blog.paleohacks.com Open in urlscan Pro
2606:4700:10::6816:2c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.paleohacks-mailing.com/a/168/click/10023614/746255798/_d94f77b964b80598ebd4e52cfd1eae932821f821/27d751682a134bfc49a7d45...
Effective URL:
https://blog.paleohacks.com/banana-flour/
Submission: On July 16 via api (July 16th 2023, 2:53:00 pm UTC) from BE — Scanned from DE

Summary HTTP 261 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 45 IPs in 8 countries across 42 domains to perform 261 HTTP transactions. The main IP is 2606:4700:10::6816:2c, located in United States and belongs to CLOUDFLARENET, US. The main domain is blog.paleohacks.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 14th 2023. Valid for: a year.

This is the only time blog.paleohacks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.238.129.105 35.238.129.105	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
61	2606:4700:10:... 2606:4700:10::6816:2c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	23.52.120.27 23.52.120.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.84.34.30 54.84.34.30	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2600:9000:211... 2600:9000:211a:9600:1c:9484:cec0:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:350... 2a02:26f0:3500:889::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
5	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1901:0:b... 2600:1901:0:bc29::	15169 (GOOGLE) (GOOGLE)
3	23.212.88.20 23.212.88.20	16625 (AKAMAI-AS) (AKAMAI-AS)
2	172.64.150.25 172.64.150.25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.43.48 104.18.43.48	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 11	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
4	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
9	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	104.237.62.211 104.237.62.211	18450 (WEBNX) (WEBNX)
28	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	18.185.187.94 18.185.187.94	16509 (AMAZON-02) (AMAZON-02)
1 11	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2 4	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:607b:7655:2828:f792	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.182 213.155.156.182	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
2	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.102.45.165 104.102.45.165	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.42.188.208 13.42.188.208	16509 (AMAZON-02) (AMAZON-02)
2	108.138.36.48 108.138.36.48	16509 (AMAZON-02) (AMAZON-02)
2	108.138.36.69 108.138.36.69	16509 (AMAZON-02) (AMAZON-02)
1	35.190.25.25 35.190.25.25	15169 (GOOGLE) (GOOGLE)
4	3.10.237.144 3.10.237.144	16509 (AMAZON-02) (AMAZON-02)
261	45

1 35.238.129.105 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.129.238.35.bc.googleusercontent.com

links.paleohacks-mailing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

61 2606:4700:10::6816:2c (United States)

ASN13335 (CLOUDFLARENET, US)

blog.paleohacks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.52.120.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-120-27.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.84.34.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-34-30.compute-1.amazonaws.com

178194.tracking.hyros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:211a:9600:1c:9484:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:889::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

track.mypaleorecipe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.212.88.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com

lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.150.25 (United States)

ASN13335 (CLOUDFLARENET, US)

paleohacks.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.43.48 (None, )

ASN13335 (CLOUDFLARENET, US)

events.attentivemobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.237.62.211 (El Segundo, United States)

ASN18450 (WEBNX, US)
PTR: hosted-by.racknerd.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.187.94 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-187-94.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:18ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Bad Durrheim, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:607b:7655:2828:f792 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.28 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.182 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.102.45.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.42.188.208 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-188-208.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.36.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-48.muc50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.36.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-69.muc50.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.25.25 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 25.25.190.35.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.10.237.144 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-237-144.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	paleohacks.com blog.paleohacks.com	571 KB
37	googlesyndication.com 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	314 KB
28	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 30069 ad4m.at — Cisco Umbrella Rank: 9754 assets.ad4m.at — Cisco Umbrella Rank: 41291	946 KB
28	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 130 cm.g.doubleclick.net — Cisco Umbrella Rank: 254	259 KB
14	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 10 adservice.google.com — Cisco Umbrella Rank: 113 region1.analytics.google.com — Cisco Umbrella Rank: 2556	2 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 391	218 KB
6	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 20510 api.webgains.io — Cisco Umbrella Rank: 51644	63 KB
6	gstatic.com fonts.gstatic.com	177 KB
6	media.net contextual.media.net — Cisco Umbrella Rank: 675 lg3.media.net — Cisco Umbrella Rank: 6612	74 KB
5	mypaleorecipe.com track.mypaleorecipe.com	35 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	22 KB
5	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 3423 ct.pinterest.com — Cisco Umbrella Rank: 745 log.pinterest.com — Cisco Umbrella Rank: 4645	20 KB
5	attn.tv cdn.attn.tv — Cisco Umbrella Rank: 3488 paleohacks.attn.tv	43 KB
4	awin1.com www.awin1.com — Cisco Umbrella Rank: 16326	3 KB
4	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 148578 static-de.ad4mat.net — Cisco Umbrella Rank: 192748	8 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 893 s.tribalfusion.com — Cisco Umbrella Rank: 1946	2 KB
4	google.de www.google.de — Cisco Umbrella Rank: 4752	776 B
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	333 B
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	196 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	244 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	3 KB
2	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 59854	30 KB
2	webgains.com track.webgains.com — Cisco Umbrella Rank: 39920	4 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5037	651 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1067 r.turn.com — Cisco Umbrella Rank: 3947	869 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 633	1 KB
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1777	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1044	2 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 833	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	161 KB
1	mixpanel.com api-js.mixpanel.com — Cisco Umbrella Rank: 2733	374 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 857	338 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 44074	612 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 862	465 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481	718 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2276	174 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 383	266 B
1	attentivemobile.com events.attentivemobile.com — Cisco Umbrella Rank: 3363	160 B
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 5599	18 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2382 Failed	223 B
1	hyros.com 178194.tracking.hyros.com
1	paleohacks-mailing.com 1 redirects links.paleohacks-mailing.com — Cisco Umbrella Rank: 666557	698 B
261	42

	Domain	Requested by
61	blog.paleohacks.com	blog.paleohacks.com track.mypaleorecipe.com
24	tpc.googlesyndication.com	blog.paleohacks.com securepubads.g.doubleclick.net tpc.googlesyndication.com 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
12	assets.ad4m.at	as.ad4m.at
11	cm.g.doubleclick.net	1 redirects 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
11	www.google.com	2 redirects blog.paleohacks.com tpc.googlesyndication.com 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
10	securepubads.g.doubleclick.net	blog.paleohacks.com securepubads.g.doubleclick.net 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com blog.paleohacks.com www.googletagservices.com
8	ad4m.at	as.ad4m.at ad4m.at
8	as.ad4m.at	03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com blog.paleohacks.com as.ad4m.at ad4m.at
6	fonts.gstatic.com	fonts.googleapis.com
5	track.mypaleorecipe.com	www.googletagmanager.com track.mypaleorecipe.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com blog.paleohacks.com
4	api.webgains.io	analytics.webgains.io
4	www.awin1.com	as.ad4m.at
4	03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	www.google.de	blog.paleohacks.com
4	www.facebook.com	blog.paleohacks.com connect.facebook.net
4	googleads.g.doubleclick.net	www.googletagmanager.com blog.paleohacks.com 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
4	www.googletagservices.com	blog.paleohacks.com 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
4	connect.facebook.net	blog.paleohacks.com connect.facebook.net
3	ct.pinterest.com	s.pinimg.com blog.paleohacks.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	lg3.media.net	blog.paleohacks.com
3	cdn.attn.tv	blog.paleohacks.com www.googletagmanager.com cdn.attn.tv
3	contextual.media.net	blog.paleohacks.com contextual.media.net
3	fonts.googleapis.com	blog.paleohacks.com securepubads.g.doubleclick.net tpc.googlesyndication.com
2	cdn.track.production.webgains.team	as.ad4m.at track.webgains.com
2	analytics.webgains.io	track.webgains.com
2	track.webgains.com	as.ad4m.at
2	static-de.ad4mat.net	as.ad4m.at
2	prod-rtb.ad4mat.net	03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
2	d5p.de17a.com	2 redirects
2	c1.adform.net	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	s.tribalfusion.com	03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
2	a.tribalfusion.com	2 redirects
2	pm.w55c.net	2 redirects
2	adservice.google.com	securepubads.g.doubleclick.net
2	paleohacks.attn.tv	cdn.attn.tv
2	s.pinimg.com	blog.paleohacks.com s.pinimg.com
2	www.googletagmanager.com	blog.paleohacks.com www.googletagmanager.com
1	api-js.mixpanel.com	cdn.mxpnl.com
1	onetag-sys.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	cms.quantserve.com	03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
1	r.turn.com	03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	tr.blismedia.com	03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
1	match.adsrvr.org	03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
1	log.pinterest.com	blog.paleohacks.com
1	region1.analytics.google.com	www.googletagmanager.com
1	events.attentivemobile.com	cdn.attn.tv
1	cdn.mxpnl.com	blog.paleohacks.com
1	assets.pinterest.com	blog.paleohacks.com
1	api.ipify.org	blog.paleohacks.com track.mypaleorecipe.com
1	178194.tracking.hyros.com	blog.paleohacks.com
1	links.paleohacks-mailing.com	1 redirects
261	59

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
plus.google.com
www.pinterest.com
twitter.com
www.youtube.com
shop.paleohacks.com
pinterest.com
www.ncbi.nlm.nih.gov
www.abc.net.au
www.bmj.com
www.naturalevolutionfoods.com.au
www.andjrnl.org
ajcn.nutrition.org
www.researchgate.net
www.sciencedirect.com
www.omicsonline.org
www.nutryttiva.us
bananaflour.com
phaff.resurge.hop.clickbank.net
paleohacks.go2cloud.org
www.copyarc.com
paleohacks.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-14` - `2024-05-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-24` - `2023-07-23`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
tracking.hyros.com Amazon RSA 2048 M02	`2023-04-02` - `2024-04-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.attn.tv Amazon RSA 2048 M01	`2023-05-02` - `2024-05-29`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
*.mxpnl.com GeoTrust TLS RSA CA G1	`2023-07-12` - `2024-08-11`	a year	crt.sh
attn.tv Cloudflare Inc ECC CA-3	`2023-03-02` - `2024-02-29`	a year	crt.sh
attentivemobile.com Cloudflare Inc ECC CA-3	`2023-03-02` - `2024-02-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-06-09` - `2023-09-07`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-06-04` - `2023-09-02`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
*.mixpanel.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-02-13` - `2024-03-15`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://blog.paleohacks.com/banana-flour/
Frame ID: D0CDA55D8CB164CEF2FBBCE77E0A0AA4
Requests: 140 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CUG3G308&https=1&itype=CM
Frame ID: 32BA8A397869C8EBB37BE9773619DF56
Requests: 1 HTTP requests in this frame

Frame: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3B3490B45C38A9BF8D385EA41D5B53BC
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 960538CA1B130A8C29964ABFD4D1EA9A
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v4.0/plugins/comments.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c869b8768ae6c%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Ff3c6b0d4ec65c4c%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fbanana-flour%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width=
Frame ID: AB5635B50796DEAC6FFD9F5729DADD0D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v4.0/plugins/like.php?action=like&app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df21d73ec402cb3c%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Ff3c6b0d4ec65c4c%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Ffacebook.com%2Fpaleohacks&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Frame ID: 8048774612936B74F6CD18CA99670A22
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 35CB1D6D2DC0E7D44834068C87EBE9E5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs
Frame ID: DD87122FE003024F47D614DC4A239A1D
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5611FE8A0D6B1CCC260EBE978E48DC2D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 90E9576B294369932CBC96F31509DC2A
Requests: 2 HTTP requests in this frame

Frame: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 38916A4016902902371AAEEFE5DF120E
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs
Frame ID: 686600DCA9247FEA161AFC0E26D076AB
Requests: 16 HTTP requests in this frame

Frame: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 39C0E63AA5AE4E0BC8F35F825A94A467
Requests: 1 HTTP requests in this frame

Frame: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D2AE39ACC78284D189CFB5AD5AFC8C13
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jsvx01jmnzzn0y3fymqyf8cjhj3gqngdr2w4nnhehww24qj6sbmn21zmjhtgf0qn99j6s1wfcypgvmj2wsbkypmhtrt9k4waearjp56jdk7256343t5pkza4tectn5wxbfnnf8jhjxwwy31afz1yhkw2k6zc0bj24tq45wxz2geenjnh394gsfrp1f926v7exjmbthjpsm5n94twz39s5ztjjp8qr6hccvgnk9nc65sdvfd8dxt7yd1v4y6wpxrz9k7yss550wp4ch2s8rkvh1v4w6fha1csx8bzap9hrfasz2v2fs6yztb9ywmz9d0dpas6s9ytxq3hhsg044gk95m8tvzhhxnka6xktfe58chctpcqn4202h54rsace5jwvr8ngns26prvqzqw8m198t1qe0bznwd0vzft5f8zn2h29gkqr29g4fdmyfrxyhmepva4q4zwm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_clZRQS0ZPqBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgT5AU_QXFNx_IGLkh4fUhIEShC5kCznDulYi6AaLPXPYbXJ7p4bK7NubHtSEyZfp-QspptZ79eWxfCTGtdPSA99_sCQuBt9xGlmCnuWxtHFTu-keldxQN7Q2YkOSxvL9-6erfA1W7yFOlvTvQC0YrhRSP2OkN01BfQ54rnF2R3_waf9Z75tAcnKx5yb5iOmCNRqJm-uoqBBzx3QlCWysSVDAMp1-J67MAPVsyAWI2YG2sJTWoMoy1zN4xPonti64S7c_I9eXpDEBHz3RUhDCoiPay9w2dpnfrTW1WQTzwlVSg7KBM2noVytl_O88_nS4pLiQqMrmIjev04fOOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3v8ZIWRyKOVA_fWR3jk_N-Gw9NwA%26client%3Dca-pub-5144389657785565%26adurl%3D
Frame ID: 51B8EE69B629E3604396FEE0AAEE2DD7
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 361D2C511AAFB0B3FD3F78121D95EE41
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jsjtnrh3yr44vstwccmrnm019r3pt13jw9pjsxzzpn32qsypmf8y1n03w4gg8c9vcv5v5nan4tc0rc1x9n5499z3h0yk3qnf5cgbc59p0acbyzvp5t8xfc0em934ph7p007y61r4r0xx5z9m4q5zk5mwxfgvey4fr9baxavm4mw6ej9m2rb4mvewdc79gnqrx36aeqszn7aeq01sbfap6pdnhvz496g8ekgvcm35jfqh3zm0f3act69kfvcswdwjsd8q5r3h6agm8x5q206qja24v02t9ddywc2ejafrf7h8kcdr15zpkysp1hae1vwphv1nv2nynr6mq2rvvvcsb0mf238eb6q8wxrmfmkdpf4en3chvb21xrs139s3f550n2nv1hyp4575kt84mpzaf2z5b0658rjm24t2thkp0cc2wjaqedrkawrgsr75a1jabx7rfpk6m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfHMIRQS0ZPyBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgSDAk_Qa-hnjUHJGbJX12ZMgxBQ4HtJmV9p0-Hxk5VMrarXT5bHQ9kjCrpf8a2PBPd0b_ouL5TuJLSoTDtb0V4izkSJJ254iHdjrTBRkJP7btyBVeDzvhmzPAUlpdMpewEy57oHtcb83VcbEY9Lbz6X3VjwgJ6P0QD-wN3sv1N8cZGwNBpb2HP4Eyo0oXcvbMki73F-_170dQL8peUFpCsRFMr-HD4SHMhEiXD2G_IQifqpGJXq47dbrZeDdIVG7AfPaC3iZ4ce8DHQfAUxzA2JfDb0CtIPi0MXXNhON65y7iY8dukQ2iGoomQvIXCDJr9wHTXgr6DdYr4PGMfefZwx90AOIcPgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Y_Ao4I4Lh0sQrYEcsGakhGqMZvA%26client%3Dca-pub-5144389657785565%26adurl%3D
Frame ID: C51E5476DC28CEBD0EEE1B86B70A8CC1
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js
Frame ID: 8EDE9E7FF1A27D102E3543EB80618688
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 82C1F448300D3C8A8125198D5BF9632D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Frame ID: BA802BE0A8F2B47582A33C4842D6FCDB
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FC6931EC6F20D2CAF1F3A0AA33F62D20
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 693F64A7517454D99708C0020C1BBDC1
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: D5F9307E2F7DC03FDABE3B369BC686EC
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=9b5bf41d330787b8662d012918033612%2F7385498229648963024&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689519175487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz4wsrvm2mt72bjrc8b311cq9ekae8ym9sjwxxe78ezw3n7g34xzhk2p0gqyk77vf7gwt5wn2jbgy4zns2n86tavrpe7n5e5fxzbb70cktqf08a6pnw4etez2kzkttebw4catatjw5nbvejaphvmk48zh6yjfcdm5d09k6xgny4sgyg2gz7qh7z787kvyzk22b136a3zapxabcfakpanpv6wd85e8jq3rbe0xt4bqpzaa2q0wt7a5vjm8zev4y7nb9bcej4vhaf78v5vdrcreaxwm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_clZRQS0ZPqBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgT5AU_QXFNx_IGLkh4fUhIEShC5kCznDulYi6AaLPXPYbXJ7p4bK7NubHtSEyZfp-QspptZ79eWxfCTGtdPSA99_sCQuBt9xGlmCnuWxtHFTu-keldxQN7Q2YkOSxvL9-6erfA1W7yFOlvTvQC0YrhRSP2OkN01BfQ54rnF2R3_waf9Z75tAcnKx5yb5iOmCNRqJm-uoqBBzx3QlCWysSVDAMp1-J67MAPVsyAWI2YG2sJTWoMoy1zN4xPonti64S7c_I9eXpDEBHz3RUhDCoiPay9w2dpnfrTW1WQTzwlVSg7KBM2noVytl_O88_nS4pLiQqMrmIjev04fOOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3v8ZIWRyKOVA_fWR3jk_N-Gw9NwA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Frame ID: C72C81BF4465393B894B59CE27F907D0
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=1594f18d3f544ea7a429e1fbc406df5f%2F3076366945171163883&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689519175490&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knmm9ctsctddr8tam2jggd8mxvsdxw8bw6y8brrf6cf5zr8jp397d6edbzk91gwqpjecsetd3zgsa1ekn1mprphajspgew270wp1868dfzf12f07baw3hnkxjbydmmhrd0qtncjkzrqb435rnf1jwa34q8nda7j715geqjeax7t5nrv2kkqtpdf0dyp7kq3vf5g0d1vbybgrrmat2bjxxrw6nb9danrgc347zvza3sgcm9xb98p3kp3g9f48eq3xk760gp1b9ta0xv2qhmrvkm8vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfHMIRQS0ZPyBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgSDAk_Qa-hnjUHJGbJX12ZMgxBQ4HtJmV9p0-Hxk5VMrarXT5bHQ9kjCrpf8a2PBPd0b_ouL5TuJLSoTDtb0V4izkSJJ254iHdjrTBRkJP7btyBVeDzvhmzPAUlpdMpewEy57oHtcb83VcbEY9Lbz6X3VjwgJ6P0QD-wN3sv1N8cZGwNBpb2HP4Eyo0oXcvbMki73F-_170dQL8peUFpCsRFMr-HD4SHMhEiXD2G_IQifqpGJXq47dbrZeDdIVG7AfPaC3iZ4ce8DHQfAUxzA2JfDb0CtIPi0MXXNhON65y7iY8dukQ2iGoomQvIXCDJr9wHTXgr6DdYr4PGMfefZwx90AOIcPgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Y_Ao4I4Lh0sQrYEcsGakhGqMZvA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Frame ID: CEBD49BA68FFBCAFC02AB4E19235DBCF
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Banana Flour: A Resistant Starch and Gluten-Free AlternativeFacebookGoogle+PinterestTwitterYouTubeFacebookPinterestTwitterYouTube

Page URL History Show full URLs

https://links.paleohacks-mailing.com/a/168/click/10023614/746255798/_d94f77b964b80598ebd4e52cfd1eae932821f821/27d... HTTP 302
https://blog.paleohacks.com/banana-flour/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

261
Requests

95 %
HTTPS

56 %
IPv6

42
Domains

59
Subdomains

45
IPs

8
Countries

3436 kB
Transfer

8161 kB
Size

40
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/paleohacks
Title: Facebook

Search URL Search Domain Scan URL

URL: https://plus.google.com/+Paleohacks1/posts
Title: Google+

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/paleohacks/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://twitter.com/paleohacks
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Paleohacks
Title: YouTube

Search URL Search Domain Scan URL

URL: https://shop.paleohacks.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://blog.paleohacks.com/banana-flour/&display=popup&ref=plugin&src=share_button
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://blog.paleohacks.com/banana-flour/&text=Banana%20Flour%3A%20A%20Resistant%20Starch%20and%20Gluten-Free%20Alternative
Title: Tweet2.2k

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://blog.paleohacks.com/banana-flour/&media=https://blog.paleohacks.com/wp-content/uploads/2017/02/Banana-Flour-A-Resistant-Starch-and-Gluten-Free-Alternative.jpg&description=Banana%20Flour:%20A%20Resistant%20Starch%20and%20Gluten-Free%20Alternative
Title: Pin

Search URL Search Domain Scan URL

URL: https://www.ncbi.nlm.nih.gov/pubmed/24582585
Title: 1

Search URL Search Domain Scan URL

URL: http://www.abc.net.au/news/2015-08-31/chocolate-bar-made-from-green-banana-flour/6739014
Title: 2

Search URL Search Domain Scan URL

URL: http://www.bmj.com/content/346/bmj.f1378
Title: 3

Search URL Search Domain Scan URL

URL: https://www.ncbi.nlm.nih.gov/pubmed/25540137
Title: 4

Search URL Search Domain Scan URL

URL: https://www.naturalevolutionfoods.com.au/nutritional-information/
Title: 5

Search URL Search Domain Scan URL

URL: http://www.andjrnl.org/article/S2212-2672(12)00473-X/abstract
Title: 6

Search URL Search Domain Scan URL

URL: https://www.ncbi.nlm.nih.gov/pubmed/25701700
Title: 7

Search URL Search Domain Scan URL

URL: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC3705319/
Title: 8

Search URL Search Domain Scan URL

URL: http://ajcn.nutrition.org/content/75/1/104.full
Title: 9

Search URL Search Domain Scan URL

URL: http://ajcn.nutrition.org/content/55/2/420.abstract?ijkey=3874a8ea3d60df4259637fe7fb4355ec0028f192&keytype2=tf_ipsecsha
Title: 10

Search URL Search Domain Scan URL

URL: https://www.researchgate.net/publication/222301668_Unripe_banana_flour_as_an_ingredient_to_increase_the_indigestible_carbohydrate_of_pasta
Title: 11

Search URL Search Domain Scan URL

URL: http://www.sciencedirect.com/science/article/pii/S1671292708601182
Title: 12

Search URL Search Domain Scan URL

URL: https://www.ncbi.nlm.nih.gov/pubmed/21831780
Title: 13

Search URL Search Domain Scan URL

URL: https://www.ncbi.nlm.nih.gov/pubmed/19285600
Title: 14

Search URL Search Domain Scan URL

URL: https://www.ncbi.nlm.nih.gov/pubmed/24499148
Title: 15

Search URL Search Domain Scan URL

URL: http://www.sciencedirect.com/science/article/pii/S1658077X15300837
Title: 16

Search URL Search Domain Scan URL

URL: https://www.omicsonline.org/open-access/comparative-study-of-ripe-and-unripe-banana-flour-during-storage-2157-7110.1000384.php?aid=36152
Title: 17

Search URL Search Domain Scan URL

URL: http://www.nutryttiva.us/
Title: Nutryttiva

Search URL Search Domain Scan URL

URL: http://bananaflour.com/
Title: WEDO

Search URL Search Domain Scan URL

URL: https://www.naturalevolutionfoods.com.au/
Title: Natural Evolution

Search URL Search Domain Scan URL

URL: http://phaff.resurge.hop.clickbank.net/?lid=3&tid=resurgetxt

Search URL Search Domain Scan URL

URL: https://paleohacks.go2cloud.org/aff_c?offer_id=21&aff_id=1000&aff_sub=kipcta

Search URL Search Domain Scan URL

URL: http://www.copyarc.com/
Title: his website

Search URL Search Domain Scan URL

URL: https://twitter.com/copyarc
Title: on Twitter

Search URL Search Domain Scan URL

URL: http://paleohacks.com/
Title: Discussion

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.paleohacks-mailing.com/a/168/click/10023614/746255798/_d94f77b964b80598ebd4e52cfd1eae932821f821/27d751682a134bfc49a7d4559b21a67cb31823f6 HTTP 302
https://blog.paleohacks.com/banana-flour/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 156

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 204

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGgYed7VJ35_ADTmAQAjHtE&google_cver=1&google_push=AaAOQGGeI-qBcfcLZMH7Ux9nkmPrDD4hWa-zBhTe2iv8-Ms9Yf5tgUJ9ccW3JEJjN0-75SVnQ_wqg1Pbm7u5I5a3oAF83qcZRIybXpo HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGgYed7VJ35_ADTmAQAjHtE&google_cver=1&google_push=AaAOQGGeI-qBcfcLZMH7Ux9nkmPrDD4hWa-zBhTe2iv8-Ms9Yf5tgUJ9ccW3JEJjN0-75SVnQ_wqg1Pbm7u5I5a3oAF83qcZRIybXpo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MGluVWVKTXQxUWwzN2c1&google_gid=CAESEGgYed7VJ35_ADTmAQAjHtE&google_cver=1&google_push=AaAOQGGeI-qBcfcLZMH7Ux9nkmPrDD4hWa-zBhTe2iv8-Ms9Yf5tgUJ9ccW3JEJjN0-75SVnQ_wqg1Pbm7u5I5a3oAF83qcZRIybXpo

Request Chain 205

https://a.tribalfusion.com/i.match?p=b6&u=CAESEI2MigJ3llrySdUhaRktpHA&google_cver=1&google_push=AaAOQGG_24tySrXchPU65Vqx7n_Pcwbqb7PimGxPBgwjzeRVuMRR7hgvB4cm3ATq6TeqhPLIHuZcuaaqoPR_zNdGPH1YCZnBy-u---Y&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGG_24tySrXchPU65Vqx7n_Pcwbqb7PimGxPBgwjzeRVuMRR7hgvB4cm3ATq6TeqhPLIHuZcuaaqoPR_zNdGPH1YCZnBy-u---Y%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEI2MigJ3llrySdUhaRktpHA&google_cver=1&google_push=AaAOQGG_24tySrXchPU65Vqx7n_Pcwbqb7PimGxPBgwjzeRVuMRR7hgvB4cm3ATq6TeqhPLIHuZcuaaqoPR_zNdGPH1YCZnBy-u---Y&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGG_24tySrXchPU65Vqx7n_Pcwbqb7PimGxPBgwjzeRVuMRR7hgvB4cm3ATq6TeqhPLIHuZcuaaqoPR_zNdGPH1YCZnBy-u---Y%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 208

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKA2q9rlV_ltQbA4UEBhYCs&google_cver=1&google_push=AaAOQGEGryBLdWHkrfXqRY6hBI90RqdZicgqoruhlUc7Fo7qVl2PBIjaI_P0iQRUtrJ1XdhWfGqPzF6oS5TJ1EQjVQfkLxaJ2D077Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1NjQyOTU5ODMyNTQwNTg0Mg%3D%3D&google_push=AaAOQGEGryBLdWHkrfXqRY6hBI90RqdZicgqoruhlUc7Fo7qVl2PBIjaI_P0iQRUtrJ1XdhWfGqPzF6oS5TJ1EQjVQfkLxaJ2D077Q

