe8071
.paleohacks.com/	1970-01-20 22:59:19	Name: _ga_QMKQQWEFHC Value: GS1.1.1689799837.1.0.1689799837.60.0.0
.paleohacks.com/	1970-01-20 15:32:55	Name: _fbp Value: fb.1.1689799837549.539459098
.paleohacks.com/	1970-01-20 22:59:19	Name: _ga Value: GA1.2.221760506.1689799838
.paleohacks.com/	1970-01-20 13:24:46	Name: _gid Value: GA1.2.1563726620.1689799838
.paleohacks.com/	1970-01-20 13:23:19	Name: _gat_UA-42752472-1 Value: 1
.paleohacks.com/	1970-01-20 22:08:55	Name: mp_094f94d6c32bfa82583bca2dbfc9eb1a_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A1896feb4795868-0dcdff4c02d13d-17333771-1d4c00-1896feb4795868%22%2C%22%24device_id%22%3A%20%221896feb4795868-0dcdff4c02d13d-17333771-1d4c00-1896feb4795868%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.paleohacks.com/	1970-01-20 13:23:19	Name: _dc_gtm_UA-81910700-1 Value: 1
.paleohacks.com/	1970-01-20 22:59:19	Name: __attentive_id Value: 95b9efd6ddcc4a4e97ec31d9e1246b00
.paleohacks.com/	1970-01-20 22:59:19	Name: _attn_ Value: eyJ1Ijoie1wiY29cIjoxNjg5Nzk5ODM3ODI0LFwidW9cIjoxNjg5Nzk5ODM3ODI0LFwibWFcIjoyMTkwMCxcImluXCI6ZmFsc2UsXCJ2YWxcIjpcIjk1YjllZmQ2ZGRjYzRhNGU5N2VjMzFkOWUxMjQ2YjAwXCJ9In0=
blog.paleohacks.com/	1970-01-20 22:59:19	Name: __attentive_cco Value: 1689799837826
.blog.paleohacks.com/	1970-01-20 22:08:55	Name: _pin_unauth Value: dWlkPU9UWmhaV0l3Wm1FdFlqbGtNQzAwTXpOakxUZzNNVGd0TXpNMFpUUTRaVGMwWXpaag
.paleohacks.com/	1970-01-20 13:23:21	Name: __attentive_pv Value: 1
.paleohacks.com/	1970-01-20 13:23:21	Name: __attentive_ss_referrer Value: ORGANIC
.paleohacks.com/	1970-01-20 13:24:46	Name: __attentive_dv Value: 1
blog.paleohacks.com/	1970-01-20 14:06:31	Name: ph-popup Value: shown
blog.paleohacks.com/	1970-01-20 14:06:31	Name: advanced_ads_pro_server_info Value: %7B%22vc_cache_reset%22%3A0%7D
.doubleclick.net/	1970-01-20 22:44:55	Name: IDE Value: AHWqTUnePr_fzHEmGogSAdy8WsANqrTcIQcMNMBnAQBOCFi1GAexqOX0LHDvI0yNWL4
.paleohacks.com/	1970-01-20 22:44:55	Name: __gads Value: ID=bd7ce3642064d851:T=1689799839:RT=1689799839:S=ALNI_MZ2Y-e0E-ItiOVrSE81MH2KREGOTg
.paleohacks.com/	1970-01-20 22:44:55	Name: __gpi Value: UID=00000c6cbd6c5172:T=1689799839:RT=1689799839:S=ALNI_MZ1J9ZIBGHEMpCkIiFirkMYYEI2rA
.casalemedia.com/	1970-01-20 22:08:55	Name: CMID Value: ZLhModCJ6AmXwwj5R5MIxgAA
.casalemedia.com/	1970-01-20 15:32:55	Name: CMPS Value: 5260
.casalemedia.com/	1970-01-20 15:32:55	Name: CMPRO Value: 5260
.doubleclick.net/	1970-01-20 17:42:31	Name: APC Value: Aa3gxNpZDlaQf4-Sv3fsotRpmdE9n7mInJQqf7ibwNesZgGjIRZGjQ
.adnxs.com/	1970-01-20 15:32:55	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>8j#T8U!]tbPl1M>e)ZlrFUfJ+tGXxouGM^@xB0>j8CyJ+L:Cv?@BHCP(b#q4R(!xVs3If)y3KL9D3I?+PF/<+_
.mathtag.com/	1970-01-20 14:06:31	Name: mt_mop Value: 4:1689799841
.adnxs.com/	1970-01-20 15:32:55	Name: uuid2 Value: 1759513922174892559
.de17a.com/	1970-01-20 22:01:43	Name: guid Value: 1.7179390685037289048
.yahoo.com/	1970-01-20 22:09:17	Name: A3 Value: d=AQABBKFMuGQCED2ipLp9G5_D-NVLI4KwD3cFEgEBAQGeuWTCZAAAAAAA_eMAAA&S=AQAAAonp2Em_ACSAx-D4eoswKes
.w55c.net/	1970-01-20 22:55:00	Name: wfivefivec Value: 01OK6tEr1Qme895
.w55c.net/	1970-01-20 14:06:31	Name: matchgoogle Value: 5
.everesttech.net/	1970-01-20 22:08:55	Name: everest_g_v2 Value: g_surferid~ZLhMoQACF65n1ABY