Request Chain 209

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOJ9hXiDAn39sTGFpn1Plxg&google_cver=1&google_push=AaAOQGFOdBkZUARNbwLV3X2j1B6Rch-wDBAn6WYn_NjenM0LrCYS7ImQdVyGcVZX0NoDNwfxH8HjgEejReJ-ScYN3Fr59sWEf9EcrvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFOdBkZUARNbwLV3X2j1B6Rch-wDBAn6WYn_NjenM0LrCYS7ImQdVyGcVZX0NoDNwfxH8HjgEejReJ-ScYN3Fr59sWEf9EcrvQ&google_hm=eS1reWd6VjRaRTJwRXZBOXNwRUFraTZFakNldVpGcGVBbH5B

Request Chain 210

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO00WT3ZmFF5xoTwNVVj2kg&google_cver=1&google_push=AaAOQGHuW3CzXMYdFIiOv90mrXI1uJvSdrb-abqjdLpmBnHHXGrtcc9jRYtlvZ3l7sGFuKXrNXiKfSeXv8cT_A6U4RiDqOcRMPzMe4E HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEO00WT3ZmFF5xoTwNVVj2kg&google_cver=1&google_push=AaAOQGHuW3CzXMYdFIiOv90mrXI1uJvSdrb-abqjdLpmBnHHXGrtcc9jRYtlvZ3l7sGFuKXrNXiKfSeXv8cT_A6U4RiDqOcRMPzMe4E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY2NzE2OTY4NTU0NzY4NzE3OA&google_push=AaAOQGHuW3CzXMYdFIiOv90mrXI1uJvSdrb-abqjdLpmBnHHXGrtcc9jRYtlvZ3l7sGFuKXrNXiKfSeXv8cT_A6U4RiDqOcRMPzMe4E

Request Chain 212

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGg-j6Y6XiDnnjc7r3-fciQ&google_cver=1&google_push=AaAOQGFyba3OWMXnmusS0bOLlAkjspho0_j8OSbHzHoI6DuYj_mWy0VyTpD-ikDQy1-IHUPmQ7xgG3VwKXyQVJalynDA3rbZudWOjA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODIwODM5MjYxMTk1NTM3MzIxNQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGg-j6Y6XiDnnjc7r3-fciQ&google_cver=1

Request Chain 214

https://a.tribalfusion.com/i.match?p=b6&u=CAESEI2MigJ3llrySdUhaRktpHA&google_cver=1&google_push=AaAOQGEsCUcAntjdFtTRNzAi4OlZgo-OmFzEUHJinZc0sL6rn99mPwuFtFqCR2uYwr1R6AxYjD3T3MKhW3v_Aqfq-2auqtL5bjq3oQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGEsCUcAntjdFtTRNzAi4OlZgo-OmFzEUHJinZc0sL6rn99mPwuFtFqCR2uYwr1R6AxYjD3T3MKhW3v_Aqfq-2auqtL5bjq3oQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEI2MigJ3llrySdUhaRktpHA&google_cver=1&google_push=AaAOQGEsCUcAntjdFtTRNzAi4OlZgo-OmFzEUHJinZc0sL6rn99mPwuFtFqCR2uYwr1R6AxYjD3T3MKhW3v_Aqfq-2auqtL5bjq3oQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGEsCUcAntjdFtTRNzAi4OlZgo-OmFzEUHJinZc0sL6rn99mPwuFtFqCR2uYwr1R6AxYjD3T3MKhW3v_Aqfq-2auqtL5bjq3oQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 215

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBt8mZU58KDKlQ-M7F81qOI&google_cver=1&google_push=AaAOQGGdcq5BRtzWrGyaTkcPJ8Iz7U_I95qaFZ89B6RTG6yTxWOcz4g1-Ay-TYkvsAAl-2fAOQhCsij7Yfdw1bMczgQUXgpgtrrCJA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGdcq5BRtzWrGyaTkcPJ8Iz7U_I95qaFZ89B6RTG6yTxWOcz4g1-Ay-TYkvsAAl-2fAOQhCsij7Yfdw1bMczgQUXgpgtrrCJA&google_hm=OWqXaXkLRu2kCrPppexMkhM

Request Chain 216

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKA2q9rlV_ltQbA4UEBhYCs&google_cver=1&google_push=AaAOQGF3MlJscdzYqaz-HWyBAbWQTDaCJKNJo9XcTjRBFKgJG3t08KUS5VATGlrQpcGuX6z9R_FGizUAhh7u8h3sIG9pVBiWRIeo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1NjQyOTU5ODMyNjY1MTAyNg%3D%3D&google_push=AaAOQGF3MlJscdzYqaz-HWyBAbWQTDaCJKNJo9XcTjRBFKgJG3t08KUS5VATGlrQpcGuX6z9R_FGizUAhh7u8h3sIG9pVBiWRIeo

Request Chain 217

https://d5p.de17a.com/cookies/google?google_gid=CAESEFDnueLJCabVMvcNBMJGfKw&google_cver=1&google_push=AaAOQGGRWDlDi95MjtE1joVcN5ZR3Z-rYoxMhUHNFux8I2_f41TlWf-nKay-VogWf54qdyo4J1FdWKIyvznRlG1A4MGPnJCMtFHpvw HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFDnueLJCabVMvcNBMJGfKw&google_cver=1&google_push=AaAOQGGRWDlDi95MjtE1joVcN5ZR3Z-rYoxMhUHNFux8I2_f41TlWf-nKay-VogWf54qdyo4J1FdWKIyvznRlG1A4MGPnJCMtFHpvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGGRWDlDi95MjtE1joVcN5ZR3Z-rYoxMhUHNFux8I2_f41TlWf-nKay-VogWf54qdyo4J1FdWKIyvznRlG1A4MGPnJCMtFHpvw

Request Chain 218

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEF3OxI3tlS5nSJT0GSTMvT0&google_cver=1&google_push=AaAOQGHnb6VMXia0fv3Z7h_9sxsz8f9gdoR3AcgWM9GSILIF2wobpNU7yriT6DoogtUwuRsfFGlBU5VfZ61Sxnu53dArIjljcCWbog HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHnb6VMXia0fv3Z7h_9sxsz8f9gdoR3AcgWM9GSILIF2wobpNU7yriT6DoogtUwuRsfFGlBU5VfZ61Sxnu53dArIjljcCWbog

Request Chain 232

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

261 HTTP transactions
23 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
blog.paleohacks.com/banana-flour/
Redirect Chain

https://links.paleohacks-mailing.com/a/168/click/10023614/746255798/_d94f77b964b80598ebd4e52cfd1eae932821f821/27d751682a134bfc49a7d4559b21a67cb31823f6
https://blog.paleohacks.com/banana-flour/

154 KB
33 KB

746ms
685ms

Document
text/html

2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/banana-flour/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.23
Resource Hash: 4461979c309e565bf106090df3dc85cd682a3a1cda3ef04668164902adb32afb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7e7b1241899f9130-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 16 Jul 2023 14:52:51 GMT
expires: Sun, 16 Jul 2023 14:52:51 GMT
last-modified: Sun, 16 Jul 2023 12:16:12 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/7.3.23

Redirect headers

cache-control: no-cache
content-type: text/html; charset=utf-8
date: Sun, 16 Jul 2023 14:52:50 GMT
location: https://blog.paleohacks.com/banana-flour/
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.14.0 + Phusion Passenger 5.3.5
status: 302 Found
transfer-encoding: chunked
vary: Origin
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-powered-by: Phusion Passenger 5.3.7
x-request-id: 759fd068-4f5c-46ae-a066-26db403b028c
x-runtime: 0.030676
x-xss-protection: 1; mode=block

GET
H2 200 cookie-popup.min.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/ 0
165 B 33ms
29ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/cookie-popup.min.css?ver=5.5.12
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Jul 2023 14:52:51 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 45314
etag: "60d1dffd-0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7e7b1245e83d9130-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Tue, 15 Aug 2023 02:17:37 GMT

GET
H2 200 dashicons.min.css
blog.paleohacks.com/wp-content/cache/min/1/wp-includes/css/ 58 KB
35 KB 41ms
38ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-includes/css/dashicons.min.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82fb2bfb03e32e45794938d1f65920a5340a725751292245d3de07ee8a8df0a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
age: 246048
etag: W/"643966cb-e6e4"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e7b1245e8429130-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 12 Aug 2023 18:32:03 GMT

GET
H2 200 shared-counts.min.css
blog.paleohacks.com/wp-content/plugins/Shared-Counts-develop/assets/css/ 26 KB
3 KB 51ms
48ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/Shared-Counts-develop/assets/css/shared-counts.min.css?ver=1.4.0
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21f25f7bc7b9666cbf2a6dff9d5e82c5f8ca9b60afda6726fa78e8f80ab32f56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 07 Oct 2019 15:03:04 GMT
server: cloudflare
age: 2424564
etag: W/"5d9b53a8-6886"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e7b1245e8479130-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Jul 2023 13:23:27 GMT

GET
H2 200 style.min.css
blog.paleohacks.com/wp-includes/css/dist/block-library/ 53 KB
8 KB 39ms
36ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.12
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Oct 2020 19:09:15 GMT
server: cloudflare
age: 45314
etag: W/"5f7cc0db-d293"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e7b1245e84a9130-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 15 Aug 2023 02:17:37 GMT

GET
H2 200 style.min.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/ 187 KB
17 KB 36ms
33ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/style.min.css?ver=2.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa575e81bbad973d7554e7c58ca906b97472bd692566c3e79f27385f08d63ca1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 558127
etag: W/"60d1dffd-2ea5c"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e7b1245e84c9130-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 09 Aug 2023 03:50:44 GMT

GET
H2 200 font-awesome.min.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/font-awesome/css/ 31 KB
7 KB 55ms
51ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/font-awesome/css/font-awesome.min.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 339a321657ecb6479c45f7cec906302d7674934d0d2c7ae10053c395d866eca1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
age: 246048
etag: W/"643966cb-7b13"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e7b1245e84d9130-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 12 Aug 2023 18:32:03 GMT

GET
H2 200 fonts.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/ 3 KB
384 B 55ms
52ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/css/fonts/fonts.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c4491ff4342be2c096f05e243edd6fb1f26194269a5011adbf8076bf148bf58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
age: 246048
etag: W/"643966cb-a81"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e7b1245e8509130-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 12 Aug 2023 18:32:03 GMT

GET
H2 200 front.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/other-popular-articles/assets/css/ 729 B
352 B 33ms
30ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/other-popular-articles/assets/css/front.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c9fe2628c371c8c54d05fa9dd406fc21a6d25f6d0261092e37243205efc639b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
age: 246048
etag: W/"643966cb-2d9"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e7b1245e8529130-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 12 Aug 2023 18:32:03 GMT

GET
H2 200 style.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/paleohacks-tools-soften-it/assets/css/ 2 KB
803 B 35ms
32ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/paleohacks-tools-soften-it/assets/css/style.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3c230ff5a72ffe0510f19977e0736c7370056def5536e94085875756675ea84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 246048
cf-polished: origSize=2221
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
etag: W/"643966cb-8ad"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e7b1245e8539130-FRA
expires: Sat, 12 Aug 2023 18:32:03 GMT

GET
H2 200 twitter-feed.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/wp-to-twitter/css/ 1 KB
529 B 55ms
52ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/wp-to-twitter/css/twitter-feed.css?ver=1681483467
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 344d96950041cacaaa662fd937221ead75dbc7d565d7e0ed7bd62e6a65d85c04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 246048
cf-polished: origSize=1466
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:27 GMT
server: cloudflare
etag: W/"643966cb-5ba"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e7b1245e8549130-FRA
expires: Sat, 12 Aug 2023 18:32:03 GMT

GET
H2 200 css
fonts.googleapis.com/ 23 KB
1 KB 87ms
35ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%7CSatisfy&ver=1.2.0&display=swap

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

896b044a707a1efded250dc66dee47b0cf24ec64beb0fb3f6a5c9be70c80a539

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 14:52:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Jul 2023 14:52:51 GMT

GET
H2 200 mai-theme.min.css
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/ 74 KB
14 KB 57ms
54ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/mai-theme.min.css?ver=1.11.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3c9181e83a24ce8fd1aedc13a573daded27c8677a50cf879fbee552798158be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:06:36 GMT
server: cloudflare
age: 1967442
etag: W/"606c5cdc-1264a"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e7b124608759130-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 23 Jul 2023 20:22:09 GMT

GET
H2 200 flexington.min.css
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/ 93 KB
8 KB 56ms
53ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/css/flexington.min.css?ver=2.5.0
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18dd8449dd7bd05b1b1a8a1640218993802b7e73a218b75c05acf5c9b47d6082

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:06:36 GMT
server: cloudflare
age: 1967442
etag: W/"606c5cdc-174c5"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e7b124608779130-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 23 Jul 2023 20:22:09 GMT

GET
H2 200 style.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/simple-social-icons/css/ 1 KB
453 B 55ms
53ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/simple-social-icons/css/style.css?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 315c4601aeb913aecb4f659c9a9748bd163bb881867c5f6211578667bcc43cb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 246048
cf-polished: origSize=1055
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
etag: W/"643966cc-41f"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e7b124608799130-FRA
expires: Sat, 12 Aug 2023 18:32:03 GMT

GET
H2 200 jquery-ui.min.css
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/ 43 KB
8 KB 59ms
57ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/css/jquery-ui.min.css?ver=5.5.12
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7104243950b6eff64b0d4d1fa98d354ae07a9605bb31dab31a488c765b32d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 45314
etag: W/"60d1dffd-ac08"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e7b1246087b9130-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 15 Aug 2023 02:17:37 GMT

GET
H2 200 sspop.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/css/ 3 KB
1 KB 55ms
53ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/css/sspop.css?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb2032a0b90cb58dc7bae39580e26c34a7b44d3aad4fb088f965e32ae8196822

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 246048
cf-polished: origSize=3500
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
etag: W/"643966cc-dac"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e7b1246087d9130-FRA
expires: Sat, 12 Aug 2023 18:32:03 GMT

GET
H2 200 style.css
blog.paleohacks.com/wp-content/cache/min/1/wp-content/themes/paleohacks/ 22 KB
5 KB 56ms
54ms Stylesheet
text/css 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/themes/paleohacks/style.css?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b51d8339e2e6ed036a3564bb0a3a4043b8ef5f772763ff4f4f4b92f54d2ddfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 246048
cf-polished: origSize=22749
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
etag: W/"643966cc-58dd"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7e7b1246087f9130-FRA
expires: Sat, 12 Aug 2023 18:32:03 GMT

GET
H2 200 jquery.js Show response
blog.paleohacks.com/wp-includes/js/jquery/ 95 KB
34 KB 62ms
60ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 23 Aug 2019 16:00:11 GMT
server: cloudflare
age: 337613
cf-polished: origSize=96873
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b124608809130-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 19 Jul 2023 17:05:58 GMT

GET
H3 200 service-facebook-pixel.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 53 B
330 B 29ms
28ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/service-facebook-pixel.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b831509c9907934028f980287d38cbee3b89644e7133c2f4b8b7c5dfca476aed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 153412
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12465ed29bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 20:15:59 GMT

GET
H3 200 634.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/856/public/assets/js/ 11 KB
4 KB 32ms
32ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/856/public/assets/js/634.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7dfd098effc4b854d5fcf8e7d2e39d0cc0e6a103642f97d724c438e515b9b71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 153412
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12466ef29bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 20:15:59 GMT

GET
H3 200 gtm4wp-form-move-tracker.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/duracelltomi-google-tag-manager/js/ 1 KB
536 B 35ms
31ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0380b273ec272e5f5235a704cc3fc8e3cb33e851bfeaef149b0f23a1edaec13f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 149017
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12467efb9bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 21:29:14 GMT

GET
H3 200 675.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/assets/ 5 KB
2 KB 33ms
29ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/assets/675.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c62d51aaf287fa88754ecf89dbca0cd85f151d2562a6f931afd060480b3adc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 204229
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12467f009bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 06:09:02 GMT

GET
H3 200 svgxuse.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/simple-social-icons/ 4 KB
2 KB 36ms
31ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/simple-social-icons/svgxuse.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5af66875dcaa4376a37580dec17528f5c1348d104a3a7b949ab7228f942f73c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 153412
cf-polished: origSize=3843
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12467f029bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 20:15:59 GMT

GET
H3 200 cookie-list.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 910 B
646 B 50ms
45ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/cookie-list.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 182d05c838e393157143b9aa48ae92cb00c8b6442e0a865149444e9f420991d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 153412
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12467f039bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 20:15:59 GMT

GET
H3 200 653.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/33/881/775/ 90 KB
27 KB 53ms
49ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/33/881/775/653.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72ee83d94662d5c74646c88116b893ed59e98d9ec960433ab0e66f3481517289

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 153412
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12467f059bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 20:15:59 GMT

GET
H3 200 dtag.js Show response
blog.paleohacks.com/wp-content/cache/min/1/paleohacks/ 3 KB
2 KB 36ms
32ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/paleohacks/dtag.js?ver=1681483468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e5d5ef6607f115fb2745bb10dbbf0866820e13c3a1b90c87a3eddef3758d232

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:28 GMT
server: cloudflare
age: 234475
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12467f069bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 20 Jul 2023 21:44:56 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 93ms
20ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

568c36edcccc8be7e3219f747d479ae3dd688c4c165ec5c102aaf768cbbd811e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blog.paleohacks.com/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 16 Jul 2023 14:52:51 GMT
content-md5: ACNBgCZqbODcuhQtVtma4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-debug: I8xtTPLVW3BAA39R1Xh093f751JggTpQ4KZz8sK7EeZzJj9jkGoua5XFt1Kle6kXZ86PRpXRr+MewLs60hkr/A==
x-fb-content-md5: 2a7d07896ad086decc1661625269919b
cross-origin-opener-policy: same-origin-allow-popups
etag: "d077413e633ca267b68e97f57948406a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 16 Jul 2023 15:09:29 GMT

GET
H3 200 gpt.js Show response
blog.paleohacks.com/wp-content/cache/min/1/tag/js/ 78 KB
27 KB 71ms
66ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/tag/js/gpt.js?ver=1681483469
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23bdea452f4ec5b686ace95399e60903426e9fa7352600c25b040f07c1eef325

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:29 GMT
server: cloudflare
age: 153412
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12467f079bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 20:15:59 GMT

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 102 KB
38 KB 151ms
52ms Script
text/javascript 23.52.120.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CUG3G308

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-120-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5785929e6ad36f1b35ea4d96892e6d58864a733446f5ce6d6dfd16c9c82d6212

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-mnt-h: 21-gzkn
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 16 Jul 2023 14:52:51 GMT
server: Apache
etag: "02672f915d2d42451105dac549134a7d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-ks67
timing-allow-origin: *
content-length: 38767
expires: Sun, 16 Jul 2023 14:57:51 GMT

GET
H3 200 pinit.js Show response
blog.paleohacks.com/wp-content/cache/min/1/js/ 360 B
467 B 74ms
70ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/js/pinit.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b99d80835f66e8ccd6d6f6efec14101447ae061febd873c06f0bef9ba50786c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 153412
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12467f099bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 20:15:59 GMT

GET
H3 200 cookie-popup.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 14 KB
3 KB 36ms
32ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/ct-ultimate-gdpr/assets/js/cookie-popup.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6102f07ce192d8f1e61b0a2e449a916e5d4d240dc47ab993fa1b39a5cdbcd84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 153412
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12467f0a9bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 20:15:59 GMT

GET
H3 200 jquery.base64.min.js Show response
blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/ 2 KB
931 B 86ms
82ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/ct-ultimate-gdpr/assets/js/jquery.base64.min.js?ver=2.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49416531519583e597dccc3856da2fa093b5e739baf9fda442b7047309e7f51c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 13:05:01 GMT
server: cloudflare
age: 320447
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12467f0b9bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 19 Jul 2023 21:52:04 GMT

GET
H3 200 shared-counts.min.js Show response
blog.paleohacks.com/wp-content/plugins/Shared-Counts-develop/assets/js/ 2 KB
1 KB 86ms
82ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/Shared-Counts-develop/assets/js/shared-counts.min.js?ver=1.4.0
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79148d3b353f75f4b122ec75e03dd4470a1878599a5f148123f103cfdae350ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 07 Oct 2019 15:03:04 GMT
server: cloudflare
age: 276961
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12467f0c9bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 20 Jul 2023 09:56:49 GMT

GET
H3 200 front.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/other-popular-articles/assets/js/ 259 B
411 B 49ms
45ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/other-popular-articles/assets/js/front.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ede43b2ddb8f3b09a9062582da8619e3ade3da54e8e20c089848328488f0530a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 153412
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12467f0d9bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 20:15:59 GMT

GET
H3 200 popup.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/paleohacks-tools-soften-it/assets/js/ 2 KB
951 B 87ms
83ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/paleohacks-tools-soften-it/assets/js/popup.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f34b136e79d860a61095e1596b6a8a39b38c73d8bf4449daf6968d90386338c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 153412
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12467f0e9bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 20:15:59 GMT

GET
H3 200 556.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/578/public/assets/js/ 4 KB
1 KB 87ms
83ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/578/public/assets/js/556.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd37e2cd931803994ea8f76c16d3d81aa0aa6d6488a049df19c78a078043c8bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 153412
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12467f0f9bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 20:15:59 GMT

GET
H3 200 comment-reply.min.js Show response
blog.paleohacks.com/wp-includes/js/ 3 KB
1 KB 50ms
46ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/comment-reply.min.js?ver=5.5.12
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 11:54:45 GMT
server: cloudflare
age: 369228
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12467f109bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 19 Jul 2023 08:19:03 GMT

GET
H3 200 hoverIntent.min.js Show response
blog.paleohacks.com/wp-includes/js/ 1 KB
714 B 35ms
31ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-includes/js/hoverIntent.min.js?ver=1.8.1
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 495d2f8c8b7f1bbd664c2c10c086a644e63e4934b9734813b27956a34709eea4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 11:54:45 GMT
server: cloudflare
age: 338654
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12467f129bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 19 Jul 2023 16:48:37 GMT

GET
H3 200 superfish.min.js Show response
blog.paleohacks.com/wp-content/themes/genesis/lib/js/menu/ 4 KB
2 KB 50ms
46ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/themes/genesis/lib/js/menu/superfish.min.js?ver=1.7.10
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Oct 2020 19:10:24 GMT
server: cloudflare
age: 79201
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12467f139bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 22 Jul 2023 16:52:50 GMT

GET
H3 200 skip-links.min.js Show response
blog.paleohacks.com/wp-content/themes/genesis/lib/js/ 386 B
443 B 51ms
46ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/themes/genesis/lib/js/skip-links.min.js?ver=3.3.3
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Oct 2020 19:10:24 GMT
server: cloudflare
age: 276961
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12467f149bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 20 Jul 2023 09:56:49 GMT

GET
H3 200 mai-theme.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 10 KB
3 KB 51ms
47ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/mai-theme.min.js?ver=1.11.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdef9d92aa1c5e9d8e409303f5ee38caceeecf3c1bdbf6e2f7bec8fe273dd596

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:06:36 GMT
server: cloudflare
age: 366680
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12467f169bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 19 Jul 2023 09:01:31 GMT

GET
H3 200 basic-scroll.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 10 KB
3 KB 87ms
83ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/basic-scroll.min.js?ver=3.0.2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 508c6c8665bb4da4b211a97cdc3b2e791109204f82265d6af2eb79c51b61e014

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:06:36 GMT
server: cloudflare
age: 537055
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12467f189bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Jul 2023 09:41:55 GMT

GET
H3 200 mai-scroll.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 4 KB
1 KB 88ms
84ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/mai-scroll.min.js?ver=1.11.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6e7fcc13e9fa0b4541bf314c25c54bf91807667df0a57d7cf30a554a7c00cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:06:36 GMT
server: cloudflare
age: 511112
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12467f1a9bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Jul 2023 16:54:19 GMT

GET
H3 200 fitvids.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 2 KB
947 B 89ms
85ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/fitvids.min.js?ver=1.2.0
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 150cbe5c514aa70efcd179127476f4f5451db2ed4d033c0608afabdf9d18ec92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:06:36 GMT
server: cloudflare
age: 79201
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12467f1c9bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 22 Jul 2023 16:52:50 GMT

GET
H3 200 fitvids-init.min.js Show response
blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/ 68 B
284 B 89ms
85ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/mai-theme-engine/assets/js/fitvids-init.min.js?ver=1.11.9
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1414a599611253b31746e91b77f168573dbb42cc13a705fd72104a7eaca15e93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:06:36 GMT
server: cloudflare
age: 338654
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12467f1e9bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 19 Jul 2023 16:48:37 GMT

GET
H3 200 sdk.js Show response
blog.paleohacks.com/wp-content/cache/min/1/en_US/ 2 KB
1 KB 89ms
85ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/en_US/sdk.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0943b32c80a724a40de925f3fa31c502829263cf2ebd090d3606cdbd0b32ed6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 153412
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12467f1f9bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 20:15:59 GMT

GET
H3 200 sspop.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/js/ 3 KB
1 KB 89ms
85ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/js/sspop.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2681704b7a1a7233c8030f22511b5598fa4b03ba2c3a19e8689b4c4ec75a080e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 153412
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12467f219bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 20:15:59 GMT

GET
H3 200 ea-share-count-support.js Show response
blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/js/ 3 KB
1 KB 89ms
85ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/plugins/social_share_popup/assets/js/ea-share-count-support.js?ver=1681483470
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e2bf21ab87ae83d5a2cb0f9ae0373e8eeb2ed0b7fb86ef8b4165a4bd381cf93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:44:30 GMT
server: cloudflare
age: 153412
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12467f229bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 20:15:59 GMT

GET
H3 200 lazyload.min.js Show response
blog.paleohacks.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 89ms
85ms Script
application/javascript 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 13:07:28 GMT
server: cloudflare
age: 112234
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 7e7b12467f249bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 22 Jul 2023 07:42:16 GMT

GET
H2 200 universal-script Show response
178194.tracking.hyros.com/v1/lst/ 0
0 372ms
113ms Script
text/javascript 54.84.34.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://178194.tracking.hyros.com/v1/lst/universal-script?ph=be1460aad6057c7a1655c8e1f69701db974993aa8c5a8087d36bd921dbbd93db&tag=!tracking
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.84.34.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-34-30.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 92ms
21ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 16 Jul 2023 14:52:51 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46863
x-xss-protection: 0
pragma: public
x-fb-debug: WTeR5psyAXo08LAsM0gIXFav+i0+fnCipNqMZi5U7ZHYNLgAeLVoILpwmwFP0MhOQXZuEqJwvMZw9ZcuD8mbSw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
27 KB 146ms
93ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3778db145d554b020756d03a8192589071f572fdcb8519ecd5e6121c4abb7807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27631
x-xss-protection: 0
server: cafe
etag: 871 / 19554 / 31076056 / config-hash: 3977741291496309648
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 14:52:51 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 230 KB
82 KB 86ms
34ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3af50e45830b03f9df25e4a5eb082b420f750b5ad4711f802ec44a0bfd21ddd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83614
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 16 Jul 2023 14:52:51 GMT

GET
H3 200 symbol-defs.svg
blog.paleohacks.com/wp-content/plugins/simple-social-icons/ 19 KB
8 KB 89ms
86ms Other
image/svg+xml 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.paleohacks.com/wp-content/plugins/simple-social-icons/symbol-defs.svg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 194388578fe16a8f6d0790e1af9f6f935a03b3ecb8d7620f0ebca642761ebc88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 May 2020 13:04:10 GMT
server: cloudflare
age: 2314663
etag: W/"5ebd41ca-4b81"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
cf-ray: 7e7b12467f259bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 19 Jul 2023 19:55:08 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00b2af963104a4dd04e77c1013957d37b0b43c86ba566301e77ab9a3e015280a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ed2cc414480e507b884d3c2faefa876fef943440c9d260933eebaf781ac4d87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73b749b1f5bc98174ea385921e3f5b1ad518875088115f30c90807560cc202f3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a108be93e8ddf9fce244196e866adde603fb715eafb8632fc36e733dba6edbb1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd9b87d55605377b0545c4a642642fb1894f7f0b8b126ebab66ea914f9cca5b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e39939fe91bd41a65718a11a214fa9deac666a27742ed1d93847adb8708d571

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d6b310f89eaefa96644416c97e17cdee8c59db98a544c6aebe3f287efc900ac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f464ef7c0b366ff00e2f023cb6b48112306212648e451ddf16be40c2b99d639

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02f64ee610b067e74b7a42948c410fbc0e438d53f6d8f4e16afc3594d73745

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77abf03c0a5a320d7084b12a197eae47c79668686f86ee495d47656a6a063e82

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae51a9c8736b2eb82927ccdbdf3dc9db08c7a6b9db0fc2ffb4f4ce00d8af5760

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS /
api.ipify.org/ Frame 0
0

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eec370d7b4f63ff91eb68db608b448a1cd41412b4b1d4d207d2a0230e6000e7b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c2518efba0a997390ac9494a1d92d74a4bb615aec8296f85eb9f2cc0aa940c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87287076f288a27750d0c3737c4624bd59357c5b638cdf3f27f1763d85cd4a2f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET /
api.ipify.org/ 0
0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 68ms
20ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%7CSatisfy&ver=1.2.0&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 00:21:44 GMT
x-content-type-options: nosniff
age: 138667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 00:21:44 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v35/ 49 KB
49 KB 90ms
49ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%7CSatisfy&ver=1.2.0&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 12:23:10 GMT
x-content-type-options: nosniff
age: 95381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50440
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:13:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 12:23:10 GMT

GET
H2 200 unified-tag.js Show response
cdn.attn.tv/tag/4-latest/ 120 KB
41 KB 120ms
35ms Script
application/javascript 2600:9000:211a:9600:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/paleohacks/dtag.js?ver=1681483468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9600:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0501644c966efc9655ef4b023f535f79aa241f23553c6f92f100f68dcc46b04a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: N_slChsDOx5ivg_e0Kq_1tOLsE9GKG_k
content-encoding: gzip
via: 1.1 3cf68d8be617999c7beade955cf69ddc.cloudfront.net (CloudFront)
date: Sun, 16 Jul 2023 14:49:44 GMT
x-amz-cf-pop: VIE50-C2
age: 189
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 13 Jul 2023 17:15:04 GMT
server: AmazonS3
etag: W/"5ee612ab5a0233f4a1f13e859f8eb3f9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
x-amz-cf-id: p8weu50_7oszKLkb0FRD997UgxpSVIDuhHAm4lL_TNF_zmByDus8JA==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/ 399 KB
124 KB 97ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/tag/js/gpt.js?ver=1681483469

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d1a754922199186d43c7e76757eddaeb26e350387294e0f69ac574bc54914f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 17:49:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75807
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126556
x-xss-protection: 0
server: cafe
etag: 15138777047932052885
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 14 Jul 2024 17:49:24 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 76 B
604 B 271ms
219ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=blog.paleohacks.com

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/tag/js/gpt.js?ver=1681483469

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fcc89ee1dcff30a72b389ba5afdc255829e83db910b0b1f3351af881f83c5ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
x-xss-protection: 0
expires: Sun, 16 Jul 2023 14:52:51 GMT

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
19 KB 148ms
33ms Script
application/javascript 2a02:26f0:3500:889::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.34079850560229463
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/js/pinit.js?ver=1681483470
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:889::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "3725764cf05d1a0938de73d398772331"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=169
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 18679

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 307 KB
87 KB 21ms
19ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=c962fc63a14114fac723739ec1c75b88

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/en_US/sdk.js?ver=1681483470

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2691ff5c69e5cd519b9d3791a0b06f1a4fe885282918b40c07fd346ad99340d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blog.paleohacks.com/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 16 Jul 2023 14:52:51 GMT
content-md5: quxLeffnUgHireBztjy1lg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88742
x-fb-debug: EKN2o1IC7cIONQJqZh/hu+42of9lGLUmE1i3xhhR2jbfR9qGjG3Gf+vN2Fui96p5bIxuE9xzPNq5egac/diTOg==
x-fb-content-md5: 2739ccf8f8bbc66d10ea0110bd2f5bd0
cross-origin-opener-policy: same-origin-allow-popups
etag: "e5a2c7c92758e61232e0a8dc378f1b9b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 05 Jul 2024 00:52:55 GMT

POST
H3 200 admin-ajax.php Show response
blog.paleohacks.com/wp-admin/ 16 KB
3 KB 1326ms
1325ms XHR
application/json 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.paleohacks.com/wp-admin/admin-ajax.php

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.23

Resource Hash

138ad24c1e4353936a58692dd720c67bc6e1b43f04e07f6b831413e8e6c16212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://blog.paleohacks.com/banana-flour/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 16 Jul 2023 14:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-powered-by: PHP/7.3.23
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/json; charset: utf-8
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 7e7b1247686a9bf2-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 admin-ajax.php Show response
blog.paleohacks.com/wp-admin/ 2 KB
899 B 768ms
768ms XHR
text/html 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.paleohacks.com/wp-admin/admin-ajax.php?action=display_popular_articles&_=1689519171574

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.23

Resource Hash

d51635c7b6e1da07507b989af89fda2b4781981b30c52100149fa5566b59275b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://blog.paleohacks.com/banana-flour/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.23
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
cf-ray: 7e7b124768729bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 1143227772537202 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 21ms
21ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1143227772537202?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

71eacb00b1b1bf9b89ed907376dbc072a9b31f88cf9b3a0dc3c16b40d42b1a35

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 16 Jul 2023 14:52:51 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110026
x-xss-protection: 0
pragma: public
x-fb-debug: TwGByCyTT06ktZ+N24CnLCwOtJQ9s+DaFSeMqVbzji2kjpdTbdidocUtafE1C01rPIFOgvoSm8eQVV5R2jROzw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 logo.png
blog.paleohacks.com/wp-content/uploads/2015/10/ 2 KB
2 KB 30ms
29ms Image
image/webp 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2015/10/logo.png
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83685ec127cc7475c7a3649e73986c90d87d037247409d80423f5caceed4681e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
cf-cache-status: HIT
age: 2052096
cf-polished: origFmt=png, origSize=1719
content-disposition: inline; filename="logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1536
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 09 Nov 2019 16:35:00 GMT
server: cloudflare
etag: "5dc6eab4-6b7"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7e7b1247e90b9bf2-FRA
expires: Sat, 22 Jul 2023 20:51:15 GMT

GET
H3 200 cookbook-opt-in1.jpg
blog.paleohacks.com/wp-content/uploads/2015/08/ 15 KB
15 KB 30ms
29ms Image
image/webp 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2015/08/cookbook-opt-in1.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfc98d46b8948bdd10ecef95fe6292a8bfabac6782a441f6759b8bf9f5361af4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
cf-cache-status: HIT
age: 196961
cf-polished: qual=85, origFmt=jpeg, origSize=19662
content-disposition: inline; filename="cookbook-opt-in1.webp"
alt-svc: h3=":443"; ma=86400
content-length: 15536
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 09 Nov 2019 16:20:14 GMT
server: cloudflare
etag: "5dc6e73e-4cce"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7e7b1247e90e9bf2-FRA
expires: Sun, 13 Aug 2023 08:10:09 GMT

GET
H3 200 beginners-book-143x150.png
blog.paleohacks.com/wp-content/uploads/2018/06/ 8 KB
9 KB 31ms
30ms Image
image/webp 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2018/06/beginners-book-143x150.png
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 735b305aadf14dd683363407e953b1eec091e541f8d6172d459454e40d7074c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
cf-cache-status: HIT
age: 196961
cf-polished: origFmt=png, origSize=9206
content-disposition: inline; filename="beginners-book-143x150.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8628
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sun, 10 Nov 2019 01:55:00 GMT
server: cloudflare
etag: "5dc76df4-23f6"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7e7b1247e90f9bf2-FRA
expires: Sun, 13 Aug 2023 08:10:10 GMT

GET
H3 200 Banana-Flour-A-Resistant-Starch-and-Gluten-Free-Alternative.jpg
blog.paleohacks.com/wp-content/uploads/2017/02/ 95 KB
96 KB 735ms
735ms Image
image/jpeg 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2017/02/Banana-Flour-A-Resistant-Starch-and-Gluten-Free-Alternative.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc7c89d48f0c4cb341429f9906c10b70c459f6cfe1a8cb965f6607bd0d3805c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Sun, 16 Jul 2023 14:52:52 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Jul 2018 07:13:59 GMT
server: cloudflare
etag: "5b518bb7-17db4"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7e7b1247e9109bf2-FRA
alt-svc: h3=":443"; ma=86400
content-length: 97716
expires: Tue, 15 Aug 2023 14:52:52 GMT

GET
H3 200 instant-pot-vs-slow-cooker-the-difference-and-which-is-better-3-350x263.jpg
blog.paleohacks.com/wp-content/uploads/2020/12/ 10 KB
10 KB 48ms
47ms Image
image/webp 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2020/12/instant-pot-vs-slow-cooker-the-difference-and-which-is-better-3-350x263.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0128e563cfdd4beabe1edf1488c57094072f85cec6219dd04a3fb2be5d37cf84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
cf-cache-status: HIT
age: 255601
cf-polished: qual=85, origFmt=jpeg, origSize=13651
content-disposition: inline; filename="instant-pot-vs-slow-cooker-the-difference-and-which-is-better-3-350x263.webp"
alt-svc: h3=":443"; ma=86400
content-length: 10232
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 11 Dec 2020 03:23:53 GMT
server: cloudflare
etag: "5fd2e649-3553"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7e7b1247e9119bf2-FRA
expires: Sat, 12 Aug 2023 15:52:50 GMT

GET
H3 200 Breadfruit-Flour-350x263.jpg
blog.paleohacks.com/wp-content/uploads/2020/10/ 14 KB
14 KB 48ms
47ms Image
image/jpeg 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2020/10/Breadfruit-Flour-350x263.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 869d3767805b1c7b11b2df755e7cb769ee1b450553d87c374e19cb535a6afd2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
cf-cache-status: HIT
age: 2345361
cf-polished: degrade=85, origSize=19193, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 13929
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Tue, 20 Oct 2020 21:03:53 GMT
server: cloudflare
etag: "5f8f50b9-4af9"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7e7b1247e9129bf2-FRA
expires: Wed, 19 Jul 2023 11:23:30 GMT

GET
H3 200 The-14-Day-Keto-Meal-Plan800-350x263.jpg
blog.paleohacks.com/wp-content/uploads/2020/09/ 30 KB
31 KB 31ms
30ms Image
image/webp 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2020/09/The-14-Day-Keto-Meal-Plan800-350x263.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3e0e5db2674fb727b63871f299ea9f146ce45e3e3ed0c583f4ffdfb6fafb7ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
cf-cache-status: HIT
age: 1919220
cf-polished: qual=85, origFmt=jpeg, origSize=36409
content-disposition: inline; filename="The-14-Day-Keto-Meal-Plan800-350x263.webp"
alt-svc: h3=":443"; ma=86400
content-length: 30954
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Thu, 17 Sep 2020 22:14:02 GMT
server: cloudflare
etag: "5f63dfaa-8e39"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7e7b1247e9139bf2-FRA
expires: Mon, 24 Jul 2023 09:45:51 GMT

GET
H3 200 The-12-Best-Low-Carb-Vegetables-and-Their-Benefits744.jpg
blog.paleohacks.com/wp-content/uploads/2019/03/ 73 KB
73 KB 49ms
48ms Image
image/webp 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2019/03/The-12-Best-Low-Carb-Vegetables-and-Their-Benefits744.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 755313ac3cb953d818fd8f3344a3ebf9fd2101223dffa2278b5499e927f9a574

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
cf-cache-status: HIT
age: 196960
cf-polished: qual=85, origFmt=jpeg, origSize=109440
content-disposition: inline; filename="The-12-Best-Low-Carb-Vegetables-and-Their-Benefits744.webp"
alt-svc: h3=":443"; ma=86400
content-length: 74830
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Mon, 11 Nov 2019 20:19:53 GMT
server: cloudflare
etag: "5dc9c269-1ab80"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7e7b1247e9159bf2-FRA
expires: Sun, 13 Aug 2023 08:10:11 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/955239029/ 3 KB
2 KB 108ms
59ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/955239029/?random=1689519171824&cv=11&fst=1689519171824&bg=ffffff&guid=ON&async=1&gtm=45He37c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fblog.paleohacks.com%2Fbanana-flour%2F&hn=www.googleadservices.com&frm=0&tiba=Banana%20Flour%3A%20A%20Resistant%20Starch%20and%20Gluten-Free%20Alternative&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bad17ddbff16df3f3c548506f07972f662831f2847beb1f31115d19178bbcd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1340
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 64ms
18ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 16 Jul 2023 13:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6494
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 16 Jul 2023 15:04:37 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 3 KB
2 KB 54ms
54ms Script
application/javascript 2a02:26f0:3500:889::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:889::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 101365ad0e2eb2eb542c6137bbd44dc947123d1791d9cbcf29e062ffe6001ef4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "b40a83df6a03e235c87b1039ceb02375"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1457

GET
H2 200 jquery-3.5.1.min.js Show response
track.mypaleorecipe.com/js/ 87 KB
32 KB 590ms
511ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Nov 2021 03:31:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"15d86-5d052be3dfc43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6iBBweJ59W0mP5djUV6ylydmxTj3RKNt%2BJFny%2F0zlX2CkDb535pKyWhP7nlhZWyLimJoMVB3cyowCuyNr%2FG0mBCFqLuyy1Z589xmkKlNMZ5FdDMsXY0dQikicZhim%2B49zWICgtVzlniUn0LgEQ3JyIdXAA2ZUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e7b12488cd39a30-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 52 KB
18 KB 68ms
20ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3537aca32fd9019a921a280a6cb8ee3ee9e7443dc14dd04ed24486a04704203d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:32:48 GMT
content-encoding: gzip
age: 4803
x-guploader-uploadid: ADPycdvuqGwm-SuQdGyYjKYEfiIZaqVYfqFgvlYcdKyWuIvVC9_07nSJoiXTWhaev9m4xp8G1C1DaZI7mUjLbDMhX5sB1Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17969
last-modified: Fri, 05 May 2023 17:33:19 GMT
server: UploadServer
etag: "6eb612a000fc103e2769e576a68fc412"
vary: Accept-Encoding
x-goog-generation: 1683307999305716
x-goog-hash: crc32c=6XUl6A==, md5=brYSoAD8ED4naeV2po/EEg==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=86400
x-goog-stored-content-length: 17969
accept-ranges: bytes
expires: Mon, 17 Jul 2023 13:32:48 GMT

GET
H2 200 dtag.js Show response
cdn.attn.tv/paleohacks/ 3 KB
2 KB 1360ms
1360ms Script
text/javascript 2600:9000:211a:9600:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/paleohacks/dtag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9600:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b47e2b5d041b401f4d6dc04b120f9ada18fdd87dc40f2c764879a7c7c5a2f93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: Y4H_bTaFBWRi9GimSEzzR9Px4JwIrNub
content-encoding: gzip
via: 1.1 3cf68d8be617999c7beade955cf69ddc.cloudfront.net (CloudFront)
date: Sun, 16 Jul 2023 14:52:54 GMT
last-modified: Wed, 08 Feb 2023 20:56:10 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
x-amz-server-side-encryption: AES256
etag: W/"d943f1634cc781ba4142fc11b4ba2cd4"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: public, max-age=120
x-amz-replication-status: COMPLETED
x-amz-cf-id: MOaS-2ql3aGmzcmYUQrwG9pjt5VOr_hu7e9UOJ8D2BXYBcYgb9zAgw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
79 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QMKQQWEFHC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a0a04db7e330c2885c8856fe413ecf639cf4b96b597c25716557306da964c00c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81114
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 16 Jul 2023 14:52:51 GMT

GET
H2 200 smtr Show response
contextual.media.net/ 78 KB
29 KB 329ms
329ms Script
text/javascript 23.52.120.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?&KQ=-qdWn-JhkZ7iBYqP6J%243P&kkdd=Ah%7C3%7C*9HnA&*q=l)U(3l(lIllxU)f(3Uf&AW8C=l&k68Y=V&B6Ki=9l()&KqW=Uw_FxFxVU&K8KW=TrdrKsMdGR*r*I8-ra5OaM%3D%3D&KCqW=Ip))3Ip3U&6qei=xVV1p3V&KK=7o&6K=Lo&bBB86=l&CiDyCP=bBB86%3A%2F%2FQPnAJ8YPinbYKO6JKnk%2FQYdYdYg0PnyC%2F&d6i=3&P-=l&yAW=f&OBBPi=uYdYdY%20cPnyC%3A%20v%20ai6q6BYdB%204BYCKb%20YdW%20FPyBidgcCii%20vPBiCdYBq*i&kK0=pI)p3&8AqW=8V3(pllff3UBpVpxVIl)lf3p&dQ=l

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUG3G308

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-120-27.deploy.static.akamaitechnologies.com

Software

Resource Hash

94e38c493dba66c3e909c9d7dbe7046710d29cf933ebe70fb0b0d986018c66d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
x-sc-h: 22-me6t
content-length: 29473
expires: Sun, 16 Jul 2023 14:52:52 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 32BA 15 KB
6 KB 43ms
42ms Document
text/html 23.52.120.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CUG3G308&https=1&itype=CM

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-120-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c833f74357d565730d9c30fff3e8fd9a8c3fb0d6ed6a39e0312f42c291977ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=135781
content-encoding: gzip
content-length: 5916
content-type: text/html; charset=UTF-8
date: Sun, 16 Jul 2023 14:52:51 GMT
expires: Tue, 18 Jul 2023 04:35:52 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK bping.php
lg3.media.net/ 35 B
338 B 120ms
37ms Image
image/gif 23.212.88.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=553&&vgd_cdv=1012&vgd_cage=4&vgd_tsce=L196&vgd_mcf=27625&gdpr=1&mspa=0&prid=8PRHGG6T9&cid=8CUG3G308&crid=726657258&vi=1689519171138649584&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=170785163&r=1689519171855&requrl=https%3A%2F%2Fblog.paleohacks.com%2Fbanana-flour%2F&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=31103&vgd_rakh=1689519171137373100&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fdmedianet.js&vgd_pgid=p0592114458t202307161452&vgd_pgids=1&vgd_uspa=0&hvsid=00001689519171851036481827843774&gdpr=1&mspa=0&vgd_l2type=scs_newfl&vgd_end=1

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-88-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Sun, 16 Jul 2023 14:52:51 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Sun, 16 Jul 2023 14:52:51 GMT

GET
H2 200 / Show response
paleohacks.attn.tv/d/ 5 B
257 B 203ms
134ms Fetch
application/json 172.64.150.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleohacks.attn.tv/d/?attn_vid=45aa8b4c2ad54dfe8c2d934b57481140
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: *
x-envoy-upstream-service-time: 4
cf-ray: 7e7b1248dac04504-TXL
alt-svc: h3=":443"; ma=86400

POST
H2 200 e
events.attentivemobile.com/ 0
160 B 238ms
165ms Ping
text/plain 104.18.43.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://events.attentivemobile.com/e?v=4.23.31_51b771c9ca&pd=https%3A%2F%2Fblog.paleohacks.com%2Fbanana-flour%2F&u=45aa8b4c2ad54dfe8c2d934b57481140&c=paleohacks&ceid=UsU&lt=1689519171900&tag=modern&cs=3293035839&t=v&r=&m=%7B%22source%22%3A%22a%22%7D&cb=1689519171903
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:52 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain;charset=UTF-8
x-envoy-upstream-service-time: 4
cf-ray: 7e7b1248ed674534-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 85ms
18ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=510626776365517&ev=fb_page_view&dl=https%3A%2F%2Fblog.paleohacks.com%2Fbanana-flour%2F&rl=&if=false&ts=1689519171905&sw=1600&sh=1200&at=

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 16 Jul 2023 14:52:51 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 60ms
19ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1143227772537202&ev=PageView&dl=https%3A%2F%2Fblog.paleohacks.com%2Fbanana-flour%2F&rl=&if=false&ts=1689519171931&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1689519171930.954213528&cs_est=true&it=1689519171773&coo=false&rqm=GET

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 16 Jul 2023 14:52:51 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 paleohacks.attn.tv.js Show response
cdn.attn.tv/growth-tag-assets/client-configs/ 0
383 B 457ms
457ms Script
text/javascript 2600:9000:211a:9600:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/growth-tag-assets/client-configs/paleohacks.attn.tv.js
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9600:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: kGJjc2HxNgGNuk_7UqP1h9o.liqWLb8I
content-encoding
via: 1.1 3cf68d8be617999c7beade955cf69ddc.cloudfront.net (CloudFront)
date: Sat, 15 Jul 2023 18:12:36 GMT
last-modified: Mon, 17 Dec 2018 20:59:49 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
age: 80981
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 0
x-amz-cf-id: H1eKKdsfQ2XK1rbOexzN0fqQTepxY0le1JXJTt_UOemHcnCmGrH5Iw==

GET
H2 200 main.3b72c6cf.js Show response
s.pinimg.com/ct/lib/ 62 KB
18 KB 32ms
32ms Script
application/javascript 2a02:26f0:3500:889::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.3b72c6cf.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:889::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 853bca381644d813e309ed7d034c5da6737aec2741dc28f52e5344cd5baf012d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "35f24de4bd7e8791535207ae982af550"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18006

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:03:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2938
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 16 Jul 2023 15:03:53 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 25ms
25ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=388044752&t=pageview&_s=1&dl=https%3A%2F%2Fblog.paleohacks.com%2Fbanana-flour%2F&ul=en-us&de=UTF-8&dt=Banana%20Flour%3A%20A%20Resistant%20Starch%20and%20Gluten-Free%20Alternative&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAjAAAAACAAI~&jid=1359076694&gjid=979554808&cid=330719655.1689519172&tid=UA-42752472-1&_gid=1668827116.1689519172&_r=1&_slc=1&gtm=45He37c0n81TJTDCJG&cd1=health&cd2=February%2015%2C%202017&cd3=Corey%20Pemberton&cd5=banana-flour-recipes&z=2030449372

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/955239029/ 42 B
455 B 93ms
33ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/955239029/?random=1689519171824&cv=11&fst=1689516000000&bg=ffffff&guid=ON&async=1&gtm=45He37c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fblog.paleohacks.com%2Fbanana-flour%2F&frm=0&tiba=Banana%20Flour%3A%20A%20Resistant%20Starch%20and%20Gluten-Free%20Alternative&fmt=3&is_vtc=1&random=1555492072&rmt_tld=0&ipr=y

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/955239029/ 42 B
455 B 87ms
33ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/955239029/?random=1689519171824&cv=11&fst=1689516000000&bg=ffffff&guid=ON&async=1&gtm=45He37c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fblog.paleohacks.com%2Fbanana-flour%2F&frm=0&tiba=Banana%20Flour%3A%20A%20Resistant%20Starch%20and%20Gluten-Free%20Alternative&fmt=3&is_vtc=1&random=1555492072&rmt_tld=1&ipr=y

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 74ms
28ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=blog.paleohacks.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 92 KB
27 KB 1330ms
1330ms XHR
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=463784122347594&correlator=2741527951635094&eid=31072019%2C31072879%2C31073678%2C31073824%2C31068366&output=ldjh&gdfp_req=1&vrg=202304050101&ptt=17&impl=fifs&iu_parts=55892584%2CPH300x2502%2CPHBlog300x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x250%2C300x250&ifi=1&adks=79842087%2C1706127594&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1689519171996&lmt=1689509772&dlt=1689519171493&idt=418&adxs=-9%2C690&adys=-9%2C1265&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fblog.paleohacks.com%2Fbanana-flour%2F&frm=20&vis=1&psz=0x-1%7C300x250&msz=0x-1%7C300x-1&fws=2%2C4&ohw=0%2C1600&ga_vid=330719655.1689519172&ga_sid=1689519172&ga_hid=388044752&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fe3e117448916f85d44b5f9c9ea1a94db345ffcd5d562243937c8dfcc9d168b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27315
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blog.paleohacks.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3B34 6 KB
3 KB 125ms
27ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 14:52:52 GMT
expires: Mon, 15 Jul 2024 14:52:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 77ms
26ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QMKQQWEFHC&gtm=45je37c0&_p=388044752&_gaz=1&cid=330719655.1689519172&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689519172&sct=1&seg=0&dl=https%3A%2F%2Fblog.paleohacks.com%2Fbanana-flour%2F&dt=Banana%20Flour%3A%20A%20Resistant%20Starch%20and%20Gluten-Free%20Alternative&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMKQQWEFHC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 85ms
27ms Ping
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QMKQQWEFHC&cid=330719655.1689519172&gtm=45je37c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMKQQWEFHC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 47ms
43ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QMKQQWEFHC&cid=330719655.1689519172&gtm=45je37c0&aip=1&z=92346402

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 83ms
26ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-42752472-1&cid=330719655.1689519172&jid=1359076694&gjid=979554808&_gid=1668827116.1689519172&_u=YEBAAEAiAAAAACAAI~&z=1503998565

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 16 Jul 2023 14:52:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 29ms
28ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=388044752&t=pageview&_s=1&dl=https%3A%2F%2Fblog.paleohacks.com%2Fbanana-flour%2F&ul=en-us&de=UTF-8&dt=Banana%20Flour%3A%20A%20Resistant%20Starch%20and%20Gluten-Free%20Alternative&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEAjBAAAACAAI~&jid=378628198&gjid=2047521376&cid=330719655.1689519172&tid=UA-81910700-1&_gid=1668827116.1689519172&_slc=1&gtm=45He37c0n81TJTDCJG&z=201957461

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 79ms
27ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-81910700-1&cid=330719655.1689519172&jid=378628198&gjid=2047521376&_gid=1668827116.1689519172&_u=aGDAiEAjBAAAAGAAI~&z=1048653732

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 16 Jul 2023 14:52:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.paleohacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=388044752&t=event&ni=Yes&_s=1&dl=https%3A%2F%2Fblog.paleohacks.com%2Fbanana-flour%2F&ul=en-us&de=UTF-8&dt=Banana%20Flour%3A%20A%20Resistant%20Starch%20and%20Gluten-Free%20Alternative&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=leadbox&ea=show&el=Banana%20Flour%3A%20A%20Resistant%20Starch%20and%20Gluten-Free%20Alternative&_u=aGDACEAjBAAAAGAAI~&jid=&gjid=&cid=330719655.1689519172&tid=UA-42752472-1&_gid=1668827116.1689519172&gtm=45He37c0n81TJTDCJG&z=208337731