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: moz-extension://90f1d619-be9a-4fa0-8e2c-f0f18a8501ff/js/app.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: https://api.ipify.org/?format=json Message: Failed to load resource: net::ERR_EMPTY_RESPONSE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

178194.tracking.hyros.com
90f1d619-be9a-4fa0-8e2c-f0f18a8501ff
ade.googlesyndication.com
adservice.google.com
api-js.mixpanel.com
api.ipify.org
assets.pinterest.com
beacon-v2.helpscout.net
blog.paleohacks.com
cdn.attn.tv
cdn.mxpnl.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
ct.pinterest.com
d3hb14vkzrxvla.cloudfront.net
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsum-sec.casalemedia.com
events.attentivemobile.com
fdf272162462bd09f7804fa4bbddaa63.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
links.paleohacks-mailing.com
log.pinterest.com
pagead2.googlesyndication.com
paleohacks.attn.tv
pm.w55c.net
pr-bh.ybp.yahoo.com
region1.analytics.google.com
s.pinimg.com
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
tpc.googlesyndication.com
track.mypaleorecipe.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
90f1d619-be9a-4fa0-8e2c-f0f18a8501ff
api.ipify.org
104.18.37.231
104.237.62.211
13.224.132.90
142.250.185.130
142.250.185.162
151.101.0.84
151.101.2.49
172.217.16.194
172.64.144.208
178.250.7.11
18.66.188.69
184.30.20.22
185.29.134.244
185.80.39.216
185.89.211.12
2001:4860:4802:34::36
213.155.156.168
2600:1901:0:498c::
2600:9000:26da:8000:1c:9484:cec0:93a1
2606:4700:10::6816:2c
2a00:1450:4001:806::2003
2a00:1450:4001:808::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9d
2a02:26f0:480:98a::1931
2a02:26f0:480:9b2::1931
2a02:fa8:8806:13::1400
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a05:d018:d29:3602:c546:7174:9ab4:ee8d
2a06:98c1:3120::3
35.186.241.51
35.238.129.105
52.29.162.34
52.72.185.240
00b2af963104a4dd04e77c1013957d37b0b43c86ba566301e77ab9a3e015280a
0380b273ec272e5f5235a704cc3fc8e3cb33e851bfeaef149b0f23a1edaec13f
09647504671a7ef9bb925c74c26e6be969edc1ded8ef8a94aa4b1ab1cdfc60af
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1083d32b6bd31c5bb8b662eb0bd3840484d66a62b699da6acd56b83f7ba05a5a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1414a599611253b31746e91b77f168573dbb42cc13a705fd72104a7eaca15e93
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
148b72e9450623cd1e23e795db2e6a991a4f6ce8c64fe999d4833a6f10fd971e
150cbe5c514aa70efcd179127476f4f5451db2ed4d033c0608afabdf9d18ec92
159ec23a6b35726aca57348e6615a6db4fa63c8bb12490cca4d260c8e05f9434
172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d
17261e1e24b36f491b475535ae6a936355583b54a19f0fd6d4d897f7d4f702a8
182d05c838e393157143b9aa48ae92cb00c8b6442e0a865149444e9f420991d9
18dd8449dd7bd05b1b1a8a1640218993802b7e73a218b75c05acf5c9b47d6082
194388578fe16a8f6d0790e1af9f6f935a03b3ecb8d7620f0ebca642761ebc88
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e2bf21ab87ae83d5a2cb0f9ae0373e8eeb2ed0b7fb86ef8b4165a4bd381cf93
1fdac48b9f68485c5d80454f135523e538a3cfc8518bfa19dad5eda287203a98
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
23bdea452f4ec5b686ace95399e60903426e9fa7352600c25b040f07c1eef325
241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433
2681704b7a1a7233c8030f22511b5598fa4b03ba2c3a19e8689b4c4ec75a080e
2b47e2b5d041b401f4d6dc04b120f9ada18fdd87dc40f2c764879a7c7c5a2f93
2d1a754922199186d43c7e76757eddaeb26e350387294e0f69ac574bc54914f9
315c4601aeb913aecb4f659c9a9748bd163bb881867c5f6211578667bcc43cb7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
339a321657ecb6479c45f7cec906302d7674934d0d2c7ae10053c395d866eca1
344d96950041cacaaa662fd937221ead75dbc7d565d7e0ed7bd62e6a65d85c04