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 13:51:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3688
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 568 B
613 B 151ms
69ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2615989242318&cb=1689519172041&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.3b72c6cf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 159ec23a6b35726aca57348e6615a6db4fa63c8bb12490cca4d260c8e05f9434

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pin-unauth: dWlkPU1tTTBPV1F3TnpVdFpEVmhaUzAwTmpreExXSmpOamN0TXpBNVpqaGlaalF4TkRJNA
pragma: no-cache
content-encoding: gzip
referrer-policy: origin
date: Sun, 16 Jul 2023 14:52:52 GMT
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://blog.paleohacks.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1102940078738548
content-length: 385
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
247 B 145ms
67ms Image
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2615989242318&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fblog.paleohacks.com%2Fbanana-flour%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%223b72c6cf%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1689519172044
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:52 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 5572608518199738
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 55ms
53ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-42752472-1&cid=330719655.1689519172&jid=1359076694&_u=YEBAAEAiAAAAACAAI~&z=1751751959

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 47ms
46ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-42752472-1&cid=330719655.1689519172&jid=1359076694&_u=YEBAAEAiAAAAACAAI~&z=1751751959

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 54ms
54ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-81910700-1&cid=330719655.1689519172&jid=378628198&_u=aGDAiEAjBAAAAGAAI~&z=1793370460

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 47ms
46ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-81910700-1&cid=330719655.1689519172&jid=378628198&_u=aGDAiEAjBAAAAGAAI~&z=1793370460

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 9605 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9605 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK bql.php Show response
lg3.media.net/ Frame 9605 15 B
324 B 32ms
32ms Script
text/javascript 23.212.88.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=3875&&vgd_canary=0&vgd_l2type=scs_newfl&fp=apuRvDLAtBkB00__Cmkal3KFrsnGCYd4VsEPJ59Tez9hVFartwcuf4-kmcfgHhwXEdD48E1fGtR3EwTAbTeZwetxvaFVtNDLSiA09lwDDWEMcm7HwoOX4s0l0cgKTxHOgV3u6Zp6P954pnUCpDq0ag%3D%3D&cme=T_Tc9Ps4rWm58qNpWWof5mgHuvg5yX_Mmdzg5-6gUjZq7D8g2n_vXZnRR7W-kD3A8QGGMoBp3O-nJEsBSjtUk2wTWel_qeoJb1Pt5c9VLpG93uASoKozJxXbEPa5qRRLFPelSy7xkF-1WzPjOwM1GhOCk2hav7ncXRuUPvqCkHX_scbr9WZkovuLiVc6fGla-CI8OhPmSIQt64jK_OvzTKXp5X--Zfk9sR7fw1yI0efJYJLAoB-YaVYikV5c4aqYG3ugsHRPUdgEW-rRyXeJv1Q2OWqELHTXXbbi5ArnuXfCQMgU_so2P4SpsaKZFScxWgQigxSISAo%3D%7C%7CKOA2tkfoPlCxJ92iUGwOAAroQq3UtoJQcsMriyKDNPADZ_CdZbJXtldxv5IrDxp5ua3zVigfz_A%3D%7Ca0AmFUYXmD6xgDV1rtT8tb0A3Zhve8y8UQfVZlG-sa1KyyeOp62zvOf9uEXI8DcYMPXssz26AcA%3D%7CPc3i4ZF_p9ydC9MisdoOEWsPExO_uFs4mC-IC32MB_ieI-n_xdQCEHx7Zte8NYoAXetkM5Asm6mEEZvJUVuqpU7fyNIonLFSrRFvbJDWhgNRvXfIVissJu5Z9rST_CeC6PL07SKoNODkEgIYFLp70Qyo_E5224VY5v_u7JNtCky9tHr9IzQd6l3XrCAGSQ2kFnW2LPMynAc_X4KKKFplF1UujUMgL3FSCJysYKpS23BzVGoFx323y7-PTv7clrYO4Vx0dmuQbqo8goHbxH0F352VrmFmu9xF%7C&ksu=224&fdkt=307&vgde_kbbh=ffoyxQJuO&kwd[]=Banana+Pancake+Recipe+Ingredients&kwt[]=307&kbc[]=20619&kwp[]=1&kid[]=351018339&kbc2[]=0%7Cactr%3D0.871%7C5%3D-1%7C6%3D-1%7C16%3D-1%7Cbkt%3D307%7Cps%3D1.208&ktd[]=3573429698816&kwd[]=Recipe+for+Banana+Bread&kwt[]=307&kbc[]=20619&kwp[]=2&kid[]=23980189&kbc2[]=0%7Cactr%3D0.593%7C5%3D-1%7C6%3D-1%7C16%3D-1%7Cbkt%3D307%7Cps%3D1.208&ktd[]=3573429698816&kwd[]=Banana+Bread+Ingredients&kwt[]=307&kbc[]=20619&kwp[]=3&kid[]=324662607&kbc2[]=0%7Cactr%3D0.354%7C5%3D-1%7C6%3D-1%7C16%3D-1%7Cbkt%3D307%7Cps%3D1.208&ktd[]=3573429698816&kwd[]=Best+Banana+Pudding&kwt[]=307&kbc[]=63982&kwp[]=4&kid[]=205758872&kbc2[]=0%7Cactr%3D0.331%7C5%3D-1%7C6%3D-1%7C16%3D-1%7Cbkt%3D307%7Cps%3D1.208&ktd[]=3573429698816&kwd[]=Cake+Flour+Substitute&kwt[]=307&kbc[]=45298&kwp[]=5&kid[]=4792374&kbc2[]=0%7Cactr%3D0.108%7C5%3D-1%7C6%3D-1%7C16%3D-1%7Cbkt%3D307%7Cps%3D1.208&ktd[]=3573429764352&v=1&gdpr=1&geo=50.06%7C8.19&dlper=25&lper=100&lpid=&tsid=1&hint=&cc=DE&wsip=170774818&bca=0&ugd=4&vgde_setid=Nff&cid=8CUG3G308&vi=1689519171138649584&vsid=DefVid&tdAdd[]=asnum%3D31103&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=1000&vgd_implt=3&vgd_cage=6&vgd_tsce=L196-S196&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_kalog=SID%3D8%7C%7CUUID%3D2IakVlBy9IiH1c5ivd%7C%7CCI%3D3264%7C%7CSI%3D3264%7C%7CMPTD%3D128%7C%7CTPTD%3D150457034889890895364%7C%7CHID%3D0%7C%7CMI%3D3264%7C%7CTLID%3D6&vgd_katid=807056988&vgd_katbid=-21&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_kals=ttype%3D10007%7C%7Cpt%3D1%7C%7Clmid%3DvDef%7C%7Cctr%3D0.002%7C%7Crpc%3D0.058%7C%7Cttd%3D8&vgd_pdtid=1&vgd_nrrv=83814&vgd_nrrmf=c80a&vgd_nrrsf=scrr&vgd_cty=wiesbaden&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&pid=8PO52G640&sttm=1689519171851&upk=1689519172.1051&hvsid=00001689519171851036481827843774&verid=3121199&vgd_l1rakh=1689519171137373100&vgd_isiolc=1&abpl=2&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D31103&vgd_mcf=27625&vgd_vstrid=DefVid&vgd_icat=663&vgd_spcat=501373&vgd_cfud=220414&vgd_scsver=145&vgd_optout=0&vgd_l2shld=1&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_l1rpth=%2Fdmedianet.js&vgd_lbt=100&vgd_btm=%7B%22URLDC%22%3A%221%22%7D&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A302%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001689519171851036481827843774&rc=0&rand=1689519172208&matm=1689519172208&requrl=https%3A%2F%2Fblog.paleohacks.com%2Fbanana-flour%2F&vgd_x_pos=1062&vgd_y_pos=377&vgd_ren_page_h=13640&vgd_ltimesrc=2&vgd_ltime=373&vgd_rtime=368&vgd_etm=5&vgd_l1hcsd=Ogzkn%7C4650&vgd_l1ch=1&vgd_lhl=1153&vgd_pgid=p0592114458t202307161452&vgd_sbSup=0&vgd_nrrs=83814&vgd_cdv=1015&vgd_cntrdt=AS%7CDIV-726657258%7CDIV-paleo-477379184&vgd_eadm=1&vgd_sgmt=1%3A60766%7C60524&vgd_end=1

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-88-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Sun, 16 Jul 2023 14:52:52 GMT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 15
Expires: Sun, 16 Jul 2023 14:52:52 GMT

POST
H2 204 unrenderedCreative
paleohacks.attn.tv/ 0
0 150ms
150ms Fetch 172.64.150.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paleohacks.attn.tv/unrenderedCreative?v=4.23.31&r=&id=45aa8b4c2ad54dfe8c2d934b57481140&pv=1&l=https%3A%2F%2Fblog.paleohacks.com%2Fbanana-flour%2F&w=1600&h=1200&ss_ref=ORGANIC&m=marketing&m=live-sms&m=backInStock&f=2
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1f8ef468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 16 Jul 2023 14:52:52 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 20
cf-ray: 7e7b124b8f4a4504-TXL
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.cookie.js Show response
track.mypaleorecipe.com/js/ 2 KB
1 KB 585ms
584ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/js/jquery.cookie.js?v=1.0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dde3261ae85ead281a4f3120a5c4cee3bc7a1874c284c4a23874af1ada1f08ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Tue, 09 Nov 2021 03:31:23 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3254
etag: W/"cb6-5d052be67bb4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyoQNxcP96aFwTAY3fhoYUQUeXhUgLB5GitFWWJ17qJvdIR5JJAqGxMkD7Km8eRGs3rwlqhx6X3Jdz8AkMeqp7s9smnNSEC1W2KKE5dT7%2FSDWVhuVzSWUTiEwBg7pEyHLv5hIUx07PJquXyQTOCF4frxJz2vTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e7b124be8319a30-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
blog.paleohacks.com/banana-flour/ 25 KB
25 KB 352ms
351ms Image
text/html 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/banana-flour/
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.23
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 16 Jul 2023 12:16:12 GMT
server: cloudflare
x-powered-by: PHP/7.3.23
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: max-age=0
cf-ray: 7e7b124c4fb09bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 16 Jul 2023 14:52:52 GMT

GET
H3 200 bottles-with-red-yellow-green-and-blue-liquids-e1464759531540.jpg
blog.paleohacks.com/wp-content/uploads/2016/05/ 15 KB
15 KB 31ms
30ms Image
image/webp 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.paleohacks.com/wp-content/uploads/2016/05/bottles-with-red-yellow-green-and-blue-liquids-e1464759531540.jpg
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aaa8ae246e2f8fa0ceb5bc3a610b33ce3d5bcfefb7b34e774647d6a585b2743

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/banana-flour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:52 GMT
cf-cache-status: HIT
age: 1848793
cf-polished: qual=85, origFmt=jpeg, origSize=22364
content-disposition: inline; filename="bottles-with-red-yellow-green-and-blue-liquids-e1464759531540.webp"
alt-svc: h3=":443"; ma=86400
content-length: 15352
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 09 Nov 2019 17:46:36 GMT
server: cloudflare
etag: "5dc6fb7c-575c"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7e7b124c4fb19bf2-FRA
expires: Tue, 25 Jul 2023 05:19:39 GMT

GET
H3 200 admin-ajax.php Show response
blog.paleohacks.com/wp-admin/ 4 B
303 B 1083ms
1083ms XHR
text/html 2606:4700:10::6816:2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.paleohacks.com/wp-admin/admin-ajax.php?action=show_optin_async&post_id=78975&_=1689519172456

Requested by

Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.23

Resource Hash

dba5166ad9db9ba648c1032ebbd34dcd0d085b50023b839ef5c68ca1db93a563

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://blog.paleohacks.com/banana-flour/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.23
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
cf-ray: 7e7b124db9e79bf2-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 /
log.pinterest.com/ 0
235 B 74ms
73ms Image
text/plain 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=iZhA4tvpVv_C&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fblog.paleohacks.com%2Fbanana-flour%2F&viaSrc=canonical
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 16 Jul 2023 14:52:53 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 5
x-pinterest-rid: 6187895488392272
content-length: 0
x-served-by: cache-cph2320026-CPH
pragma: no-cache
server: envoy
x-timer: S1689519173.969155,VS0,VE36
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
27 KB 109ms
108ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/wp-content/cache/min/1/wp-content/uploads/415/904/33/881/775/653.js?ver=1681483468

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0abaeb0eeeaf1c726e8c09d7af34ddfb53bf5810be0ee01a5652e0141bef84a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27664
x-xss-protection: 0
server: cafe
etag: 250 / 19554 / m202307100101 / config-hash: 3977741291496309648
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 14:52:53 GMT

GET
H3 200 main.js Show response
track.mypaleorecipe.com/js/ 3 KB
1 KB 29ms
29ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/js/main.js?v=1.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJTDCJG
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ae0b0e74edee33dd3e9d91c15b595508fc05e1ced11a15dbe787d0f9862dfc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1713
cf-polished: origSize=4494
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 09 Nov 2021 03:31:21 GMT
server: cloudflare
etag: W/"118e-5d052be46686b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znASDm5Cjj3uerXnnM1bYlvF7sw2oMqgTlixXP1xyQsd9LuIyMkfy6GiEl2CtXyAhK14nrLTAl7rOPcdBEUKSawGjoJXvMdChvUBNq0Gv6v2etXgrjePoALG8Whq1ezlPEPhPNskh6zbeQ2yeKWVyCN30z6ffg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e7b12508e392c77-FRA

GET
H/1.1 200
OK bqi.php
lg3.media.net/ 15 B
15 B 35ms
35ms Image
text/javascript 23.212.88.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?vgd_len=1967&lf=3&&vgd_tsce=L196&vgd_l2type=scs_newfl&pid=8PO52G640&vgd_cdv=1012&vgd_cage=4&kals=ttype=10007||pt=1||lmid=vDef||ctr=0.002||rpc=0.058||ttd=8&kata=aton&kasts=tstype=-10408||gbid=-1&kalog=SID=8||UUID=2IakVlBy9IiH1c5ivd||CI=3264||SI=3264||MPTD=128||TPTD=150457034889890895364||HID=0||MI=3264||TLID=6&katen=1&pc=25&katbid=-21&katid=807056988&cme=T_Tc9Ps4rWm58qNpWWof5mgHuvg5yX_Mmdzg5-6gUjZq7D8g2n_vXZnRR7W-kD3A8QGGMoBp3O-nJEsBSjtUk2wTWel_qeoJb1Pt5c9VLpG93uASoKozJxXbEPa5qRRLFPelSy7xkF-1WzPjOwM1GhOCk2hav7ncXRuUPvqCkHX_scbr9WZkovuLiVc6fGla-CI8OhPmSIQt64jK_OvzTKXp5X--Zfk9sR7fw1yI0efJYJLAoB-YaVYikV5c4aqYG3ugsHRPUdgEW-rRyXeJv1Q2OWqELHTXXbbi5ArnuXfCQMgU_so2P4SpsaKZFScxWgQigxSISAo=||KOA2tkfoPlCxJ92iUGwOAAroQq3UtoJQcsMriyKDNPADZ_CdZbJXtldxv5IrDxp5ua3zVigfz_A=|a0AmFUYXmD6xgDV1rtT8tb0A3Zhve8y8UQfVZlG-sa1KyyeOp62zvOf9uEXI8DcYMPXssz26AcA=|Pc3i4ZF_p9ydC9MisdoOEWsPExO_uFs4mC-IC32MB_ieI-n_xdQCEHx7Zte8NYoAXetkM5Asm6mEEZvJUVuqpU7fyNIonLFSrRFvbJDWhgNRvXfIVissJu5Z9rST_CeC6PL07SKoNODkEgIYFLp70Qyo_E5224VY5v_u7JNtCky9tHr9IzQd6l3XrCAGSQ2kFnW2LPMynAc_X4KKKFplF1UujUMgL3FSCJysYKpS23BzVGoFx323y7-PTv7clrYO4Vx0dmuQbqo8goHbxH0F352VrmFmu9xF|&fp=apuRvDLAtBkB00__Cmkal3KFrsnGCYd4VsEPJ59Tez9hVFartwcuf4-kmcfgHhwXEdD48E1fGtR3EwTAbTeZwetxvaFVtNDLSiA09lwDDWEMcm7HwoOX4s0l0cgKTxHOgV3u6Zp6P954pnUCpDq0ag==&vgd_x_pos=1062&vgd_y_pos=377&vgd_rensize=302_250&vgd_ren_page_h=14152&vgd_lbt=100&vgd_btm={%22URLDC%22:%221%22}&gdpr=1&mspa=0&prid=8PRHGG6T9&cid=8CUG3G308&crid=726657258&requrl=https://blog.paleohacks.com/banana-flour/&vi=1689519171138649584&ugd=4&cc=DE&sc=HE&startTime=1689519171846&l1ch=1&l1hcsd=l1!Ogzkn|4650&sttm=1689519171851&upk=1689519172.1051&hvsid=00001689519171851036481827843774&verid=3121199&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1689519171137373100&vgd_sc=HE&vgd_uspa=0&vgd_isiolc=1&vgd_pgid=p0592114458t202307161452&vgd_pgids=1

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-88-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Sun, 16 Jul 2023 14:52:53 GMT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 15
Expires: Sun, 16 Jul 2023 14:52:53 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
166 B 29ms
29ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=blog.paleohacks.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 293 KB
75 KB 1336ms
1335ms XHR
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=463784122347594&correlator=2741527951635094&eid=31072019%2C31072879%2C31073678%2C31073824%2C31068366&output=ldjh&gdfp_req=1&vrg=202304050101&ptt=17&impl=fifs&iu_parts=55892584%2Cdesktopfooter%2Cph_widebanner%2Csitefooterbanner%2CPaleohacksSidebarBanner&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%2C970x250%7C728x90%2C970x250%7C728x90%2C300x250%7C300x600&ifi=3&adks=2912191614%2C3129430941%2C2355259855%2C698452367&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1689519173239&lmt=1689509772&dlt=1689519171493&idt=418&adxs=0%2C315%2C315%2C1062&adys=1110%2C341%2C14118%2C2959&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C2%7C3&ucis=3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fblog.paleohacks.com%2Fbanana-flour%2F&frm=20&vis=1&psz=728x-1%7C1600x0%7C1600x0%7C302x0&msz=728x-1%7C1600x0%7C1600x0%7C302x0&fws=516%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&ga_vid=330719655.1689519172&ga_sid=1689519172&ga_hid=388044752&ga_fc=true&ga_cid=1668827116.1689519172

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3cd801c9b21fd2833b20ede142f1ce49b6f04f766ad3eb0a9a95073ca291d87

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL24qbG9k4ADFVXk5godeQYDcw&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL24qbG9k4ADFVXk5godeQYDcw&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
date: Sun, 16 Jul 2023 14:52:54 GMT
x-content-type-options: nosniff
content-encoding: br
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77177
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blog.paleohacks.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 createVisitor Show response
track.mypaleorecipe.com/api/ 9 B
716 B 655ms
628ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/api/createVisitor
Requested by: Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 7ecd5f89867c76ac93b8c106fe9ec7740f423decc33f8f3e6b184b894b510519

Request headers

Accept: */*
Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbjIIziGmTjSyZTcTU9rUaYy%2F3tAubfMY8RkXKgdlX%2B03RppYPjVlnJaBcdyLDPgUNP%2FPfBVWwmwBU3gWjH5%2F07V6B72ZsueI1R0wRmYFPpjWTpXKYO6Eq2V5cRT6AoV%2F%2FlFf49K6zpAm0clFwG81fwr3aG40g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, max-age=0, no-cache
cf-ray: 7e7b125179a19b6e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 comments.php
www.facebook.com/v4.0/plugins/ Frame AB56 0
0 85ms
84ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v4.0/plugins/comments.php?app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c869b8768ae6c%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Ff3c6b0d4ec65c4c%26relation%3Dparent.parent&container_width=790&height=100&href=https%3A%2F%2Fblog.paleohacks.com%2Fbanana-flour%2F&locale=en_US&numposts=5&sdk=joey&version=v4.0&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=c962fc63a14114fac723739ec1c75b88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 16 Jul 2023 14:52:53 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: UmLoSRFAxdiqAL60GV3iMf4ybmAXJD6lbj4HdXVNIeMDlaxq7q3gbrgZpImbw/2f8NapB1F0ylRSggWMgqkBeQ==
x-frame-options: DENY
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/v4.0/plugins/ Frame 8048 0
117 B 87ms
87ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v4.0/plugins/like.php?action=like&app_id=510626776365517&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df21d73ec402cb3c%26domain%3Dblog.paleohacks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.paleohacks.com%252Ff3c6b0d4ec65c4c%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Ffacebook.com%2Fpaleohacks&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=c962fc63a14114fac723739ec1c75b88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 16 Jul 2023 14:52:53 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: E+w+AxfA9I3D0Y7MB1AbOpMso9OusRwn9SCfiHYtyY/Ht+OegSKIYrqNiCO/kSRbmzskz/aCA4XcysLet73Jxg==
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 137ms
84ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

371031ea3ba9b3f77be315ed4f9ff0eb671ee31a81a208fdd736663d5e3e406e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11838
x-xss-protection: 0

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 35CB 565 B
402 B 75ms
75ms Document
text/html 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.3b72c6cf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Sun, 16 Jul 2023 14:52:53 GMT
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1008700880871740

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012306202201000/ Frame DD87 222 KB
61 KB 103ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 12 Jul 2023 17:10:51 GMT
age: 337322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61909
x-xss-protection: 0
server: sffe
etag: "f919e19544cf979d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 11 Jul 2024 17:10:51 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame DD87 15 KB
5 KB 138ms
54ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 16 Jul 2023 08:54:25 GMT
age: 21508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
server: sffe
etag: "64cbd7fca0464c6f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 15 Jul 2024 08:54:25 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame DD87 94 KB
28 KB 139ms
55ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 12 Jul 2023 16:18:55 GMT
age: 340438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28896
x-xss-protection: 0
server: sffe
etag: "4dcd9a8c59f0d36a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 11 Jul 2024 16:18:55 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame DD87 5 KB
2 KB 145ms
62ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 11 Jul 2023 18:03:18 GMT
age: 420575
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1898
x-xss-protection: 0
server: sffe
etag: "b82574a955fb50a0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 10 Jul 2024 18:03:18 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame DD87 40 KB
13 KB 146ms
63ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 12 Jul 2023 16:18:58 GMT
age: 340435
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12958
x-xss-protection: 0
server: sffe
etag: "5e14f2792a869535"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 11 Jul 2024 16:18:58 GMT

GET
DATA 200
OK truncated
/ Frame DD87 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d684e9743f8b875b82ced945c978e8c1d9f6fa1ac6f92791b0b4991b5ae4029

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 1821917150055704736
tpc.googlesyndication.com/simgad/ Frame DD87 29 KB
29 KB 72ms
24ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1821917150055704736?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlAnA_c01EJ4R7suS25MDP056nb-w

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9e99ee9233e0d5c4b8cb2eceeee7805cc4a85ca0c5edfc3e1f673eaaf781520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 14:36:12 GMT
x-content-type-options: nosniff
age: 433001
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29808
x-xss-protection: 0
last-modified: Tue, 09 May 2023 10:16:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 10 Jul 2024 14:36:12 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DD87 2 KB
3 KB 71ms
23ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 22:44:13 GMT
x-content-type-options: nosniff
server: cafe
age: 58120
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sun, 16 Jul 2023 22:44:13 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DD87 295 B
665 B 71ms
22ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 10:36:43 GMT
x-content-type-options: nosniff
server: cafe
age: 15370
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 17 Jul 2023 10:36:43 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DD87 0
0 30ms
29ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTgwaq0OyC6J_uMOA2slzDkf76AWHeTOPvq-x_-V1GXG-XKVfhA3gZML2sE7ltsm8XOKTxjM6M3Wh98IfLYxYiQvlYZFQ
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 16 Jul 2023 14:52:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5611 13 KB
5 KB 22ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 16666
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 10:15:07 GMT
expires: Mon, 15 Jul 2024 10:15:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 90E9 783 B
537 B 32ms
30ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2006a4e95a892724a3a9d4d55e723d4e802b281e23229cf421a237f9c745464f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QJ1o70PN405G4EOwSxyCKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-QJ1o70PN405G4EOwSxyCKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 14:52:53 GMT
expires: Sun, 16 Jul 2023 14:52:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame DD87
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

33ms
33ms

Image
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H2
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

date: Sun, 16 Jul 2023 14:52:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 90E9 0
0 95ms
55ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304050101&jk=463784122347594&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 5611 38 KB
14 KB 54ms
19ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:30:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 Jul 2024 14:30:57 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DD87 0
0 66ms
66ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C6geERAS0ZIzeBcTSzQbd6ZXoBojSwKJxoufN0-QQi67z5fUKEAEgyP2IHmCVkpCCoAegAavR7NwByAEC4AIAqAMByAMIqgSSAk_Qa7QsEWaqhv8orTQP_NH4ek9A4mJAMUrhdqQ_OeD0F9sbxk5mE6xSN0tDVYnE3sB7-W8guD0JSXepGA_c2OtOD0jW0mo3HMSzKj5M_gBbWIEik3PfJzpAktKGPmUiIOwZMTJ4Xd1MSHrQ3FSVlRSDJVcY6DdRIJ-M9WHtxOQISfqGp6ZNmWPYvtBpzYR7Vpv7w7PLtWj98GyVsa9tmy8qR2b-yuUeFkFi6d-EksIgIjwnU7_IZXvjMaPMCLmj8ELForZi7vrr9f3iYaY2T1Ln2jTQMjrU7u1lNqkLFKkTeeRsfsDKMnsG8NZUpOUff71_RE63wnfzNxgxFWu0UgE5J5mtWvx5l_vBbFaJHOvLGrzABJCW5vmWBOAEAZIFBAgEGAGSBQQIBRgEoAYCgAe9rpOjAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKGbGNIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgHICwHYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItNTE0NDM4OTY1Nzc4NTU2NRiwmBU&sigh=USu3X2oxBrY&uach_m=[]&cid=CAQSPABpAlJWhTJLNVUuRafKhUNVNvDbET-qEt4_p3Vybr-pM0do2O6Oh2gacpVbjgxj_3masrr2qJmoiZ1_FRgB&cbvp=2
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5611 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?54RG6Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK / Show response
api.ipify.org/ 23 B
223 B 531ms
176ms XHR
application/json 104.237.62.211
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.237.62.211 El Segundo, United States, ASN18450 (WEBNX, US),
Reverse DNS: hosted-by.racknerd.com
Software: nginx/1.25.1 /
Resource Hash: f1999206051534c886e13fb23a24980bf7e3cfd83a388f4cf2c81e3e7d7c03ad

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 16 Jul 2023 14:52:54 GMT
Server: nginx/1.25.1
Connection: keep-alive
Content-Length: 23
Vary: Origin
Content-Type: application/json

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
58ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304050101&jk=463784122347594&bg=!jo2ljdnNAAb90kgr3dI7ADkAdvg8WnQJF06O5tmXcDRrTVWjrVY8L7gXBWDmTa5GpGC6mLmA2eJcqCqEGOBdC_IDMMMog-RT0l8CAAAAUFIAAAAHaAEHmQK3jwzfm_EggG6apEzvg6VhWhYKPkeBI5o0DdejEGUFcQ-L10B-wZDwsdfQbH5K97BxncMIs9vycxsEejF_Jrh_6fKE6XCBmwXnOwrhXOy72W01xcolq9AOYY_4-I2nVWntRpKOSr4WvvWeJAnL3KaCOFOLDOYPDJZkzWwkZ1wyUZWBa9lhkHWKLSxHZNS7wCabKsBmnH30XrYHVNFyaZ534HTJjZMMbYi7rSTO3XSNYxZvtxzTZI-CLwVWZsXGW4B7I_4yBwqjo9SX3DYfyyDlRQ3mkZvfzDPq-H9MrKY4SgU-90p7q1uyggpG2biXNdS_I-gy0M34AsZGZGVYlp5hldcOKTkGkqI4RrB7jkJl7vQT4jGN3BitsIdDDVokk_05vEfOE4gmjr-isSgxt3FWOPzcklefLBU7UXqFteHtpw5y98Y2nkS5_yyNgBKkgBtd0bE6pIMvv8zYxG-ShYgi2KvSBSk04LdHzhtDWwP6GbpVF3jVoPEPMGEhS9FJot48_00B_L1vUAbDKJv5mRnY8Yc63tgrOTXG6En05xrnA0qx590vyZhWNiVMuQ9mT18gWPt1U23MfbWcnMRLCi_7BdbGviJ_RWIhRNHBGQTGkNyqpTVr6V2b65ihCRhtSFscumY0LPruQ2aGFBr67uPWRoxknpvm0rmg6NtRG8GK1tD6IAAqZe23uggFGH7eFGxqknlJuGHyQZLKT7i1BDNIyWxw4zLBB0fK-9qrrA7K_xdQuwD5Sxjp2KHszsnwLsonXiCfhyy0B_6nN0uONPy8vIhcAdRvJ0ueolPTXttwn50rkfLxoxkJ-Rqy0QPzeOGhbIubrp1c9m2uyF0AR_iiDOE_OKmlXcHvwlfJPWCgrUfxWIBEJZvnmX0Wlc_nTmNF9ZsGVOtyKgay0u6jReXAXsk5j00lwME
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 createActivityLog Show response
track.mypaleorecipe.com/api/ 8 B
622 B 208ms
208ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.mypaleorecipe.com/api/createActivityLog?visitor_id=155497422&activity_type_id=1&fbp=fb.1.1689519171930.954213528&fbc=undefined&ga=GA1.2.330719655.1689519172&client_ip_address=217.114.218.19&client_user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/114.0.5735.198%20Safari/537.36&full_url=https%3A%2F%2Fblog.paleohacks.com%2Fbanana-flour%2F&utm_source=0&utm_medium=0&utm_campaign=0&utm_content=0&utm_term=0
Requested by: Host: track.mypaleorecipe.com
URL: https://track.mypaleorecipe.com/js/jquery-3.5.1.min.js?v=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 0b92224b759081225dad586d2f1b1d236697ba3f84e0fff5041ec8068375f91f

Request headers

Accept: */*
Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fuz8I%2FtG16HBGCQcSOs2wA%2Bm2YgHKBXkJ3r82KtMCxsuXMDcMWo2s2vxhbrjHd6xsnTNTs5Tlj%2FdSKwRmB%2B91%2FiKCCnW0SeYSx2qq%2F9sOK76FZ%2FmybHNQehGf0%2FlpPENXTFmBCwoUfmdiTjFWvkZQmR%2BN8a4NA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, max-age=0, no-cache
cf-ray: 7e7b12585a3a9b6e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 container.html Show response
03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3891 6 KB
3 KB 20ms
19ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 14:52:52 GMT
expires: Mon, 15 Jul 2024 14:52:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012306202201000/ Frame 6866 222 KB
61 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 12 Jul 2023 17:10:51 GMT
age: 337323
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61909
x-xss-protection: 0
server: sffe
etag: "f919e19544cf979d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 11 Jul 2024 17:10:51 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 6866 15 KB
5 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 16 Jul 2023 08:54:25 GMT
age: 21509
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
server: sffe
etag: "64cbd7fca0464c6f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 15 Jul 2024 08:54:25 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 6866 94 KB
28 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 12 Jul 2023 16:18:55 GMT
age: 340439
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28896
x-xss-protection: 0
server: sffe
etag: "4dcd9a8c59f0d36a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 11 Jul 2024 16:18:55 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 6866 5 KB
2 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 11 Jul 2023 18:03:18 GMT
age: 420576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1898
x-xss-protection: 0
server: sffe
etag: "b82574a955fb50a0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 10 Jul 2024 18:03:18 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 6866 40 KB
13 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 12 Jul 2023 16:18:58 GMT
age: 340436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12958
x-xss-protection: 0
server: sffe
etag: "5e14f2792a869535"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 11 Jul 2024 16:18:58 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6866 14 KB
1 KB 34ms
33ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Jul 2023 14:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 13:17:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Jul 2023 14:52:54 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6866 2 KB
2 KB 25ms
24ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 22:44:13 GMT
x-content-type-options: nosniff
server: cafe
age: 58121
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sun, 16 Jul 2023 22:44:13 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6866 295 B
319 B 24ms
23ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 10:36:43 GMT
x-content-type-options: nosniff
server: cafe
age: 15371
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 17 Jul 2023 10:36:43 GMT

GET
H2 200 container.html Show response
03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 39C0 6 KB
3 KB 42ms
42ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 14:52:52 GMT
expires: Mon, 15 Jul 2024 14:52:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D2AE 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.paleohacks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 14:52:52 GMT
expires: Mon, 15 Jul 2024 14:52:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6866 0
0 33ms
32ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ5Jc0RDWqH4NwYZZlNdxYoSI7JzOxQlnvCIKS26yhrlSZPiw4m80QYks0Zb5Ogb7G1uIuKrQM2W_uuGvi8EDgarEG2GA
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/3766498706955596031/ Frame 6866 47 KB
47 KB 23ms
23ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3766498706955596031/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d81ee232abceed08a665f6490e99721a8c9c89ddcf2ddfc7c1463e463024e0b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:06:06 GMT
x-content-type-options: nosniff
age: 460008
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48409
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 06:02:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 10 Jul 2024 07:06:06 GMT

GET
DATA 200
OK truncated
/ Frame 6866 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6866 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6866 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ea5b0e4254d923189cbdb6dff2da0626a2664168de9f850e154c7fae2407611

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 51B8 2 KB
1 KB 108ms
49ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jsvx01jmnzzn0y3fymqyf8cjhj3gqngdr2w4nnhehww24qj6sbmn21zmjhtgf0qn99j6s1wfcypgvmj2wsbkypmhtrt9k4waearjp56jdk7256343t5pkza4tectn5wxbfnnf8jhjxwwy31afz1yhkw2k6zc0bj24tq45wxz2geenjnh394gsfrp1f926v7exjmbthjpsm5n94twz39s5ztjjp8qr6hccvgnk9nc65sdvfd8dxt7yd1v4y6wpxrz9k7yss550wp4ch2s8rkvh1v4w6fha1csx8bzap9hrfasz2v2fs6yztb9ywmz9d0dpas6s9ytxq3hhsg044gk95m8tvzhhxnka6xktfe58chctpcqn4202h54rsace5jwvr8ngns26prvqzqw8m198t1qe0bznwd0vzft5f8zn2h29gkqr29g4fdmyfrxyhmepva4q4zwm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_clZRQS0ZPqBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgT5AU_QXFNx_IGLkh4fUhIEShC5kCznDulYi6AaLPXPYbXJ7p4bK7NubHtSEyZfp-QspptZ79eWxfCTGtdPSA99_sCQuBt9xGlmCnuWxtHFTu-keldxQN7Q2YkOSxvL9-6erfA1W7yFOlvTvQC0YrhRSP2OkN01BfQ54rnF2R3_waf9Z75tAcnKx5yb5iOmCNRqJm-uoqBBzx3QlCWysSVDAMp1-J67MAPVsyAWI2YG2sJTWoMoy1zN4xPonti64S7c_I9eXpDEBHz3RUhDCoiPay9w2dpnfrTW1WQTzwlVSg7KBM2noVytl_O88_nS4pLiQqMrmIjev04fOOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3v8ZIWRyKOVA_fWR3jk_N-Gw9NwA%26client%3Dca-pub-5144389657785565%26adurl%3D

Requested by

Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47e2c3ddb6529e1cf873a9811267ccf290f8614ab847ba2ff25c83dd6a11b8ed

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e7b125a2ffc5c26-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 14:52:54 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 3891 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 17:59:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 17:59:53 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 361D 1 KB
643 B 20ms
19ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10120
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 12:04:14 GMT
etag: 48472445140208031
expires: Mon, 17 Jul 2023 12:04:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 3891 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 13:55:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3891 0
0 30ms
28ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRoHLELbzfdZY4EusZfvvj7uaCn1Q35EuXBwBvAs4mQu0Pgo_9FqyT9g-pF4dNFVu8_AXS4opj9-u-n8jFe9OiynDW1nQ
Requested by: Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3891 24 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 355803
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 11 Jul 2024 12:02:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3891 179 KB
56 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jul 2023 14:52:54 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 6866 33 KB
33 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.paleohacks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 416617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jul 2024 19:09:17 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame C51E 2 KB
3 KB 66ms
42ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jsjtnrh3yr44vstwccmrnm019r3pt13jw9pjsxzzpn32qsypmf8y1n03w4gg8c9vcv5v5nan4tc0rc1x9n5499z3h0yk3qnf5cgbc59p0acbyzvp5t8xfc0em934ph7p007y61r4r0xx5z9m4q5zk5mwxfgvey4fr9baxavm4mw6ej9m2rb4mvewdc79gnqrx36aeqszn7aeq01sbfap6pdnhvz496g8ekgvcm35jfqh3zm0f3act69kfvcswdwjsd8q5r3h6agm8x5q206qja24v02t9ddywc2ejafrf7h8kcdr15zpkysp1hae1vwphv1nv2nynr6mq2rvvvcsb0mf238eb6q8wxrmfmkdpf4en3chvb21xrs139s3f550n2nv1hyp4575kt84mpzaf2z5b0658rjm24t2thkp0cc2wjaqedrkawrgsr75a1jabx7rfpk6m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfHMIRQS0ZPyBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgSDAk_Qa-hnjUHJGbJX12ZMgxBQ4HtJmV9p0-Hxk5VMrarXT5bHQ9kjCrpf8a2PBPd0b_ouL5TuJLSoTDtb0V4izkSJJ254iHdjrTBRkJP7btyBVeDzvhmzPAUlpdMpewEy57oHtcb83VcbEY9Lbz6X3VjwgJ6P0QD-wN3sv1N8cZGwNBpb2HP4Eyo0oXcvbMki73F-_170dQL8peUFpCsRFMr-HD4SHMhEiXD2G_IQifqpGJXq47dbrZeDdIVG7AfPaC3iZ4ce8DHQfAUxzA2JfDb0CtIPi0MXXNhON65y7iY8dukQ2iGoomQvIXCDJr9wHTXgr6DdYr4PGMfefZwx90AOIcPgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Y_Ao4I4Lh0sQrYEcsGakhGqMZvA%26client%3Dca-pub-5144389657785565%26adurl%3D

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f1bffd218db26600cfcb2c6177358b4f2d65586e38f3e4dc332344beea01a59

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e7b125a2ffe5c26-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 14:52:54 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 8EDE 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 17:59:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 17:59:53 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 82C1 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10120
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 12:04:14 GMT
etag: 48472445140208031
expires: Mon, 17 Jul 2023 12:04:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 8EDE 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 13:55:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8EDE 0
0 28ms
27ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRlzS8q_H1wRemVxNVK3fZhwDmGlIb7Zh1lmWpnNzncqs9YR4q-sARZ1q3i-IhOPqcLVJNuBPpD_5uql1zvTOc_d9tftw
Requested by: Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8EDE 24 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 355803
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 11 Jul 2024 12:02:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8EDE 179 KB
56 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jul 2023 14:52:54 GMT

GET
H3 200 Responsive_listing.html Show response
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame BA80 4 KB
1 KB 24ms
22ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Requested by

Host: blog.paleohacks.com
URL: https://blog.paleohacks.com/banana-flour/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 76755
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 1016
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Jul 2023 17:33:39 GMT
etag: 11900953634711111692
expires: Sun, 16 Jul 2023 17:33:39 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame D2AE 23 KB
9 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 09:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19509
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 09:27:45 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FC69 143 B
166 B 24ms
23ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2468
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 14:11:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame D2AE 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 17:59:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 17:59:53 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame D2AE 20 KB
8 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 13:55:07 GMT

GET
H3 200 Configurable_01_122.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame BA80 74 KB
25 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 21:33:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25356
x-xss-protection: 0
server: cafe
etag: 15511454539072389427
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 16 Jul 2023 21:33:50 GMT

GET
H3 200 Responsive_listing.js Show response
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame BA80 199 KB
65 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 16:59:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78778
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66166
x-xss-protection: 0
server: cafe
etag: 5199203132765013944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 16 Jul 2023 16:59:56 GMT

GET
H3 200 Responsive_listing.css
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame BA80 11 KB
2 KB 21ms
21ms Stylesheet
text/css 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 05:37:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1758
x-xss-protection: 0
server: cafe
etag: 15825927903621683888
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 17 Jul 2023 05:37:49 GMT

GET
DATA 200
OK truncated
/ Frame 3891 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a691669853d5987d3c9fd7e491566f7ebc3c05cda7b3514920e766a20b903380

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 361D
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGgYed7VJ35_ADTmAQAjHtE&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGgYed7VJ35_ADTmAQAjHtE&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MGluVWVKTXQxUWwzN2c1&google_gid=CAESEGgYed7VJ35_ADTmAQAjHtE&google_cver=1&google_push=AaAOQGGeI-qBcfcLZMH7Ux9nkmPrDD4hWa-zBhTe2iv8-Ms...

170 B
233 B

29ms
29ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MGluVWVKTXQxUWwzN2c1&google_gid=CAESEGgYed7VJ35_ADTmAQAjHtE&google_cver=1&google_push=AaAOQGGeI-qBcfcLZMH7Ux9nkmPrDD4hWa-zBhTe2iv8-Ms9Yf5tgUJ9ccW3JEJjN0-75SVnQ_wqg1Pbm7u5I5a3oAF83qcZRIybXpo

Requested by

Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 16 Jul 2023 14:52:53 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-783-g46ba6fe#rel-ec2-master i-0ee6b652682556fe2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MGluVWVKTXQxUWwzN2c1&google_gid=CAESEGgYed7VJ35_ADTmAQAjHtE&google_cver=1&google_push=AaAOQGGeI-qBcfcLZMH7Ux9nkmPrDD4hWa-zBhTe2iv8-Ms9Yf5tgUJ9ccW3JEJjN0-75SVnQ_wqg1Pbm7u5I5a3oAF83qcZRIybXpo
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 361D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEI2MigJ3llrySdUhaRktpHA&google_cver=1&google_push=AaAOQGG_24tySrXchPU65Vqx7n_Pcwbqb7PimGxPBgwjzeRVuMRR7hgvB4cm3ATq6TeqhPLIHuZcuaaqoPR_zNdGPH1YCZnBy-u--...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEI2MigJ3llrySdUhaRktpHA&google_cver=1&google_push=AaAOQGG_24tySrXchPU65Vqx7n_Pcwbqb7PimGxPBgwjzeRVuMRR7hgvB4cm3ATq6TeqhPLIHuZcuaaqoPR_zNdGPH1YCZnBy-u...

43 B
423 B

190ms
189ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEI2MigJ3llrySdUhaRktpHA&google_cver=1&google_push=AaAOQGG_24tySrXchPU65Vqx7n_Pcwbqb7PimGxPBgwjzeRVuMRR7hgvB4cm3ATq6TeqhPLIHuZcuaaqoPR_zNdGPH1YCZnBy-u---Y&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGG_24tySrXchPU65Vqx7n_Pcwbqb7PimGxPBgwjzeRVuMRR7hgvB4cm3ATq6TeqhPLIHuZcuaaqoPR_zNdGPH1YCZnBy-u---Y%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:56 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e7b1261ce2f2bdd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:55 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 17
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEI2MigJ3llrySdUhaRktpHA&google_cver=1&google_push=AaAOQGG_24tySrXchPU65Vqx7n_Pcwbqb7PimGxPBgwjzeRVuMRR7hgvB4cm3ATq6TeqhPLIHuZcuaaqoPR_zNdGPH1YCZnBy-u---Y&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGG_24tySrXchPU65Vqx7n_Pcwbqb7PimGxPBgwjzeRVuMRR7hgvB4cm3ATq6TeqhPLIHuZcuaaqoPR_zNdGPH1YCZnBy-u---Y%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e7b125acd5a2bdd-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 361D 70 B
266 B 142ms
48ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEB_0nOCSki6XClHeepZ8Cyk&google_cver=1&google_push=AaAOQGGKmlQtgtTUoYwRx7vk3vhJYrWDGU7eynrJ2UlC5OUvjUsp8Ai2Z-Z5iMNaq4Bbj_fASllRzO1zKPzT2hE-kMmuHJl4e8rAMjc
Requested by: Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 16 Jul 2023 14:52:54 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 361D 0
174 B 79ms
26ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEPs-s_wjk5G6ttVf1ujxmlA&google_cver=1&google_push=AaAOQGE8xpnbpYUpXy5ANPc7nd0Jn1_R8-nVo89Yihjg76dN8FBM1bHjakSqTr5NOzXHIGxULCZP57ilohlF0SXBJOYyOWc6Vv8gbjw
Requested by: Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:54 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 361D
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKA2q9rlV_ltQbA4UEBhYCs&google_cver=1&google_push=AaAOQGEGryBLdWHkrfXqRY6hBI90RqdZicgqoruhlUc7Fo7qVl2PBIjaI_P0iQRUtrJ1XdhWfGqPzF6oS5TJ1E...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1NjQyOTU5ODMyNTQwNTg0Mg%3D%3D&google_push=AaAOQGEGryBLdWHkrfXqRY6hBI90RqdZicgqoruhlUc7Fo7qVl2PBIjaI_P0iQRUtrJ1XdhWfGqPzF6oS5TJ1EQjVQ...

170 B
330 B

30ms
30ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1NjQyOTU5ODMyNTQwNTg0Mg%3D%3D&google_push=AaAOQGEGryBLdWHkrfXqRY6hBI90RqdZicgqoruhlUc7Fo7qVl2PBIjaI_P0iQRUtrJ1XdhWfGqPzF6oS5TJ1EQjVQfkLxaJ2D077Q

Requested by

Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1NjQyOTU5ODMyNTQwNTg0Mg%3D%3D&google_push=AaAOQGEGryBLdWHkrfXqRY6hBI90RqdZicgqoruhlUc7Fo7qVl2PBIjaI_P0iQRUtrJ1XdhWfGqPzF6oS5TJ1EQjVQfkLxaJ2D077Q
Date: Sun, 16 Jul 2023 14:52:54 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 361D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOJ9hXiDAn39sTGFpn1Plxg&google_cver=1&google_push=AaAOQGFOdBkZUARNbwLV3X2j1B6Rch-wDBAn6WYn_NjenM0LrCYS7ImQdVyGcVZX0NoDNwfxH8HjgEejReJ-ScYN3Fr59sW...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFOdBkZUARNbwLV3X2j1B6Rch-wDBAn6WYn_NjenM0LrCYS7ImQdVyGcVZX0NoDNwfxH8HjgEejReJ-ScYN3Fr59sWEf9EcrvQ&google_hm=eS1reWd6VjRaRTJwRXZ...

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFOdBkZUARNbwLV3X2j1B6Rch-wDBAn6WYn_NjenM0LrCYS7ImQdVyGcVZX0NoDNwfxH8HjgEejReJ-ScYN3Fr59sWEf9EcrvQ&google_hm=eS1reWd6VjRaRTJwRXZBOXNwRUFraTZFakNldVpGcGVBbH5B

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 16 Jul 2023 14:52:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFOdBkZUARNbwLV3X2j1B6Rch-wDBAn6WYn_NjenM0LrCYS7ImQdVyGcVZX0NoDNwfxH8HjgEejReJ-ScYN3Fr59sWEf9EcrvQ&google_hm=eS1reWd6VjRaRTJwRXZBOXNwRUFraTZFakNldVpGcGVBbH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 361D
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO00WT3ZmFF5xoTwNVVj2kg&google_cver=1&google_push=AaAOQGHuW3CzXMYdFIiOv90mrXI1uJvSdrb-abqjdLpmBnHHXGrtcc9jRYtlvZ3l7sGFuKXrNXiKfSeX...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEO00WT3ZmFF5xoTwNVVj2kg&google_cver=1&google_push=AaAOQGHuW3CzXMYdFIiOv90mrXI1uJvSdrb-abqjdLpmBnHHXGrtcc9jRYtlvZ3l7sGFuKXrNXi...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY2NzE2OTY4NTU0NzY4NzE3OA&google_push=AaAOQGHuW3CzXMYdFIiOv90mrXI1uJvSdrb-abqjdLpmBnHHXGrtcc9jRYtlvZ3l7sGFuKXrNXiKfS...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY2NzE2OTY4NTU0NzY4NzE3OA&google_push=AaAOQGHuW3CzXMYdFIiOv90mrXI1uJvSdrb-abqjdLpmBnHHXGrtcc9jRYtlvZ3l7sGFuKXrNXiKfSeXv8cT_A6U4RiDqOcRMPzMe4E

Requested by

Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY2NzE2OTY4NTU0NzY4NzE3OA&google_push=AaAOQGHuW3CzXMYdFIiOv90mrXI1uJvSdrb-abqjdLpmBnHHXGrtcc9jRYtlvZ3l7sGFuKXrNXiKfSeXv8cT_A6U4RiDqOcRMPzMe4E
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 361D 0
131 B 88ms
28ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IXJnmnztbOrzDxlRHpF2kZsu5VwQMK2YKoBFZtzW2EOSlJEGPVFG4RwBaUlZ88P3PfBBYG

Requested by

Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 82C1
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGg-j6Y6XiDnnjc7r3-fciQ&google_cver=1&google_push=AaAOQGFyba3OWMXnmusS0bOLlAkjspho0_j8OSbHzHoI6DuYj_mWy0VyTpD-ikDQy1-IHUPmQ7xgG3VwKXyQVJalynDA3rbZudWOjA
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODIwODM5MjYxMTk1NTM3MzIxNQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGg-j6Y6XiDnnjc7r3-fciQ&google_cver=1

43 B
398 B

51ms
27ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGg-j6Y6XiDnnjc7r3-fciQ&google_cver=1
Requested by: Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 16 Jul 2023 14:52:54 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGg-j6Y6XiDnnjc7r3-fciQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 82C1 35 B
465 B 90ms
23ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEA8zinfw0dZaEnQDd_O8YRs&google_cver=1&google_push=AaAOQGFxvNcyUoZv76GZ5xkaIgMJYNatpgpfOak3hcRZeN_fj5F-pscnLSZKvZ3C1IB-Q4fLEm2F3scoDD9eY0bma3R5vfWMuudc

Requested by

Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 82C1
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEI2MigJ3llrySdUhaRktpHA&google_cver=1&google_push=AaAOQGEsCUcAntjdFtTRNzAi4OlZgo-OmFzEUHJinZc0sL6rn99mPwuFtFqCR2uYwr1R6AxYjD3T3MKhW3v_Aqfq-2auqtL5bjq3o...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEI2MigJ3llrySdUhaRktpHA&google_cver=1&google_push=AaAOQGEsCUcAntjdFtTRNzAi4OlZgo-OmFzEUHJinZc0sL6rn99mPwuFtFqCR2uYwr1R6AxYjD3T3MKhW3v_Aqfq-2auqtL5bjq...

43 B
417 B

199ms
184ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEI2MigJ3llrySdUhaRktpHA&google_cver=1&google_push=AaAOQGEsCUcAntjdFtTRNzAi4OlZgo-OmFzEUHJinZc0sL6rn99mPwuFtFqCR2uYwr1R6AxYjD3T3MKhW3v_Aqfq-2auqtL5bjq3oQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGEsCUcAntjdFtTRNzAi4OlZgo-OmFzEUHJinZc0sL6rn99mPwuFtFqCR2uYwr1R6AxYjD3T3MKhW3v_Aqfq-2auqtL5bjq3oQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:55 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e7b125c3f592bdd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:55 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1009
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEI2MigJ3llrySdUhaRktpHA&google_cver=1&google_push=AaAOQGEsCUcAntjdFtTRNzAi4OlZgo-OmFzEUHJinZc0sL6rn99mPwuFtFqCR2uYwr1R6AxYjD3T3MKhW3v_Aqfq-2auqtL5bjq3oQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGEsCUcAntjdFtTRNzAi4OlZgo-OmFzEUHJinZc0sL6rn99mPwuFtFqCR2uYwr1R6AxYjD3T3MKhW3v_Aqfq-2auqtL5bjq3oQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e7b125add742bdd-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 82C1
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBt8mZU58KDKlQ-M7F81qOI&google_cver=1&google_push=AaAOQGGdcq5BRtzWrGyaTkcPJ8Iz7U_I95qaFZ89B6RTG6yTxWOcz4g1-Ay-TYkvsAAl-2fAOQhCsij7Yfd...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGdcq5BRtzWrGyaTkcPJ8Iz7U_I95qaFZ89B6RTG6yTxWOcz4g1-Ay-TYkvsAAl-2fAOQhCsij7Yfdw1bMczgQUXgpgtrrCJA&google_hm=OWqXaXkLRu2kCrPppe...

170 B
233 B

30ms
30ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGdcq5BRtzWrGyaTkcPJ8Iz7U_I95qaFZ89B6RTG6yTxWOcz4g1-Ay-TYkvsAAl-2fAOQhCsij7Yfdw1bMczgQUXgpgtrrCJA&google_hm=OWqXaXkLRu2kCrPppexMkhM

Requested by

Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:54 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGdcq5BRtzWrGyaTkcPJ8Iz7U_I95qaFZ89B6RTG6yTxWOcz4g1-Ay-TYkvsAAl-2fAOQhCsij7Yfdw1bMczgQUXgpgtrrCJA&google_hm=OWqXaXkLRu2kCrPppexMkhM
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 82C1
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKA2q9rlV_ltQbA4UEBhYCs&google_cver=1&google_push=AaAOQGF3MlJscdzYqaz-HWyBAbWQTDaCJKNJo9XcTjRBFKgJG3t08KUS5VATGlrQpcGuX6z9R_FGizUAhh7u8h...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1NjQyOTU5ODMyNjY1MTAyNg%3D%3D&google_push=AaAOQGF3MlJscdzYqaz-HWyBAbWQTDaCJKNJo9XcTjRBFKgJG3t08KUS5VATGlrQpcGuX6z9R_FGizUAhh7u8h3sIG...