346d8e3ad2bb516e393fb20a70cedeb12adf52ea195bddd1e64f1aeff935d3b7
3482405bf8580b1a680bd75e09d9ae7e56c9d11794565e540bf2a913008f5a9b
3537aca32fd9019a921a280a6cb8ee3ee9e7443dc14dd04ed24486a04704203d
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
4213eba6c464b3ca6fc71c748e2ba99f63f7f0b624199fd44127da67e40a3003
44918679259de2afdf9b998ff76ab2b5ab545931c176a48a0eb0fc0534dd2288
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48df57e7d19711e52ea797ee1a0605cbe4b6972042545f59216ad04974a6a103
49416531519583e597dccc3856da2fa093b5e739baf9fda442b7047309e7f51c
495d2f8c8b7f1bbd664c2c10c086a644e63e4934b9734813b27956a34709eea4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
4bc9b14802b6d61f16a9bd1820c6634000fae75d5a390a69f5521b1f186e95ec
4c62d51aaf287fa88754ecf89dbca0cd85f151d2562a6f931afd060480b3adc6
4cf6b0041792515d9036fad75e278ddc885672587d77908729cc9b5d66ca3dcf
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
508c6c8665bb4da4b211a97cdc3b2e791109204f82265d6af2eb79c51b61e014
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56ae42d0c397a6e30fe68d290544dc4403525b0f84bd7fc05daaabae856cd92b
58133b0712cf520d51f84567083708af639db55e732a248248cb9aff2d79b97c
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5b51d8339e2e6ed036a3564bb0a3a4043b8ef5f772763ff4f4f4b92f54d2ddfb
5fcc89ee1dcff30a72b389ba5afdc255829e83db910b0b1f3351af881f83c5ec
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
634062706d04faaaffdd25d85147bfcc2b252e096cfad7ec3b8ae7b1e52296fb
644aace6e359180bf6b29b4a7b172f7b6cb8c937fa531eed22a6447fab6a2c8c
679a1fcf545ea5d1a751b5a0fc4be99f73f4f2ee22fbfb3f0a90fdf6684b49fd
682b27e54462f82c7d74362de52e2aa29a0a0fa5edc381d664970eb94470fc5c
696518bd8dfc4146f7ddf61031068a38b84e326a0059e67038a3b61db40efb6f
6a69a0f8da52f401b953914ed46f36a66de2a61dfd54fe5f92b4d6585773c76a
6ae0b0e74edee33dd3e9d91c15b595508fc05e1ced11a15dbe787d0f9862dfc2
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
702e454db68e51f654a1d78a03fa706a9f0c10bc3d198493ce2ae741d0889baa
72ee83d94662d5c74646c88116b893ed59e98d9ec960433ab0e66f3481517289
7327225cdf3eb28cd7f8ed4ab98de9d079fe2f007c3d73fd58dc4c757cf6b4cf
735b305aadf14dd683363407e953b1eec091e541f8d6172d459454e40d7074c4
73b749b1f5bc98174ea385921e3f5b1ad518875088115f30c90807560cc202f3
766ae75d31bd669a0918b3b000893a0ede112fc353f188a2385b9b888ff106d1
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
7c4491ff4342be2c096f05e243edd6fb1f26194269a5011adbf8076bf148bf58
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7d65165bc97cfd3ca4d71f2780b1daab90570a4b5b7c392854ab3d1b6a7adb3a
7ed2cc414480e507b884d3c2faefa876fef943440c9d260933eebaf781ac4d87
82fb2bfb03e32e45794938d1f65920a5340a725751292245d3de07ee8a8df0a0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833a47a0bb64a6d5647c22b94732cfd1baee4025b10d2cc0ad8b100e54f6da7b
83685ec127cc7475c7a3649e73986c90d87d037247409d80423f5caceed4681e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87287076f288a27750d0c3737c4624bd59357c5b638cdf3f27f1763d85cd4a2f
896b044a707a1efded250dc66dee47b0cf24ec64beb0fb3f6a5c9be70c80a539
8b7e03d96b7488534a42f105301448c6b44acc3309f0c28c9a7920542eeaa9d3
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8e22de2f3daa81640b661557e04b0078e450dca1b4ac96005d657c6bc2f3ec28
8e5d5ef6607f115fb2745bb10dbbf0866820e13c3a1b90c87a3eddef3758d232
8fc15a92e4e7c6cf01d7e052a3fdc141b0ac780dc447a3e64a08156226b1b362
90bacfc71a649080e024d4eaed45ad2ba74f7154e2d73ec16ad5e87ed5a3d0df
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
977da30a8da124325b245a1d67aa0c68d9b21df6f731350d9b3ab61a879350c5
9780156160233045c4a72385f1b787a53d51deb520eb8f72010d7db92d82b4d0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c9fe2628c371c8c54d05fa9dd406fc21a6d25f6d0261092e37243205efc639b