170 B
233 B

29ms
29ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1NjQyOTU5ODMyNjY1MTAyNg%3D%3D&google_push=AaAOQGF3MlJscdzYqaz-HWyBAbWQTDaCJKNJo9XcTjRBFKgJG3t08KUS5VATGlrQpcGuX6z9R_FGizUAhh7u8h3sIG9pVBiWRIeo

Requested by

Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1NjQyOTU5ODMyNjY1MTAyNg%3D%3D&google_push=AaAOQGF3MlJscdzYqaz-HWyBAbWQTDaCJKNJo9XcTjRBFKgJG3t08KUS5VATGlrQpcGuX6z9R_FGizUAhh7u8h3sIG9pVBiWRIeo
Date: Sun, 16 Jul 2023 14:52:54 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 82C1
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEFDnueLJCabVMvcNBMJGfKw&google_cver=1&google_push=AaAOQGGRWDlDi95MjtE1joVcN5ZR3Z-rYoxMhUHNFux8I2_f41TlWf-nKay-VogWf54qdyo4J1FdWKIyvznRlG1A4MGPnJC...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFDnueLJCabVMvcNBMJGfKw&google_cver=1&google_push=AaAOQGGRWDlDi95MjtE1joVcN5ZR3Z-rYoxMhUHNFux8I2_f41TlWf-nKay-VogWf54qdyo4J1FdWKIyvznRlG1A4MGPn...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGGRWDlDi95MjtE1joVcN5ZR3Z-rYoxMhUHNFux8I2_f41TlWf-nKay-VogWf54qdyo4J1FdWKIyvznRlG1A4MGPnJCMtFHpvw

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGGRWDlDi95MjtE1joVcN5ZR3Z-rYoxMhUHNFux8I2_f41TlWf-nKay-VogWf54qdyo4J1FdWKIyvznRlG1A4MGPnJCMtFHpvw

Requested by

Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGGRWDlDi95MjtE1joVcN5ZR3Z-rYoxMhUHNFux8I2_f41TlWf-nKay-VogWf54qdyo4J1FdWKIyvznRlG1A4MGPnJCMtFHpvw
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 82C1
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEF3OxI3tlS5nSJT0GSTMvT0&google_cver=1&google_push=AaAOQGHnb6VMXia0fv3Z7h_9sxsz8f9gdoR3AcgWM9GSILIF2wobpNU7yriT6DoogtUwuRsfFGlBU5VfZ61S...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHnb6VMXia0fv3Z7h_9sxsz8f9gdoR3AcgWM9GSILIF2wobpNU7yriT6DoogtUwuRsfFGlBU5VfZ61Sxnu53dArIjljcCWbog

170 B
233 B

30ms
29ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHnb6VMXia0fv3Z7h_9sxsz8f9gdoR3AcgWM9GSILIF2wobpNU7yriT6DoogtUwuRsfFGlBU5VfZ61Sxnu53dArIjljcCWbog

Requested by

Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHnb6VMXia0fv3Z7h_9sxsz8f9gdoR3AcgWM9GSILIF2wobpNU7yriT6DoogtUwuRsfFGlBU5VfZ61Sxnu53dArIjljcCWbog
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 82C1 0
50 B 31ms
28ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LD4IQP2dQPuedIWawFYlAW81NFsvBc34j1SAXoxL14XGliYkxNtOfRfifnOXz1r8jiBb-v

Requested by

Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3891 0
0 69ms
68ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CmwzFRQS0ZPqBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgT2AU_QXFNx_IGLkh4fUhIEShC5kCznDulYi6AaLPXPYbXJ7p4bK7NubHtSEyZfp-QspptZ79eWxfCTGtdPSA99_sCQuBt9xGlmCnuWxtHFTu-keldxQN7Q2YkOSxvL9-6erfA1W7yFOlvTvQC0YrhRSP2OkN01BfQ54rnF2R3_waf9Z75tAcnKx5yb5iOmCNRqJm-uoqBBzx3QlCWysSVDAMp1-J67MAPVsyAWI2YG2sJTWoMoy1zN4xPonti64S7c_I9eXpDEBHz3RUhDCoiPay8y2_v1qU1RlayUh5-PA5w4PdmtDFaDjy48MbBAGgb8brv-RBeed-AEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi01MTQ0Mzg5NjU3Nzg1NTY1GLCYFQ&sigh=ccjyckUgb_E&uach_m=[UACH]&cid=CAQSOwBpAlJWWHGOU8yVVvXIjfBUMzYS-uO3QStz5ID4-WCVRl5OdqfIs9SpXEwh1BDl0IuO0rYwkBW2VPSSGAE&cbvp=2&vis=1
Requested by: Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 3891 0
104 B 80ms
30ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kddaybthwf3369qhbme4ax0sreqymnqmeaajdn2qb1ypx9wp8zaaq7wh1c1s12sj4tpsqjfm9yawrwph4wp4yttkwdqs3x44fx0a55vyk30nn9zhjd9dqa5ex22yz48t1tc86j6hpshj78xr4vdr71h7ga2bdnv58d135tc6xfezha2tvrk66zkttg1w8xstfn32g58mnjypkezcfaqp3vra4cframxb3yy1begbq8c0xctcbe3fcha5pv59ftr2y39myeyydjgyz5e88kpztre4qfrdex889rc8v4sq5zs5m7cge62gvrahcpsemn7gggwwjek1beqenb07cynaeadyyqsapsc9rsgc3hy8evv76gtr5evyn6vpz578vv9g35xnmq5y6dnsczw&b=ZLQERQAEgPoK5uRVAAMGeYapn8sX3oJCeCnVHw&cbvp=2
Requested by: Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 16 Jul 2023 14:52:54 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame C51E 114 KB
14 KB 30ms
29ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jsjtnrh3yr44vstwccmrnm019r3pt13jw9pjsxzzpn32qsypmf8y1n03w4gg8c9vcv5v5nan4tc0rc1x9n5499z3h0yk3qnf5cgbc59p0acbyzvp5t8xfc0em934ph7p007y61r4r0xx5z9m4q5zk5mwxfgvey4fr9baxavm4mw6ej9m2rb4mvewdc79gnqrx36aeqszn7aeq01sbfap6pdnhvz496g8ekgvcm35jfqh3zm0f3act69kfvcswdwjsd8q5r3h6agm8x5q206qja24v02t9ddywc2ejafrf7h8kcdr15zpkysp1hae1vwphv1nv2nynr6mq2rvvvcsb0mf238eb6q8wxrmfmkdpf4en3chvb21xrs139s3f550n2nv1hyp4575kt84mpzaf2z5b0658rjm24t2thkp0cc2wjaqedrkawrgsr75a1jabx7rfpk6m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfHMIRQS0ZPyBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgSDAk_Qa-hnjUHJGbJX12ZMgxBQ4HtJmV9p0-Hxk5VMrarXT5bHQ9kjCrpf8a2PBPd0b_ouL5TuJLSoTDtb0V4izkSJJ254iHdjrTBRkJP7btyBVeDzvhmzPAUlpdMpewEy57oHtcb83VcbEY9Lbz6X3VjwgJ6P0QD-wN3sv1N8cZGwNBpb2HP4Eyo0oXcvbMki73F-_170dQL8peUFpCsRFMr-HD4SHMhEiXD2G_IQifqpGJXq47dbrZeDdIVG7AfPaC3iZ4ce8DHQfAUxzA2JfDb0CtIPi0MXXNhON65y7iY8dukQ2iGoomQvIXCDJr9wHTXgr6DdYr4PGMfefZwx90AOIcPgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Y_Ao4I4Lh0sQrYEcsGakhGqMZvA%26client%3Dca-pub-5144389657785565%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jsjtnrh3yr44vstwccmrnm019r3pt13jw9pjsxzzpn32qsypmf8y1n03w4gg8c9vcv5v5nan4tc0rc1x9n5499z3h0yk3qnf5cgbc59p0acbyzvp5t8xfc0em934ph7p007y61r4r0xx5z9m4q5zk5mwxfgvey4fr9baxavm4mw6ej9m2rb4mvewdc79gnqrx36aeqszn7aeq01sbfap6pdnhvz496g8ekgvcm35jfqh3zm0f3act69kfvcswdwjsd8q5r3h6agm8x5q206qja24v02t9ddywc2ejafrf7h8kcdr15zpkysp1hae1vwphv1nv2nynr6mq2rvvvcsb0mf238eb6q8wxrmfmkdpf4en3chvb21xrs139s3f550n2nv1hyp4575kt84mpzaf2z5b0658rjm24t2thkp0cc2wjaqedrkawrgsr75a1jabx7rfpk6m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfHMIRQS0ZPyBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgSDAk_Qa-hnjUHJGbJX12ZMgxBQ4HtJmV9p0-Hxk5VMrarXT5bHQ9kjCrpf8a2PBPd0b_ouL5TuJLSoTDtb0V4izkSJJ254iHdjrTBRkJP7btyBVeDzvhmzPAUlpdMpewEy57oHtcb83VcbEY9Lbz6X3VjwgJ6P0QD-wN3sv1N8cZGwNBpb2HP4Eyo0oXcvbMki73F-_170dQL8peUFpCsRFMr-HD4SHMhEiXD2G_IQifqpGJXq47dbrZeDdIVG7AfPaC3iZ4ce8DHQfAUxzA2JfDb0CtIPi0MXXNhON65y7iY8dukQ2iGoomQvIXCDJr9wHTXgr6DdYr4PGMfefZwx90AOIcPgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Y_Ao4I4Lh0sQrYEcsGakhGqMZvA%26client%3Dca-pub-5144389657785565%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 358787
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ff3Q5UHmyCIITI1BeYrhYlz2E04oil73n%2Fc0DnJRfkNNZgfpw9KlGwz1MZGa9XBujgAFKbAemOWn6VxqvsqP9814ZFo%2FMkxuns10z52X5pd9YE7KFxL3DymP9s0f2mNUyNUt3WqHbBk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7e7b125ae8bc5c26-FRA
expires: Sun, 16 Jul 2023 15:52:54 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame C51E 25 KB
10 KB 41ms
32ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jsjtnrh3yr44vstwccmrnm019r3pt13jw9pjsxzzpn32qsypmf8y1n03w4gg8c9vcv5v5nan4tc0rc1x9n5499z3h0yk3qnf5cgbc59p0acbyzvp5t8xfc0em934ph7p007y61r4r0xx5z9m4q5zk5mwxfgvey4fr9baxavm4mw6ej9m2rb4mvewdc79gnqrx36aeqszn7aeq01sbfap6pdnhvz496g8ekgvcm35jfqh3zm0f3act69kfvcswdwjsd8q5r3h6agm8x5q206qja24v02t9ddywc2ejafrf7h8kcdr15zpkysp1hae1vwphv1nv2nynr6mq2rvvvcsb0mf238eb6q8wxrmfmkdpf4en3chvb21xrs139s3f550n2nv1hyp4575kt84mpzaf2z5b0658rjm24t2thkp0cc2wjaqedrkawrgsr75a1jabx7rfpk6m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfHMIRQS0ZPyBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgSDAk_Qa-hnjUHJGbJX12ZMgxBQ4HtJmV9p0-Hxk5VMrarXT5bHQ9kjCrpf8a2PBPd0b_ouL5TuJLSoTDtb0V4izkSJJ254iHdjrTBRkJP7btyBVeDzvhmzPAUlpdMpewEy57oHtcb83VcbEY9Lbz6X3VjwgJ6P0QD-wN3sv1N8cZGwNBpb2HP4Eyo0oXcvbMki73F-_170dQL8peUFpCsRFMr-HD4SHMhEiXD2G_IQifqpGJXq47dbrZeDdIVG7AfPaC3iZ4ce8DHQfAUxzA2JfDb0CtIPi0MXXNhON65y7iY8dukQ2iGoomQvIXCDJr9wHTXgr6DdYr4PGMfefZwx90AOIcPgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Y_Ao4I4Lh0sQrYEcsGakhGqMZvA%26client%3Dca-pub-5144389657785565%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 426152
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=murlHVV7JIxhvjwj6QUqP2LnJzTjds0CWTqsEptDyERykp3qhx4oz5vmZ1pXap%2FEjM0wmRCZlXmbzx6B8YKGDPWNwXzzjf6tHs5CMzYoa7t%2F4HN582D%2FTpJTUSeOeWwp6IxpoFQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7e7b125af8c35c26-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 11 Jul 2023 16:30:12 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 51B8 114 KB
13 KB 31ms
30ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jsvx01jmnzzn0y3fymqyf8cjhj3gqngdr2w4nnhehww24qj6sbmn21zmjhtgf0qn99j6s1wfcypgvmj2wsbkypmhtrt9k4waearjp56jdk7256343t5pkza4tectn5wxbfnnf8jhjxwwy31afz1yhkw2k6zc0bj24tq45wxz2geenjnh394gsfrp1f926v7exjmbthjpsm5n94twz39s5ztjjp8qr6hccvgnk9nc65sdvfd8dxt7yd1v4y6wpxrz9k7yss550wp4ch2s8rkvh1v4w6fha1csx8bzap9hrfasz2v2fs6yztb9ywmz9d0dpas6s9ytxq3hhsg044gk95m8tvzhhxnka6xktfe58chctpcqn4202h54rsace5jwvr8ngns26prvqzqw8m198t1qe0bznwd0vzft5f8zn2h29gkqr29g4fdmyfrxyhmepva4q4zwm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_clZRQS0ZPqBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgT5AU_QXFNx_IGLkh4fUhIEShC5kCznDulYi6AaLPXPYbXJ7p4bK7NubHtSEyZfp-QspptZ79eWxfCTGtdPSA99_sCQuBt9xGlmCnuWxtHFTu-keldxQN7Q2YkOSxvL9-6erfA1W7yFOlvTvQC0YrhRSP2OkN01BfQ54rnF2R3_waf9Z75tAcnKx5yb5iOmCNRqJm-uoqBBzx3QlCWysSVDAMp1-J67MAPVsyAWI2YG2sJTWoMoy1zN4xPonti64S7c_I9eXpDEBHz3RUhDCoiPay9w2dpnfrTW1WQTzwlVSg7KBM2noVytl_O88_nS4pLiQqMrmIjev04fOOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3v8ZIWRyKOVA_fWR3jk_N-Gw9NwA%26client%3Dca-pub-5144389657785565%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jsvx01jmnzzn0y3fymqyf8cjhj3gqngdr2w4nnhehww24qj6sbmn21zmjhtgf0qn99j6s1wfcypgvmj2wsbkypmhtrt9k4waearjp56jdk7256343t5pkza4tectn5wxbfnnf8jhjxwwy31afz1yhkw2k6zc0bj24tq45wxz2geenjnh394gsfrp1f926v7exjmbthjpsm5n94twz39s5ztjjp8qr6hccvgnk9nc65sdvfd8dxt7yd1v4y6wpxrz9k7yss550wp4ch2s8rkvh1v4w6fha1csx8bzap9hrfasz2v2fs6yztb9ywmz9d0dpas6s9ytxq3hhsg044gk95m8tvzhhxnka6xktfe58chctpcqn4202h54rsace5jwvr8ngns26prvqzqw8m198t1qe0bznwd0vzft5f8zn2h29gkqr29g4fdmyfrxyhmepva4q4zwm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_clZRQS0ZPqBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgT5AU_QXFNx_IGLkh4fUhIEShC5kCznDulYi6AaLPXPYbXJ7p4bK7NubHtSEyZfp-QspptZ79eWxfCTGtdPSA99_sCQuBt9xGlmCnuWxtHFTu-keldxQN7Q2YkOSxvL9-6erfA1W7yFOlvTvQC0YrhRSP2OkN01BfQ54rnF2R3_waf9Z75tAcnKx5yb5iOmCNRqJm-uoqBBzx3QlCWysSVDAMp1-J67MAPVsyAWI2YG2sJTWoMoy1zN4xPonti64S7c_I9eXpDEBHz3RUhDCoiPay9w2dpnfrTW1WQTzwlVSg7KBM2noVytl_O88_nS4pLiQqMrmIjev04fOOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3v8ZIWRyKOVA_fWR3jk_N-Gw9NwA%26client%3Dca-pub-5144389657785565%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 358787
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4uMy4bLAqnIPKO%2B%2FUIv1EVUttdYcygcqaHadKJQjDWmmy5pCYQGyQaDRWMLRlNA%2F%2Fd2wi1qIjOOsJbJ7LxDvjtolwudoMu4jpQIChI4xHlAOO%2F%2BQE68RGTWiMzaNM%2BGW1aHviqvo%2FqI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7e7b125af8c25c26-FRA
expires: Sun, 16 Jul 2023 15:52:54 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 51B8 25 KB
10 KB 39ms
38ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jsvx01jmnzzn0y3fymqyf8cjhj3gqngdr2w4nnhehww24qj6sbmn21zmjhtgf0qn99j6s1wfcypgvmj2wsbkypmhtrt9k4waearjp56jdk7256343t5pkza4tectn5wxbfnnf8jhjxwwy31afz1yhkw2k6zc0bj24tq45wxz2geenjnh394gsfrp1f926v7exjmbthjpsm5n94twz39s5ztjjp8qr6hccvgnk9nc65sdvfd8dxt7yd1v4y6wpxrz9k7yss550wp4ch2s8rkvh1v4w6fha1csx8bzap9hrfasz2v2fs6yztb9ywmz9d0dpas6s9ytxq3hhsg044gk95m8tvzhhxnka6xktfe58chctpcqn4202h54rsace5jwvr8ngns26prvqzqw8m198t1qe0bznwd0vzft5f8zn2h29gkqr29g4fdmyfrxyhmepva4q4zwm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_clZRQS0ZPqBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgT5AU_QXFNx_IGLkh4fUhIEShC5kCznDulYi6AaLPXPYbXJ7p4bK7NubHtSEyZfp-QspptZ79eWxfCTGtdPSA99_sCQuBt9xGlmCnuWxtHFTu-keldxQN7Q2YkOSxvL9-6erfA1W7yFOlvTvQC0YrhRSP2OkN01BfQ54rnF2R3_waf9Z75tAcnKx5yb5iOmCNRqJm-uoqBBzx3QlCWysSVDAMp1-J67MAPVsyAWI2YG2sJTWoMoy1zN4xPonti64S7c_I9eXpDEBHz3RUhDCoiPay9w2dpnfrTW1WQTzwlVSg7KBM2noVytl_O88_nS4pLiQqMrmIjev04fOOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3v8ZIWRyKOVA_fWR3jk_N-Gw9NwA%26client%3Dca-pub-5144389657785565%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 426152
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62mOxlGaFl5Go7sm9S532AKV9PPFHjEZio8UhljfDgNN95GfDGQSaQQhMfeU64ZLM9I1UkKZ4umNv%2FnrA%2FBzl%2BpbikppR9Wk%2FK4h8OqcSexRyAu3TRDUdPoupIfnxrjKWZysc00%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7e7b125af8c85c26-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 11 Jul 2023 16:30:12 GMT

GET
DATA 200
OK truncated
/ Frame 8EDE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef332a5930a8a04b7c50da2d4cfaa58cdc3c9b4ce06e1a9de1d2f0fc982e7fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 l
www.google.com/ads/measurement/ Frame D2AE 0
0 28ms
28ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQDkDTu-aOugU6nA776q7hnIpDDPul-I7edL4AnztXlvHXpYnW7IIgXsB3mnGhSz_54a1hIWG-nxaxF8RzEQkuPs9cEiA
Requested by: Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D2AE 179 KB
56 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jul 2023 14:52:54 GMT

GET
DATA 200
OK truncated
/ Frame D2AE 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 399f3dcaffcd9d5ec6973174a225db858e58fad0ce3509a9380ecb21353d98e2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame BA80 34 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 01:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 17 Jul 2023 01:47:45 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6866 0
0 67ms
66ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Co5lwRQS0ZPuBEtXImwf5jIyYB4Kg8tdxgbqnyeAR2tkeEAEgyP2IHmCVgoCAlAegAYeDv_cDyAEJ4AIAqAMByAMKqgSRAk_QmrlrRP7iMG7Zk6ioU4OQwYEk5PDPY9gWAZZC9zWQa35FB9hQnzScZaw4OT3kHd14eQrmllF6AGcQB_fK98G9b0vwW-cijQXUvQ4rDq24u0ew_CBxKtn-Wnu1H_f_VxKhqYqcLLgSnxe6SsF_4s7dWCs41-drbcewa5d8zWekL6UGvSAAWZNNAL9c8h4Oi634Q2MN4fvDSKImsRJGy5chXQtnkrz6eAa35AXcuKkRzcX_viHxyfeI_pBhYzl83LG2FxkJnSXyciboC6N8orHj3mIMWBEAYth7BiL5bpkkqjiZykGzYraVqpgJuxNp7lrwxWKVPyEZt9c7ZSN6xXO8miaqtzuZHiwJNQyl3yJ3l8AEkezW1LYE4AQBkgUECAQYAZIFBAgFGASgBi6AB9ek7JcEqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQoaYE0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKAcgLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi01MTQ0Mzg5NjU3Nzg1NTY1GLCYFQ&sigh=KCTkCBl6NXU&uach_m=[]&cid=CAQSOwBpAlJWWHGOU8yVVvXIjfBUMzYS-uO3QStz5ID4-WCVRl5OdqfIs9SpXEwh1BDl0IuO0rYwkBW2VPSSGAE&template_id=5000&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FC69
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

37ms
37ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 14:52:55 GMT
expires: Sun, 16 Jul 2023 14:52:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 14:52:54 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 51B8 3 KB
4 KB 93ms
32ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2273
x-guploader-uploadid: ADPycdvYh6DcFTcWtsreocvh62FI68ZU81_mgPS4ytwaAhFYa5C3QcDwbcGxCi4sDoChQ5ABuxRYfNBwOuyo4AygCt86RAHaZWyx
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BG46uFbeg%2FtHncAZF2YU8fDOghUCu9p5Gi6YCH5n69z6JagxHI13JadKtw%2BQ14Xwyr%2BSpE6oJJp83d%2FzGAA2gmvFpiSmSPUgXv%2FjT7Q7siJ5KBeUeY9nwOikXZRolLAdYhvgg%2F4SNWHdUdrAqRwjnCcj"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7e7b125bfbd139f1-FRA
expires: Sun, 16 Jul 2023 15:10:49 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame C51E 3 KB
3 KB 91ms
32ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2273
x-guploader-uploadid: ADPycdvYh6DcFTcWtsreocvh62FI68ZU81_mgPS4ytwaAhFYa5C3QcDwbcGxCi4sDoChQ5ABuxRYfNBwOuyo4AygCt86RAHaZWyx
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aOrZtP7p6VKI%2FDRFJAJvnZ%2Bhl8xGAgwl8yc12hOCGy5bH%2FJEFoscQU44bdOwGW24t8xUfkicRpTK8kjj01lsmO4NSoejbiCDYZdbLJJOLScer4V739Es1esKJ%2F7my25RW1HSeQ50lO5jpqn5RZBEsd7l"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7e7b125bfbd339f1-FRA
expires: Sun, 16 Jul 2023 15:10:49 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 693F 2 KB
1 KB 28ms
28ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1805594
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7e7b125baca22c7d-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 16 Jul 2023 14:52:54 GMT
expires: Thu, 08 Jun 2023 00:41:56 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=myJ1voIXtcA4M3FkRjvELqSX1ugtDQhXFMvTXxKBkNBqDosETq4FDJ7e3TVjthhLoNgXzT8a9ifuMp558J72FztWbdGRsPMXPDutof2VlGlJFstQnEaXhrjpEsslahdnEJ4YwXo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame D5F9 2 KB
1 KB 29ms
28ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1805594
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7e7b125baca72c7d-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 16 Jul 2023 14:52:54 GMT
expires: Thu, 08 Jun 2023 00:41:56 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVe5whrd1a9vn%2Fhbb8HFUXiD40VMlT2yjcDcpMLkmIn2QEr8dHbDMeuCP58QkGZBqZPOQUZegbdj9wWrOGZyb0Xk2CDcBmpQgrRTQP3vxS8s7ExBgsxseRzP0pDUQzXmm2DipeE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 css
fonts.googleapis.com/ Frame BA80 6 KB
706 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Jul 2023 14:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 13:47:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Jul 2023 14:52:55 GMT

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame BA80 38 KB
14 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:30:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 Jul 2024 14:30:57 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D2AE 0
0 70ms
68ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C_nMPRQS0ZP2BEtXImwf5jIyYB9Ty45xw6pKnsMwR9tPmrYkCEAEgyP2IHmCVgoCAlAegAdCFxs8ByAEJqQJymQG4SNayPuACAKgDAcgDywSqBJkCT9ANVvzUBksGiftoud4kHVT2OVKC38mk9up9EzBG8te8jZG6uwtTTvc2oVOmRywVQuC8cXU0AE-8XeoqbrOaYDRsDAyaAOjBHBdNXcqHC6entJdf2_i5_VlOS2Uol0EJP0Fg3_LNifzxGsErqK97FzLFpf35Mgb-OlRFBe0HnqyNksU7r4Oexwb1B0lOdxiCuCKcSciT-UwODiaTloWBnJdZf56xaRaMuCk5-K3SjSlaH8EcAiHv1-dok5XdfUhypxVVrTfB7t3_Rx15lMnF_4lHvFR7NpHT7uigebgRLAkOllLz3m9Ats4Wr0urdZ3aeNsteu5tj27o7y_7DGoGeJnN5qHXqnRUpgt-6vx0SJfHBH1iFERRZcTABJPCpZz8A-AEAYgFl9-RrTWSBQQIBBgBkgUECAUYBKAGLoAHjqvFvwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQsr4D0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKAcgLAdoLCAgREOu67uw42BML-hShAQoFCJIEMCEQ67ru7DgacggBEm4KQmh0dHBzOi8vd2ViaG9va3MuaHViYXBpLmNvbS9hZHMtcHJvY2Vzc2luZy92MS9sZWFkLXdlYmhvb2svYWR3b3JkcxokMGNhNTM2ZmEtMDZkYS00MDVhLWI1MDctYjY0MzM3YmQ2MWE0IAEoASICCAUiAggGIgIIDiICCAsiAggMMMTdm641OL_zmIEY0BUBmBYBgBcBshceChwIABIUcHViLTUxNDQzODk2NTc3ODU1NjUYsJgV&sigh=tmUjLzRjk_w&uach_m=[UACH]&cid=CAQSOwBpAlJWWHGOU8yVVvXIjfBUMzYS-uO3QStz5ID4-WCVRl5OdqfIs9SpXEwh1BDl0IuO0rYwkBW2VPSSGAE&template_id=494&cbvp=2&vis=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8EDE 0
0 65ms
64ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cl_1_RQS0ZPyBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgSAAk_Qa-hnjUHJGbJX12ZMgxBQ4HtJmV9p0-Hxk5VMrarXT5bHQ9kjCrpf8a2PBPd0b_ouL5TuJLSoTDtb0V4izkSJJ254iHdjrTBRkJP7btyBVeDzvhmzPAUlpdMpewEy57oHtcb83VcbEY9Lbz6X3VjwgJ6P0QD-wN3sv1N8cZGwNBpb2HP4Eyo0oXcvbMki73F-_170dQL8peUFpCsRFMr-HD4SHMhEiXD2G_IQifqpGJXq47dbrZeDdIVG7AfPaC3iZ4ce8DHQfAUxzA2JfDb0CtIPi0MXXNhOdaxTfPHF8anYXWk-eC2900mXLBJ6My09L2KU8EabBuvGqECut4jgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTE0NDM4OTY1Nzc4NTU2NRiwmBU&sigh=MldwW1jA0lw&uach_m=[UACH]&cid=CAQSOwBpAlJWWHGOU8yVVvXIjfBUMzYS-uO3QStz5ID4-WCVRl5OdqfIs9SpXEwh1BDl0IuO0rYwkBW2VPSSGAE&cbvp=2&vis=1
Requested by: Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 8EDE 0
40 B 33ms
32ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jf7yt8j94bf2cvaxh2qp7pv55nn7gg7tazgjpngsrxdqjbvr5srvr63cze6vkcmwcfggwqafzcemcvxbm8j5dvysrcvbfwaajsmvgjny954vhm9sscphvc7ckhdtkw32dng8nyy435af879x2pr10kmqrr6tg3w4fbkfntnxdpdasd2y48df3dax91c50jg6kqe0wdnbe8svvaqgxz2tqt2ys04h2wt8h2kx3pm0tpas286e9mn29z5w7bmavg5pnpfte96ry2cmj30z0n4fpygj9fv492dtxztrajmzkqd3swc2ns720x23d2y0gvnxhxgb61zt4pns7y9vepmbgn7ce4w0drnfzw13153gfswr6ezn2x5haxprehnz85wxn2g5hh4tdhqtysv&b=ZLQERQAEgPwK5uRVAAMGee3yGMgcRGDztTBFug&cbvp=2
Requested by: Host: 03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 16 Jul 2023 14:52:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 12510506805586233611
tpc.googlesyndication.com/simgad/ Frame BA80 12 KB
12 KB 20ms
20ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12510506805586233611

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab25051f14c22e9ac50fa34afd3d1ba5274e45cd6ccdd151a70e8ec696e5d22d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 06:47:02 GMT
x-content-type-options: nosniff
age: 115553
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12153
x-xss-protection: 0
last-modified: Mon, 06 Jul 2020 12:14:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 14 Jul 2024 06:47:02 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BA80 15 KB
15 KB 19ms
18ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 127348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 03:30:27 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BA80 15 KB
16 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 78520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 17:04:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BA80 15 KB
15 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 15:24:53 GMT
x-content-type-options: nosniff
age: 84482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 15:24:53 GMT

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 61ms
37ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e7b125ea8e09064-FRA
content-length: 24
content-type: text/plain
date: Sun, 16 Jul 2023 14:52:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbW9wP07U9Psz2UPW%2BM8YHPtXJXeLqwek1y2ZMLOHnFse8CcVm5XSbpLE2qhpwocfVCEBayEOugTqNKJ%2F4qEi8XEIF%2FKyWeC6oAwqRZkf2b47TpO4f2U7FLAxqmme3rrlnFJygo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-k9sb

POST
H3 200 rs Show response
ad4m.at/ Frame C51E 2 KB
2 KB 45ms
45ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb2305c3e83d7c86379137d58729c60059847a2dfda83fae01c008582db6a3d5

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 16 Jul 2023 14:52:55 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3SiMyJzRryYQNADw9nEy8%2BDZDZ7YvEaw7%2FkxoV9YKl8v6EICBo5czw9SwdMhIrzVsOh%2Bg8%2FIhfVd%2Fekp08tl48ZJzl8UQvs%2BSpTjCtPwSRbgBFNb4%2Fo0Dh90GUsTJXCHPXpKbs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7e7b125ee91d9064-FRA
x-backend-server: aa-reachservice-group-europe-west1-k9sb
alt-svc: h3=":443"; ma=86400

POST
H3 200 rs Show response
ad4m.at/ Frame 51B8 2 KB
2 KB 43ms
43ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 064d2dc05ac662f9e8ec62726cbba434290af03442eb5cb2d56305bf65424e6b

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 16 Jul 2023 14:52:55 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTYlW8boblCAv6v5QHTKxlg3Dp7Fbqos5FdSP%2BF483o1o%2FlfMXRycrA0BPl%2FFJ3JX47sAPfMeBVUhJ%2FvNX4Yv5NlAECV0LNitZlqJ43FPV%2BPcIByy16ttaoZags1eABVkTkj9Lw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7e7b125ee9219064-FRA
x-backend-server: aa-reachservice-group-europe-west1-k9sb
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 59ms
38ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e7b125ea8e29064-FRA
content-length: 24
content-type: text/plain
date: Sun, 16 Jul 2023 14:52:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rn0xVdNhfJ2YfPsDg5YD83S%2BA2HNKxK14sQmrw1a0DFfNaPDa5DxNyuz28%2FMa4ICa7gO9mZsWKgPJ%2BQsrXedbqR9A0lj6PgtpIV4%2BHAwEivAzRHemqs39sEfkHBIW5UxxYyJ3WM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-k9sb

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame C72C 11 KB
4 KB 44ms
43ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=9b5bf41d330787b8662d012918033612%2F7385498229648963024&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689519175487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz4wsrvm2mt72bjrc8b311cq9ekae8ym9sjwxxe78ezw3n7g34xzhk2p0gqyk77vf7gwt5wn2jbgy4zns2n86tavrpe7n5e5fxzbb70cktqf08a6pnw4etez2kzkttebw4catatjw5nbvejaphvmk48zh6yjfcdm5d09k6xgny4sgyg2gz7qh7z787kvyzk22b136a3zapxabcfakpanpv6wd85e8jq3rbe0xt4bqpzaa2q0wt7a5vjm8zev4y7nb9bcej4vhaf78v5vdrcreaxwm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_clZRQS0ZPqBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgT5AU_QXFNx_IGLkh4fUhIEShC5kCznDulYi6AaLPXPYbXJ7p4bK7NubHtSEyZfp-QspptZ79eWxfCTGtdPSA99_sCQuBt9xGlmCnuWxtHFTu-keldxQN7Q2YkOSxvL9-6erfA1W7yFOlvTvQC0YrhRSP2OkN01BfQ54rnF2R3_waf9Z75tAcnKx5yb5iOmCNRqJm-uoqBBzx3QlCWysSVDAMp1-J67MAPVsyAWI2YG2sJTWoMoy1zN4xPonti64S7c_I9eXpDEBHz3RUhDCoiPay9w2dpnfrTW1WQTzwlVSg7KBM2noVytl_O88_nS4pLiQqMrmIjev04fOOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3v8ZIWRyKOVA_fWR3jk_N-Gw9NwA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

556517aedb84a402c3ef3d8e7a985fd75c7d8ed4885d89b5eb4e0ff54fc9a2d0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jsvx01jmnzzn0y3fymqyf8cjhj3gqngdr2w4nnhehww24qj6sbmn21zmjhtgf0qn99j6s1wfcypgvmj2wsbkypmhtrt9k4waearjp56jdk7256343t5pkza4tectn5wxbfnnf8jhjxwwy31afz1yhkw2k6zc0bj24tq45wxz2geenjnh394gsfrp1f926v7exjmbthjpsm5n94twz39s5ztjjp8qr6hccvgnk9nc65sdvfd8dxt7yd1v4y6wpxrz9k7yss550wp4ch2s8rkvh1v4w6fha1csx8bzap9hrfasz2v2fs6yztb9ywmz9d0dpas6s9ytxq3hhsg044gk95m8tvzhhxnka6xktfe58chctpcqn4202h54rsace5jwvr8ngns26prvqzqw8m198t1qe0bznwd0vzft5f8zn2h29gkqr29g4fdmyfrxyhmepva4q4zwm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_clZRQS0ZPqBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgT5AU_QXFNx_IGLkh4fUhIEShC5kCznDulYi6AaLPXPYbXJ7p4bK7NubHtSEyZfp-QspptZ79eWxfCTGtdPSA99_sCQuBt9xGlmCnuWxtHFTu-keldxQN7Q2YkOSxvL9-6erfA1W7yFOlvTvQC0YrhRSP2OkN01BfQ54rnF2R3_waf9Z75tAcnKx5yb5iOmCNRqJm-uoqBBzx3QlCWysSVDAMp1-J67MAPVsyAWI2YG2sJTWoMoy1zN4xPonti64S7c_I9eXpDEBHz3RUhDCoiPay9w2dpnfrTW1WQTzwlVSg7KBM2noVytl_O88_nS4pLiQqMrmIjev04fOOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3v8ZIWRyKOVA_fWR3jk_N-Gw9NwA%26client%3Dca-pub-5144389657785565%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e7b125ffa3c2c7d-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 14:52:55 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame CEBD 11 KB
4 KB 49ms
49ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=1594f18d3f544ea7a429e1fbc406df5f%2F3076366945171163883&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689519175490&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knmm9ctsctddr8tam2jggd8mxvsdxw8bw6y8brrf6cf5zr8jp397d6edbzk91gwqpjecsetd3zgsa1ekn1mprphajspgew270wp1868dfzf12f07baw3hnkxjbydmmhrd0qtncjkzrqb435rnf1jwa34q8nda7j715geqjeax7t5nrv2kkqtpdf0dyp7kq3vf5g0d1vbybgrrmat2bjxxrw6nb9danrgc347zvza3sgcm9xb98p3kp3g9f48eq3xk760gp1b9ta0xv2qhmrvkm8vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfHMIRQS0ZPyBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgSDAk_Qa-hnjUHJGbJX12ZMgxBQ4HtJmV9p0-Hxk5VMrarXT5bHQ9kjCrpf8a2PBPd0b_ouL5TuJLSoTDtb0V4izkSJJ254iHdjrTBRkJP7btyBVeDzvhmzPAUlpdMpewEy57oHtcb83VcbEY9Lbz6X3VjwgJ6P0QD-wN3sv1N8cZGwNBpb2HP4Eyo0oXcvbMki73F-_170dQL8peUFpCsRFMr-HD4SHMhEiXD2G_IQifqpGJXq47dbrZeDdIVG7AfPaC3iZ4ce8DHQfAUxzA2JfDb0CtIPi0MXXNhON65y7iY8dukQ2iGoomQvIXCDJr9wHTXgr6DdYr4PGMfefZwx90AOIcPgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Y_Ao4I4Lh0sQrYEcsGakhGqMZvA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

862814ed4e1832a653619dd7e0edbcb8d2313ed56f1e0ba58b9f5cc6dfa4a132

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jsjtnrh3yr44vstwccmrnm019r3pt13jw9pjsxzzpn32qsypmf8y1n03w4gg8c9vcv5v5nan4tc0rc1x9n5499z3h0yk3qnf5cgbc59p0acbyzvp5t8xfc0em934ph7p007y61r4r0xx5z9m4q5zk5mwxfgvey4fr9baxavm4mw6ej9m2rb4mvewdc79gnqrx36aeqszn7aeq01sbfap6pdnhvz496g8ekgvcm35jfqh3zm0f3act69kfvcswdwjsd8q5r3h6agm8x5q206qja24v02t9ddywc2ejafrf7h8kcdr15zpkysp1hae1vwphv1nv2nynr6mq2rvvvcsb0mf238eb6q8wxrmfmkdpf4en3chvb21xrs139s3f550n2nv1hyp4575kt84mpzaf2z5b0658rjm24t2thkp0cc2wjaqedrkawrgsr75a1jabx7rfpk6m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfHMIRQS0ZPyBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgSDAk_Qa-hnjUHJGbJX12ZMgxBQ4HtJmV9p0-Hxk5VMrarXT5bHQ9kjCrpf8a2PBPd0b_ouL5TuJLSoTDtb0V4izkSJJ254iHdjrTBRkJP7btyBVeDzvhmzPAUlpdMpewEy57oHtcb83VcbEY9Lbz6X3VjwgJ6P0QD-wN3sv1N8cZGwNBpb2HP4Eyo0oXcvbMki73F-_170dQL8peUFpCsRFMr-HD4SHMhEiXD2G_IQifqpGJXq47dbrZeDdIVG7AfPaC3iZ4ce8DHQfAUxzA2JfDb0CtIPi0MXXNhON65y7iY8dukQ2iGoomQvIXCDJr9wHTXgr6DdYr4PGMfefZwx90AOIcPgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Y_Ao4I4Lh0sQrYEcsGakhGqMZvA%26client%3Dca-pub-5144389657785565%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e7b125ffa3d2c7d-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 14:52:55 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame C72C 114 KB
14 KB 34ms
34ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=9b5bf41d330787b8662d012918033612%2F7385498229648963024&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689519175487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz4wsrvm2mt72bjrc8b311cq9ekae8ym9sjwxxe78ezw3n7g34xzhk2p0gqyk77vf7gwt5wn2jbgy4zns2n86tavrpe7n5e5fxzbb70cktqf08a6pnw4etez2kzkttebw4catatjw5nbvejaphvmk48zh6yjfcdm5d09k6xgny4sgyg2gz7qh7z787kvyzk22b136a3zapxabcfakpanpv6wd85e8jq3rbe0xt4bqpzaa2q0wt7a5vjm8zev4y7nb9bcej4vhaf78v5vdrcreaxwm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_clZRQS0ZPqBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgT5AU_QXFNx_IGLkh4fUhIEShC5kCznDulYi6AaLPXPYbXJ7p4bK7NubHtSEyZfp-QspptZ79eWxfCTGtdPSA99_sCQuBt9xGlmCnuWxtHFTu-keldxQN7Q2YkOSxvL9-6erfA1W7yFOlvTvQC0YrhRSP2OkN01BfQ54rnF2R3_waf9Z75tAcnKx5yb5iOmCNRqJm-uoqBBzx3QlCWysSVDAMp1-J67MAPVsyAWI2YG2sJTWoMoy1zN4xPonti64S7c_I9eXpDEBHz3RUhDCoiPay9w2dpnfrTW1WQTzwlVSg7KBM2noVytl_O88_nS4pLiQqMrmIjev04fOOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3v8ZIWRyKOVA_fWR3jk_N-Gw9NwA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=9b5bf41d330787b8662d012918033612%2F7385498229648963024&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689519175487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz4wsrvm2mt72bjrc8b311cq9ekae8ym9sjwxxe78ezw3n7g34xzhk2p0gqyk77vf7gwt5wn2jbgy4zns2n86tavrpe7n5e5fxzbb70cktqf08a6pnw4etez2kzkttebw4catatjw5nbvejaphvmk48zh6yjfcdm5d09k6xgny4sgyg2gz7qh7z787kvyzk22b136a3zapxabcfakpanpv6wd85e8jq3rbe0xt4bqpzaa2q0wt7a5vjm8zev4y7nb9bcej4vhaf78v5vdrcreaxwm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_clZRQS0ZPqBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgT5AU_QXFNx_IGLkh4fUhIEShC5kCznDulYi6AaLPXPYbXJ7p4bK7NubHtSEyZfp-QspptZ79eWxfCTGtdPSA99_sCQuBt9xGlmCnuWxtHFTu-keldxQN7Q2YkOSxvL9-6erfA1W7yFOlvTvQC0YrhRSP2OkN01BfQ54rnF2R3_waf9Z75tAcnKx5yb5iOmCNRqJm-uoqBBzx3QlCWysSVDAMp1-J67MAPVsyAWI2YG2sJTWoMoy1zN4xPonti64S7c_I9eXpDEBHz3RUhDCoiPay9w2dpnfrTW1WQTzwlVSg7KBM2noVytl_O88_nS4pLiQqMrmIjev04fOOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3v8ZIWRyKOVA_fWR3jk_N-Gw9NwA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 358788
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OoZR%2FTshO9RBxRavssD38bwz6fTapm%2F%2BEsuUBNPPdJLLO4fFpCbc9OKcveJExGLmfTl%2FktrA01kK4OR30uh0Kj0wyaaqH1NU3bwC9fwoA8ooBgGVUJPtnDPGoX9JlUYXdnGwnsM35YA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7e7b12604a9a2c7d-FRA
expires: Sun, 16 Jul 2023 15:52:55 GMT

GET
H2 200 C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame C72C 5 KB
5 KB 61ms
35ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=9b5bf41d330787b8662d012918033612%2F7385498229648963024&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689519175487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz4wsrvm2mt72bjrc8b311cq9ekae8ym9sjwxxe78ezw3n7g34xzhk2p0gqyk77vf7gwt5wn2jbgy4zns2n86tavrpe7n5e5fxzbb70cktqf08a6pnw4etez2kzkttebw4catatjw5nbvejaphvmk48zh6yjfcdm5d09k6xgny4sgyg2gz7qh7z787kvyzk22b136a3zapxabcfakpanpv6wd85e8jq3rbe0xt4bqpzaa2q0wt7a5vjm8zev4y7nb9bcej4vhaf78v5vdrcreaxwm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_clZRQS0ZPqBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgT5AU_QXFNx_IGLkh4fUhIEShC5kCznDulYi6AaLPXPYbXJ7p4bK7NubHtSEyZfp-QspptZ79eWxfCTGtdPSA99_sCQuBt9xGlmCnuWxtHFTu-keldxQN7Q2YkOSxvL9-6erfA1W7yFOlvTvQC0YrhRSP2OkN01BfQ54rnF2R3_waf9Z75tAcnKx5yb5iOmCNRqJm-uoqBBzx3QlCWysSVDAMp1-J67MAPVsyAWI2YG2sJTWoMoy1zN4xPonti64S7c_I9eXpDEBHz3RUhDCoiPay9w2dpnfrTW1WQTzwlVSg7KBM2noVytl_O88_nS4pLiQqMrmIjev04fOOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3v8ZIWRyKOVA_fWR3jk_N-Gw9NwA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2295875
cf-polished: origFmt=png, origSize=10283
alt-svc: h3=":443"; ma=86400
content-length: 4736
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Apr 2023 12:21:02 GMT
server: cloudflare
etag: "b90d04a587c2a1ab6749e51d8bb195d1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bl%2BSqaxP881q3KcafzhmAqJ41gi6VxL079RlMZathYAQ7%2FUCHHk7URhLOuyr2QG2rUGjsrhzGwXxpfivElz0IPlqqYFY4RptmGIHeJcKQFlBHWgCB7R7rlXJgCImr75bFMZ1NTzjAEzod8X2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e7b12607ea95c26-FRA
expires: Mon, 17 Jul 2023 14:52:55 GMT

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame C72C 91 KB
91 KB 64ms
39ms Image
image/png 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=9b5bf41d330787b8662d012918033612%2F7385498229648963024&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689519175487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz4wsrvm2mt72bjrc8b311cq9ekae8ym9sjwxxe78ezw3n7g34xzhk2p0gqyk77vf7gwt5wn2jbgy4zns2n86tavrpe7n5e5fxzbb70cktqf08a6pnw4etez2kzkttebw4catatjw5nbvejaphvmk48zh6yjfcdm5d09k6xgny4sgyg2gz7qh7z787kvyzk22b136a3zapxabcfakpanpv6wd85e8jq3rbe0xt4bqpzaa2q0wt7a5vjm8zev4y7nb9bcej4vhaf78v5vdrcreaxwm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_clZRQS0ZPqBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgT5AU_QXFNx_IGLkh4fUhIEShC5kCznDulYi6AaLPXPYbXJ7p4bK7NubHtSEyZfp-QspptZ79eWxfCTGtdPSA99_sCQuBt9xGlmCnuWxtHFTu-keldxQN7Q2YkOSxvL9-6erfA1W7yFOlvTvQC0YrhRSP2OkN01BfQ54rnF2R3_waf9Z75tAcnKx5yb5iOmCNRqJm-uoqBBzx3QlCWysSVDAMp1-J67MAPVsyAWI2YG2sJTWoMoy1zN4xPonti64S7c_I9eXpDEBHz3RUhDCoiPay9w2dpnfrTW1WQTzwlVSg7KBM2noVytl_O88_nS4pLiQqMrmIjev04fOOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3v8ZIWRyKOVA_fWR3jk_N-Gw9NwA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1368034
cf-polished: origSize=105738, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 92686
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0pkdbScWUuCN5bD51RqvNcfloiKYKOTyYJjZc9tp1Y%2FHE9Y82ML14q%2F9tzDoNt3mo0vrQpnXm5Td4E26jEtLaVT5pdw443496sAqR21mW0RvoMN5EUOCEaOB4s9iaNkL6seywusCGyQPnBG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e7b12607ead5c26-FRA
expires: Mon, 17 Jul 2023 14:52:55 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame C72C 2 KB
3 KB 64ms
40ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=9b5bf41d330787b8662d012918033612%2F7385498229648963024&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689519175487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz4wsrvm2mt72bjrc8b311cq9ekae8ym9sjwxxe78ezw3n7g34xzhk2p0gqyk77vf7gwt5wn2jbgy4zns2n86tavrpe7n5e5fxzbb70cktqf08a6pnw4etez2kzkttebw4catatjw5nbvejaphvmk48zh6yjfcdm5d09k6xgny4sgyg2gz7qh7z787kvyzk22b136a3zapxabcfakpanpv6wd85e8jq3rbe0xt4bqpzaa2q0wt7a5vjm8zev4y7nb9bcej4vhaf78v5vdrcreaxwm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_clZRQS0ZPqBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgT5AU_QXFNx_IGLkh4fUhIEShC5kCznDulYi6AaLPXPYbXJ7p4bK7NubHtSEyZfp-QspptZ79eWxfCTGtdPSA99_sCQuBt9xGlmCnuWxtHFTu-keldxQN7Q2YkOSxvL9-6erfA1W7yFOlvTvQC0YrhRSP2OkN01BfQ54rnF2R3_waf9Z75tAcnKx5yb5iOmCNRqJm-uoqBBzx3QlCWysSVDAMp1-J67MAPVsyAWI2YG2sJTWoMoy1zN4xPonti64S7c_I9eXpDEBHz3RUhDCoiPay9w2dpnfrTW1WQTzwlVSg7KBM2noVytl_O88_nS4pLiQqMrmIjev04fOOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3v8ZIWRyKOVA_fWR3jk_N-Gw9NwA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2176509
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YLTNe5JZfMQcBA6zyIr2ILD%2Fld8z1Xbc%2F%2FDJuz2rnjO0sf4CVu1AIeWIo4tnWcPtvS101OVHEJjSB9iNzvZFCJNK9H9xO8EOkb8fefUEwplatSpa6lNRdpbd8iE2FcIKQGn7GR7G9lLT3y20"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e7b12607ea65c26-FRA
expires: Mon, 17 Jul 2023 14:52:55 GMT

GET
H2 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame C72C 253 KB
254 KB 63ms
39ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=9b5bf41d330787b8662d012918033612%2F7385498229648963024&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689519175487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz4wsrvm2mt72bjrc8b311cq9ekae8ym9sjwxxe78ezw3n7g34xzhk2p0gqyk77vf7gwt5wn2jbgy4zns2n86tavrpe7n5e5fxzbb70cktqf08a6pnw4etez2kzkttebw4catatjw5nbvejaphvmk48zh6yjfcdm5d09k6xgny4sgyg2gz7qh7z787kvyzk22b136a3zapxabcfakpanpv6wd85e8jq3rbe0xt4bqpzaa2q0wt7a5vjm8zev4y7nb9bcej4vhaf78v5vdrcreaxwm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_clZRQS0ZPqBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgT5AU_QXFNx_IGLkh4fUhIEShC5kCznDulYi6AaLPXPYbXJ7p4bK7NubHtSEyZfp-QspptZ79eWxfCTGtdPSA99_sCQuBt9xGlmCnuWxtHFTu-keldxQN7Q2YkOSxvL9-6erfA1W7yFOlvTvQC0YrhRSP2OkN01BfQ54rnF2R3_waf9Z75tAcnKx5yb5iOmCNRqJm-uoqBBzx3QlCWysSVDAMp1-J67MAPVsyAWI2YG2sJTWoMoy1zN4xPonti64S7c_I9eXpDEBHz3RUhDCoiPay9w2dpnfrTW1WQTzwlVSg7KBM2noVytl_O88_nS4pLiQqMrmIjev04fOOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3v8ZIWRyKOVA_fWR3jk_N-Gw9NwA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43780
cf-polished: origFmt=png, origSize=431531
alt-svc: h3=":443"; ma=86400
content-length: 259252
cf-bgj: imgq:85,h2pri
last-modified: Fri, 16 Jun 2023 10:20:07 GMT
server: cloudflare
etag: "16f7fe8ce7119ba0f513f8179ecb2d3a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2asabz8u0Y4Qkcf3ly0v5J9zG3sPnE4FwRrb%2FWstlyB1Q1ahfQ3Y8EpvROJ16sGqc5G%2ByrJZtAyDB%2FZmOXPs75hoEMSjPxSFtN583wNEAH0g7YxWCt%2Fxc0QFBqhNrtx5iwhNBkDXKy3Fuo0j"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e7b12607eae5c26-FRA
expires: Mon, 17 Jul 2023 14:52:55 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame C72C 43 B
703 B 155ms
85ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=9b5bf41d330787b8662d012918033612%2F7385498229648963024&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689519175487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz4wsrvm2mt72bjrc8b311cq9ekae8ym9sjwxxe78ezw3n7g34xzhk2p0gqyk77vf7gwt5wn2jbgy4zns2n86tavrpe7n5e5fxzbb70cktqf08a6pnw4etez2kzkttebw4catatjw5nbvejaphvmk48zh6yjfcdm5d09k6xgny4sgyg2gz7qh7z787kvyzk22b136a3zapxabcfakpanpv6wd85e8jq3rbe0xt4bqpzaa2q0wt7a5vjm8zev4y7nb9bcej4vhaf78v5vdrcreaxwm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_clZRQS0ZPqBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgT5AU_QXFNx_IGLkh4fUhIEShC5kCznDulYi6AaLPXPYbXJ7p4bK7NubHtSEyZfp-QspptZ79eWxfCTGtdPSA99_sCQuBt9xGlmCnuWxtHFTu-keldxQN7Q2YkOSxvL9-6erfA1W7yFOlvTvQC0YrhRSP2OkN01BfQ54rnF2R3_waf9Z75tAcnKx5yb5iOmCNRqJm-uoqBBzx3QlCWysSVDAMp1-J67MAPVsyAWI2YG2sJTWoMoy1zN4xPonti64S7c_I9eXpDEBHz3RUhDCoiPay9w2dpnfrTW1WQTzwlVSg7KBM2noVytl_O88_nS4pLiQqMrmIjev04fOOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3v8ZIWRyKOVA_fWR3jk_N-Gw9NwA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 16 Jul 2023 14:52:55 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame C72C 36 KB
36 KB 62ms
39ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=9b5bf41d330787b8662d012918033612%2F7385498229648963024&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689519175487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz4wsrvm2mt72bjrc8b311cq9ekae8ym9sjwxxe78ezw3n7g34xzhk2p0gqyk77vf7gwt5wn2jbgy4zns2n86tavrpe7n5e5fxzbb70cktqf08a6pnw4etez2kzkttebw4catatjw5nbvejaphvmk48zh6yjfcdm5d09k6xgny4sgyg2gz7qh7z787kvyzk22b136a3zapxabcfakpanpv6wd85e8jq3rbe0xt4bqpzaa2q0wt7a5vjm8zev4y7nb9bcej4vhaf78v5vdrcreaxwm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_clZRQS0ZPqBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgT5AU_QXFNx_IGLkh4fUhIEShC5kCznDulYi6AaLPXPYbXJ7p4bK7NubHtSEyZfp-QspptZ79eWxfCTGtdPSA99_sCQuBt9xGlmCnuWxtHFTu-keldxQN7Q2YkOSxvL9-6erfA1W7yFOlvTvQC0YrhRSP2OkN01BfQ54rnF2R3_waf9Z75tAcnKx5yb5iOmCNRqJm-uoqBBzx3QlCWysSVDAMp1-J67MAPVsyAWI2YG2sJTWoMoy1zN4xPonti64S7c_I9eXpDEBHz3RUhDCoiPay9w2dpnfrTW1WQTzwlVSg7KBM2noVytl_O88_nS4pLiQqMrmIjev04fOOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3v8ZIWRyKOVA_fWR3jk_N-Gw9NwA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1891234
cf-polished: origFmt=png, origSize=62828
alt-svc: h3=":443"; ma=86400
content-length: 36446
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Oct 2022 15:02:47 GMT
server: cloudflare
etag: "e12c1a9f1887c09d377658838eaaa06d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGgdg25tPTWn32q91YaWFnbTUlFvnbMAuumA%2Bj0RY6jQZWMP5GnKYHG1J5jdz4WO1NEjR0%2FM%2FOnnto%2FCTVOOJZ9x5%2F8s8phCdMmztFGXLTs4a8mrwgcaZflJA84ufo%2Fu527ThqdpMeZjMZj%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e7b12607eb05c26-FRA
expires: Mon, 17 Jul 2023 14:52:55 GMT