9e74d79ea7ff2237e976687dbf185cb576b4fa4f2fa04647f611820dfff67268
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a30393da4743fa0ca3d93c14e3592728009fd1c7c531c1281b7877caa7fed1cc
a3c230ff5a72ffe0510f19977e0736c7370056def5536e94085875756675ea84
a4338b399e437bda69b997b7de46a7869b9244a1f7cebc91ddaf57329c41e7ae
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a88d91cf92eb6234c20e22f94fd80207b737dcadc964054af28096b75e9914e3
aa575e81bbad973d7554e7c58ca906b97472bd692566c3e79f27385f08d63ca1
aa695c44d39a9c3e4974ca59e09edd0dc507469d9522cf31165f87d45c1dc68d
ab6456ef0246f3d40fdb403bd81fed03ba17c7541266b465f06cc32f86649a73
ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7dfd098effc4b854d5fcf8e7d2e39d0cc0e6a103642f97d724c438e515b9b71
b831509c9907934028f980287d38cbee3b89644e7133c2f4b8b7c5dfca476aed
b99d80835f66e8ccd6d6f6efec14101447ae061febd873c06f0bef9ba50786c5
c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac
c5af66875dcaa4376a37580dec17528f5c1348d104a3a7b949ab7228f942f73c
c6102f07ce192d8f1e61b0a2e449a916e5d4d240dc47ab993fa1b39a5cdbcd84
c6e7fcc13e9fa0b4541bf314c25c54bf91807667df0a57d7cf30a554a7c00cae
cd5e51e4be28957472ed34851536685ff162bb43dec37c9a7be46de1c1b72ee9
cdef9d92aa1c5e9d8e409303f5ee38caceeecf3c1bdbf6e2f7bec8fe273dd596
ce42c615aceae9800c058e8682c78f53614419b465b6fdc51c8e146b4b37b253
ce59d61dafa78070b3370d353a810e7d8843f65a1fa340452f768dd5a275f876
cf821ac997d7f3c657dbf118b7de0675820f37b449ab5186a96356112ca6a0db
cfc98d46b8948bdd10ecef95fe6292a8bfabac6782a441f6759b8bf9f5361af4
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c
d7104243950b6eff64b0d4d1fa98d354ae07a9605bb31dab31a488c765b32d5c
d906982254784c5b8534a00447f41450b873b1d6a7ca71885fba9f7ccf2d52bf
dba5166ad9db9ba648c1032ebbd34dcd0d085b50023b839ef5c68ca1db93a563
dd0ca68e81ff1bab8be9add7a258d92b20e6aff9dc841cf21339ff405b002e85
dd37e2cd931803994ea8f76c16d3d81aa0aa6d6488a049df19c78a078043c8bb
dde3261ae85ead281a4f3120a5c4cee3bc7a1874c284c4a23874af1ada1f08ec
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a
e0943b32c80a724a40de925f3fa31c502829263cf2ebd090d3606cdbd0b32ed6
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c9181e83a24ce8fd1aedc13a573daded27c8677a50cf879fbee552798158be
ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327
ede43b2ddb8f3b09a9062582da8619e3ade3da54e8e20c089848328488f0530a
ede5cfe5cd85ffdb96cb1fe0cfd5632a40fd4a5fb7f2ee2f4666c937a35e1611
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8aa869fc625fecb5d34741f668243bd711f17935395b3aa86afd3a39e1bf0a
f1b08cc33f61379c0f55720697db90b8eaedd6a95e4f9c1ba4e505b2606f2ec4
f34b136e79d860a61095e1596b6a8a39b38c73d8bf4449daf6968d90386338c2
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fb2032a0b90cb58dc7bae39580e26c34a7b44d3aad4fb088f965e32ae8196822
fb94dccf2419dd78e21ecaba757fed0df6f51de96a941b02e7e10c5f12d3d360
fc22b03cd2b5ae6dd2e8a557783fcad0f14d939e7eb8be2128dc3a75483087ba
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

blog.paleohacks.com Open in urlscan Pro 2606:4700:10::6816:2c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

196 Requests

94 %HTTPS

57 %IPv6

36 Domains

48 Subdomains

41 IPs

10 Countries

6911 kBTransfer

10807 kBSize

33 Cookies

10 Outgoing links

Page URL History

Redirected requests

196 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blog.paleohacks.com Open in urlscan Pro
2606:4700:10::6816:2c Public Scan

Screenshot
Live screenshot

Full Image

196
Requests

94 %
HTTPS

57 %
IPv6

36
Domains

48
Subdomains

41
IPs

10
Countries

6911 kB
Transfer

10807 kB
Size

33
Cookies

196 HTTP transactions
5 data transactions