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame C72C 38 KB
38 KB 80ms
56ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=9b5bf41d330787b8662d012918033612%2F7385498229648963024&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689519175487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz4wsrvm2mt72bjrc8b311cq9ekae8ym9sjwxxe78ezw3n7g34xzhk2p0gqyk77vf7gwt5wn2jbgy4zns2n86tavrpe7n5e5fxzbb70cktqf08a6pnw4etez2kzkttebw4catatjw5nbvejaphvmk48zh6yjfcdm5d09k6xgny4sgyg2gz7qh7z787kvyzk22b136a3zapxabcfakpanpv6wd85e8jq3rbe0xt4bqpzaa2q0wt7a5vjm8zev4y7nb9bcej4vhaf78v5vdrcreaxwm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_clZRQS0ZPqBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgT5AU_QXFNx_IGLkh4fUhIEShC5kCznDulYi6AaLPXPYbXJ7p4bK7NubHtSEyZfp-QspptZ79eWxfCTGtdPSA99_sCQuBt9xGlmCnuWxtHFTu-keldxQN7Q2YkOSxvL9-6erfA1W7yFOlvTvQC0YrhRSP2OkN01BfQ54rnF2R3_waf9Z75tAcnKx5yb5iOmCNRqJm-uoqBBzx3QlCWysSVDAMp1-J67MAPVsyAWI2YG2sJTWoMoy1zN4xPonti64S7c_I9eXpDEBHz3RUhDCoiPay9w2dpnfrTW1WQTzwlVSg7KBM2noVytl_O88_nS4pLiQqMrmIjev04fOOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3v8ZIWRyKOVA_fWR3jk_N-Gw9NwA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 237733
cf-polished: degrade=85, origSize=133780, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 38661
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Feb 2020 10:22:01 GMT
server: cloudflare
etag: "d061ca155f758f490340e147604dc3ee"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7AneWphqCsUUL3F3fW9%2BKwP7MJn3zu2bmBzXcLeSwfz4v%2Fqon8lfqCMV8AB6LR99S1Ylz9ZkOUVYVgAiT93pRzPuVx12pOWfyWQQ5GZSyApA9i9esd2eOk9EtHSdqsIW0m5S1G1u%2FyW9Y%2Bm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e7b12608ec65c26-FRA
expires: Mon, 17 Jul 2023 14:52:55 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame C72C 43 B
703 B 337ms
254ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 16 Jul 2023 14:52:56 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame CEBD 114 KB
14 KB 46ms
46ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=1594f18d3f544ea7a429e1fbc406df5f%2F3076366945171163883&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689519175490&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knmm9ctsctddr8tam2jggd8mxvsdxw8bw6y8brrf6cf5zr8jp397d6edbzk91gwqpjecsetd3zgsa1ekn1mprphajspgew270wp1868dfzf12f07baw3hnkxjbydmmhrd0qtncjkzrqb435rnf1jwa34q8nda7j715geqjeax7t5nrv2kkqtpdf0dyp7kq3vf5g0d1vbybgrrmat2bjxxrw6nb9danrgc347zvza3sgcm9xb98p3kp3g9f48eq3xk760gp1b9ta0xv2qhmrvkm8vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfHMIRQS0ZPyBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgSDAk_Qa-hnjUHJGbJX12ZMgxBQ4HtJmV9p0-Hxk5VMrarXT5bHQ9kjCrpf8a2PBPd0b_ouL5TuJLSoTDtb0V4izkSJJ254iHdjrTBRkJP7btyBVeDzvhmzPAUlpdMpewEy57oHtcb83VcbEY9Lbz6X3VjwgJ6P0QD-wN3sv1N8cZGwNBpb2HP4Eyo0oXcvbMki73F-_170dQL8peUFpCsRFMr-HD4SHMhEiXD2G_IQifqpGJXq47dbrZeDdIVG7AfPaC3iZ4ce8DHQfAUxzA2JfDb0CtIPi0MXXNhON65y7iY8dukQ2iGoomQvIXCDJr9wHTXgr6DdYr4PGMfefZwx90AOIcPgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Y_Ao4I4Lh0sQrYEcsGakhGqMZvA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=1594f18d3f544ea7a429e1fbc406df5f%2F3076366945171163883&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689519175490&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knmm9ctsctddr8tam2jggd8mxvsdxw8bw6y8brrf6cf5zr8jp397d6edbzk91gwqpjecsetd3zgsa1ekn1mprphajspgew270wp1868dfzf12f07baw3hnkxjbydmmhrd0qtncjkzrqb435rnf1jwa34q8nda7j715geqjeax7t5nrv2kkqtpdf0dyp7kq3vf5g0d1vbybgrrmat2bjxxrw6nb9danrgc347zvza3sgcm9xb98p3kp3g9f48eq3xk760gp1b9ta0xv2qhmrvkm8vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfHMIRQS0ZPyBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgSDAk_Qa-hnjUHJGbJX12ZMgxBQ4HtJmV9p0-Hxk5VMrarXT5bHQ9kjCrpf8a2PBPd0b_ouL5TuJLSoTDtb0V4izkSJJ254iHdjrTBRkJP7btyBVeDzvhmzPAUlpdMpewEy57oHtcb83VcbEY9Lbz6X3VjwgJ6P0QD-wN3sv1N8cZGwNBpb2HP4Eyo0oXcvbMki73F-_170dQL8peUFpCsRFMr-HD4SHMhEiXD2G_IQifqpGJXq47dbrZeDdIVG7AfPaC3iZ4ce8DHQfAUxzA2JfDb0CtIPi0MXXNhON65y7iY8dukQ2iGoomQvIXCDJr9wHTXgr6DdYr4PGMfefZwx90AOIcPgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Y_Ao4I4Lh0sQrYEcsGakhGqMZvA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 358788
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YNECi2BS0r0mg0bp4DSXP6Vo5WWA49mgprExRgtQ0OyFGEJWK%2FRbXmCwVIjS2%2FlUTcO%2FmbjcdDl5kTVS39vzOY7mW%2Bx1Ubcg8hlMxXmY9QNX1K%2FxSRtwAauI5wiorcQLmS6o0GyRed4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7e7b12605aaa2c7d-FRA
expires: Sun, 16 Jul 2023 15:52:55 GMT

GET
H2 200 C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame CEBD 5 KB
5 KB 55ms
35ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=1594f18d3f544ea7a429e1fbc406df5f%2F3076366945171163883&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689519175490&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knmm9ctsctddr8tam2jggd8mxvsdxw8bw6y8brrf6cf5zr8jp397d6edbzk91gwqpjecsetd3zgsa1ekn1mprphajspgew270wp1868dfzf12f07baw3hnkxjbydmmhrd0qtncjkzrqb435rnf1jwa34q8nda7j715geqjeax7t5nrv2kkqtpdf0dyp7kq3vf5g0d1vbybgrrmat2bjxxrw6nb9danrgc347zvza3sgcm9xb98p3kp3g9f48eq3xk760gp1b9ta0xv2qhmrvkm8vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfHMIRQS0ZPyBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgSDAk_Qa-hnjUHJGbJX12ZMgxBQ4HtJmV9p0-Hxk5VMrarXT5bHQ9kjCrpf8a2PBPd0b_ouL5TuJLSoTDtb0V4izkSJJ254iHdjrTBRkJP7btyBVeDzvhmzPAUlpdMpewEy57oHtcb83VcbEY9Lbz6X3VjwgJ6P0QD-wN3sv1N8cZGwNBpb2HP4Eyo0oXcvbMki73F-_170dQL8peUFpCsRFMr-HD4SHMhEiXD2G_IQifqpGJXq47dbrZeDdIVG7AfPaC3iZ4ce8DHQfAUxzA2JfDb0CtIPi0MXXNhON65y7iY8dukQ2iGoomQvIXCDJr9wHTXgr6DdYr4PGMfefZwx90AOIcPgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Y_Ao4I4Lh0sQrYEcsGakhGqMZvA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2295875
cf-polished: origFmt=png, origSize=10283
alt-svc: h3=":443"; ma=86400
content-length: 4736
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Apr 2023 12:21:02 GMT
server: cloudflare
etag: "b90d04a587c2a1ab6749e51d8bb195d1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GirPenLI5K600DA1FZ62ju0VOdctrAEErfuUCe0k33g1FgM1NClyrAcFrrVy9fIYUyKEKS9sYep%2Fj3jONatObZnlidSw0Y9ecZPkyyJ%2BxmcnEhzinBx1wAZptcNSFTXtpmW2z5aRPLK2ZCde"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e7b12607eaa5c26-FRA
expires: Mon, 17 Jul 2023 14:52:55 GMT

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame CEBD 91 KB
91 KB 55ms
36ms Image
image/png 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=1594f18d3f544ea7a429e1fbc406df5f%2F3076366945171163883&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689519175490&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knmm9ctsctddr8tam2jggd8mxvsdxw8bw6y8brrf6cf5zr8jp397d6edbzk91gwqpjecsetd3zgsa1ekn1mprphajspgew270wp1868dfzf12f07baw3hnkxjbydmmhrd0qtncjkzrqb435rnf1jwa34q8nda7j715geqjeax7t5nrv2kkqtpdf0dyp7kq3vf5g0d1vbybgrrmat2bjxxrw6nb9danrgc347zvza3sgcm9xb98p3kp3g9f48eq3xk760gp1b9ta0xv2qhmrvkm8vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfHMIRQS0ZPyBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgSDAk_Qa-hnjUHJGbJX12ZMgxBQ4HtJmV9p0-Hxk5VMrarXT5bHQ9kjCrpf8a2PBPd0b_ouL5TuJLSoTDtb0V4izkSJJ254iHdjrTBRkJP7btyBVeDzvhmzPAUlpdMpewEy57oHtcb83VcbEY9Lbz6X3VjwgJ6P0QD-wN3sv1N8cZGwNBpb2HP4Eyo0oXcvbMki73F-_170dQL8peUFpCsRFMr-HD4SHMhEiXD2G_IQifqpGJXq47dbrZeDdIVG7AfPaC3iZ4ce8DHQfAUxzA2JfDb0CtIPi0MXXNhON65y7iY8dukQ2iGoomQvIXCDJr9wHTXgr6DdYr4PGMfefZwx90AOIcPgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Y_Ao4I4Lh0sQrYEcsGakhGqMZvA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1368034
cf-polished: origSize=105738, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 92686
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4mtYvnd27U9FY0KCPywzCEHfb3nP5Eh2DSjnYbRyYhR9xI1Utsi9R4okutjYokeD1Fr3euihBo33Wihfz%2FxqzhLOEEZP0MPehEGgSw%2F0gnmGeJRGzqL%2B9EKSJbSuuA2SxE67aOYUTcp2EC4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e7b12607ea25c26-FRA
expires: Mon, 17 Jul 2023 14:52:55 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame CEBD 2 KB
3 KB 75ms
56ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=1594f18d3f544ea7a429e1fbc406df5f%2F3076366945171163883&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689519175490&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knmm9ctsctddr8tam2jggd8mxvsdxw8bw6y8brrf6cf5zr8jp397d6edbzk91gwqpjecsetd3zgsa1ekn1mprphajspgew270wp1868dfzf12f07baw3hnkxjbydmmhrd0qtncjkzrqb435rnf1jwa34q8nda7j715geqjeax7t5nrv2kkqtpdf0dyp7kq3vf5g0d1vbybgrrmat2bjxxrw6nb9danrgc347zvza3sgcm9xb98p3kp3g9f48eq3xk760gp1b9ta0xv2qhmrvkm8vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfHMIRQS0ZPyBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgSDAk_Qa-hnjUHJGbJX12ZMgxBQ4HtJmV9p0-Hxk5VMrarXT5bHQ9kjCrpf8a2PBPd0b_ouL5TuJLSoTDtb0V4izkSJJ254iHdjrTBRkJP7btyBVeDzvhmzPAUlpdMpewEy57oHtcb83VcbEY9Lbz6X3VjwgJ6P0QD-wN3sv1N8cZGwNBpb2HP4Eyo0oXcvbMki73F-_170dQL8peUFpCsRFMr-HD4SHMhEiXD2G_IQifqpGJXq47dbrZeDdIVG7AfPaC3iZ4ce8DHQfAUxzA2JfDb0CtIPi0MXXNhON65y7iY8dukQ2iGoomQvIXCDJr9wHTXgr6DdYr4PGMfefZwx90AOIcPgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Y_Ao4I4Lh0sQrYEcsGakhGqMZvA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2176509
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O8sO8UVWYlxdg8U3VrkUcZHGxTzt4Wk5LDkgJgrVbtV%2Bs72hPgM1gGJNmrkUwrBo8vyTPxK8hZ5Z53R9y8h2i%2Fl8j6FjQIUvWVPKjQrmIRPHAa%2B1%2FmTNGS1wT%2Fh7i9OWGXF%2BLYKRvBOtl2%2Bm"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e7b12608ec35c26-FRA
expires: Mon, 17 Jul 2023 14:52:55 GMT

GET
H2 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame CEBD 253 KB
254 KB 58ms
39ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=1594f18d3f544ea7a429e1fbc406df5f%2F3076366945171163883&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689519175490&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knmm9ctsctddr8tam2jggd8mxvsdxw8bw6y8brrf6cf5zr8jp397d6edbzk91gwqpjecsetd3zgsa1ekn1mprphajspgew270wp1868dfzf12f07baw3hnkxjbydmmhrd0qtncjkzrqb435rnf1jwa34q8nda7j715geqjeax7t5nrv2kkqtpdf0dyp7kq3vf5g0d1vbybgrrmat2bjxxrw6nb9danrgc347zvza3sgcm9xb98p3kp3g9f48eq3xk760gp1b9ta0xv2qhmrvkm8vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfHMIRQS0ZPyBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgSDAk_Qa-hnjUHJGbJX12ZMgxBQ4HtJmV9p0-Hxk5VMrarXT5bHQ9kjCrpf8a2PBPd0b_ouL5TuJLSoTDtb0V4izkSJJ254iHdjrTBRkJP7btyBVeDzvhmzPAUlpdMpewEy57oHtcb83VcbEY9Lbz6X3VjwgJ6P0QD-wN3sv1N8cZGwNBpb2HP4Eyo0oXcvbMki73F-_170dQL8peUFpCsRFMr-HD4SHMhEiXD2G_IQifqpGJXq47dbrZeDdIVG7AfPaC3iZ4ce8DHQfAUxzA2JfDb0CtIPi0MXXNhON65y7iY8dukQ2iGoomQvIXCDJr9wHTXgr6DdYr4PGMfefZwx90AOIcPgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Y_Ao4I4Lh0sQrYEcsGakhGqMZvA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43780
cf-polished: origFmt=png, origSize=431531
alt-svc: h3=":443"; ma=86400
content-length: 259252
cf-bgj: imgq:85,h2pri
last-modified: Fri, 16 Jun 2023 10:20:07 GMT
server: cloudflare
etag: "16f7fe8ce7119ba0f513f8179ecb2d3a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jpFjEhxUAGLxDRi7Gnf5aaXVMygvgaGi3JFjYXOiWypmPnVRS0paZdR9csAxQpuaLhj%2Fjai2V6p9im%2FBQPB0KWxxb%2FNOmnkrQStW3IaTm3Ksxrg7E6id4I20Iv5XUHZjezfMNmYFYe8bmTEO"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e7b12607eb15c26-FRA
expires: Mon, 17 Jul 2023 14:52:55 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame CEBD 43 B
703 B 190ms
109ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=1594f18d3f544ea7a429e1fbc406df5f%2F3076366945171163883&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689519175490&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knmm9ctsctddr8tam2jggd8mxvsdxw8bw6y8brrf6cf5zr8jp397d6edbzk91gwqpjecsetd3zgsa1ekn1mprphajspgew270wp1868dfzf12f07baw3hnkxjbydmmhrd0qtncjkzrqb435rnf1jwa34q8nda7j715geqjeax7t5nrv2kkqtpdf0dyp7kq3vf5g0d1vbybgrrmat2bjxxrw6nb9danrgc347zvza3sgcm9xb98p3kp3g9f48eq3xk760gp1b9ta0xv2qhmrvkm8vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfHMIRQS0ZPyBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgSDAk_Qa-hnjUHJGbJX12ZMgxBQ4HtJmV9p0-Hxk5VMrarXT5bHQ9kjCrpf8a2PBPd0b_ouL5TuJLSoTDtb0V4izkSJJ254iHdjrTBRkJP7btyBVeDzvhmzPAUlpdMpewEy57oHtcb83VcbEY9Lbz6X3VjwgJ6P0QD-wN3sv1N8cZGwNBpb2HP4Eyo0oXcvbMki73F-_170dQL8peUFpCsRFMr-HD4SHMhEiXD2G_IQifqpGJXq47dbrZeDdIVG7AfPaC3iZ4ce8DHQfAUxzA2JfDb0CtIPi0MXXNhON65y7iY8dukQ2iGoomQvIXCDJr9wHTXgr6DdYr4PGMfefZwx90AOIcPgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Y_Ao4I4Lh0sQrYEcsGakhGqMZvA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 16 Jul 2023 14:52:55 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame CEBD 36 KB
36 KB 48ms
29ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=1594f18d3f544ea7a429e1fbc406df5f%2F3076366945171163883&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689519175490&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knmm9ctsctddr8tam2jggd8mxvsdxw8bw6y8brrf6cf5zr8jp397d6edbzk91gwqpjecsetd3zgsa1ekn1mprphajspgew270wp1868dfzf12f07baw3hnkxjbydmmhrd0qtncjkzrqb435rnf1jwa34q8nda7j715geqjeax7t5nrv2kkqtpdf0dyp7kq3vf5g0d1vbybgrrmat2bjxxrw6nb9danrgc347zvza3sgcm9xb98p3kp3g9f48eq3xk760gp1b9ta0xv2qhmrvkm8vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfHMIRQS0ZPyBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgSDAk_Qa-hnjUHJGbJX12ZMgxBQ4HtJmV9p0-Hxk5VMrarXT5bHQ9kjCrpf8a2PBPd0b_ouL5TuJLSoTDtb0V4izkSJJ254iHdjrTBRkJP7btyBVeDzvhmzPAUlpdMpewEy57oHtcb83VcbEY9Lbz6X3VjwgJ6P0QD-wN3sv1N8cZGwNBpb2HP4Eyo0oXcvbMki73F-_170dQL8peUFpCsRFMr-HD4SHMhEiXD2G_IQifqpGJXq47dbrZeDdIVG7AfPaC3iZ4ce8DHQfAUxzA2JfDb0CtIPi0MXXNhON65y7iY8dukQ2iGoomQvIXCDJr9wHTXgr6DdYr4PGMfefZwx90AOIcPgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Y_Ao4I4Lh0sQrYEcsGakhGqMZvA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1891234
cf-polished: origFmt=png, origSize=62828
alt-svc: h3=":443"; ma=86400
content-length: 36446
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Oct 2022 15:02:47 GMT
server: cloudflare
etag: "e12c1a9f1887c09d377658838eaaa06d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czDE0KRpY95gXESr2yEEXbqWaH8JnRQm1DDNntCK5RWFvZGf8OZMmaInQPQRs84027e%2FWNnAFiqp6kTTmJdltyIHNZ%2BiNRapfaO89L8sfl0b787J0DHvabZym6EiCBjQ70FizJVCZOMAw3eb"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e7b12607ea45c26-FRA
expires: Mon, 17 Jul 2023 14:52:55 GMT

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame CEBD 38 KB
38 KB 57ms
39ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=1594f18d3f544ea7a429e1fbc406df5f%2F3076366945171163883&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689519175490&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knmm9ctsctddr8tam2jggd8mxvsdxw8bw6y8brrf6cf5zr8jp397d6edbzk91gwqpjecsetd3zgsa1ekn1mprphajspgew270wp1868dfzf12f07baw3hnkxjbydmmhrd0qtncjkzrqb435rnf1jwa34q8nda7j715geqjeax7t5nrv2kkqtpdf0dyp7kq3vf5g0d1vbybgrrmat2bjxxrw6nb9danrgc347zvza3sgcm9xb98p3kp3g9f48eq3xk760gp1b9ta0xv2qhmrvkm8vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfHMIRQS0ZPyBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgSDAk_Qa-hnjUHJGbJX12ZMgxBQ4HtJmV9p0-Hxk5VMrarXT5bHQ9kjCrpf8a2PBPd0b_ouL5TuJLSoTDtb0V4izkSJJ254iHdjrTBRkJP7btyBVeDzvhmzPAUlpdMpewEy57oHtcb83VcbEY9Lbz6X3VjwgJ6P0QD-wN3sv1N8cZGwNBpb2HP4Eyo0oXcvbMki73F-_170dQL8peUFpCsRFMr-HD4SHMhEiXD2G_IQifqpGJXq47dbrZeDdIVG7AfPaC3iZ4ce8DHQfAUxzA2JfDb0CtIPi0MXXNhON65y7iY8dukQ2iGoomQvIXCDJr9wHTXgr6DdYr4PGMfefZwx90AOIcPgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Y_Ao4I4Lh0sQrYEcsGakhGqMZvA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 237733
cf-polished: degrade=85, origSize=133780, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 38661
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Feb 2020 10:22:01 GMT
server: cloudflare
etag: "d061ca155f758f490340e147604dc3ee"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cST4s%2Fu8L416eOpeug6XepdO8zD%2FottgkudrqWXsnM113XH9O42reMVOZR9QmaPDxv50T38oDyTvIPJkaLc%2BWNSHzweDqy6h8npjEutFinNA3VzgOSuAF%2BOaKDG27MPsjfvlcu6cx%2FA2jX4W"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7e7b12607ea35c26-FRA
expires: Mon, 17 Jul 2023 14:52:55 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame CEBD 43 B
703 B 207ms
126ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=1594f18d3f544ea7a429e1fbc406df5f%2F3076366945171163883&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689519175490&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knmm9ctsctddr8tam2jggd8mxvsdxw8bw6y8brrf6cf5zr8jp397d6edbzk91gwqpjecsetd3zgsa1ekn1mprphajspgew270wp1868dfzf12f07baw3hnkxjbydmmhrd0qtncjkzrqb435rnf1jwa34q8nda7j715geqjeax7t5nrv2kkqtpdf0dyp7kq3vf5g0d1vbybgrrmat2bjxxrw6nb9danrgc347zvza3sgcm9xb98p3kp3g9f48eq3xk760gp1b9ta0xv2qhmrvkm8vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfHMIRQS0ZPyBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgSDAk_Qa-hnjUHJGbJX12ZMgxBQ4HtJmV9p0-Hxk5VMrarXT5bHQ9kjCrpf8a2PBPd0b_ouL5TuJLSoTDtb0V4izkSJJ254iHdjrTBRkJP7btyBVeDzvhmzPAUlpdMpewEy57oHtcb83VcbEY9Lbz6X3VjwgJ6P0QD-wN3sv1N8cZGwNBpb2HP4Eyo0oXcvbMki73F-_170dQL8peUFpCsRFMr-HD4SHMhEiXD2G_IQifqpGJXq47dbrZeDdIVG7AfPaC3iZ4ce8DHQfAUxzA2JfDb0CtIPi0MXXNhON65y7iY8dukQ2iGoomQvIXCDJr9wHTXgr6DdYr4PGMfefZwx90AOIcPgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Y_Ao4I4Lh0sQrYEcsGakhGqMZvA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 16 Jul 2023 14:52:55 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 link.html Show response
track.webgains.com/ Frame C72C 2 KB
2 KB 232ms
128ms Script
text/html 13.42.188.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jpfqqzd8yrjh4xq9yg2yp0v81380en1nxbb1dpm06n7dy2tnhsmg98ce7wtpjc2v0cpdsqxp5jaq8z47b7v95cfwydjteq8ha90cpv22abmsg9wyhw0ac3c7s7e0bbxnzmx5rwmj3nbnfxw8shbmcvx2kb1bx2ywd9q9ca4pwtyqyx1xqjvn9n0znvk6s4fg3tgaw16rrm545vy450vbpjxrw83sdq2xq7m0sm12ffbdgj75ca5rsq064ycwtp10hag%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hz4wsrvm2mt72bjrc8b311cq9ekae8ym9sjwxxe78ezw3n7g34xzhk2p0gqyk77vf7gwt5wn2jbgy4zns2n86tavrpe7n5e5fxzbb70cktqf08a6pnw4etez2kzkttebw4catatjw5nbvejaphvmk48zh6yjfcdm5d09k6xgny4sgyg2gz7qh7z787kvyzk22b136a3zapxabcfakpanpv6wd85e8jq3rbe0xt4bqpzaa2q0wt7a5vjm8zev4y7nb9bcej4vhaf78v5vdrcreaxwm%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_clZRQS0ZPqBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgT5AU_QXFNx_IGLkh4fUhIEShC5kCznDulYi6AaLPXPYbXJ7p4bK7NubHtSEyZfp-QspptZ79eWxfCTGtdPSA99_sCQuBt9xGlmCnuWxtHFTu-keldxQN7Q2YkOSxvL9-6erfA1W7yFOlvTvQC0YrhRSP2OkN01BfQ54rnF2R3_waf9Z75tAcnKx5yb5iOmCNRqJm-uoqBBzx3QlCWysSVDAMp1-J67MAPVsyAWI2YG2sJTWoMoy1zN4xPonti64S7c_I9eXpDEBHz3RUhDCoiPay9w2dpnfrTW1WQTzwlVSg7KBM2noVytl_O88_nS4pLiQqMrmIjev04fOOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3v8ZIWRyKOVA_fWR3jk_N-Gw9NwA%252526client%25253Dca-pub-5144389657785565%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=9b5bf41d330787b8662d012918033612%2F7385498229648963024&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689519175487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz4wsrvm2mt72bjrc8b311cq9ekae8ym9sjwxxe78ezw3n7g34xzhk2p0gqyk77vf7gwt5wn2jbgy4zns2n86tavrpe7n5e5fxzbb70cktqf08a6pnw4etez2kzkttebw4catatjw5nbvejaphvmk48zh6yjfcdm5d09k6xgny4sgyg2gz7qh7z787kvyzk22b136a3zapxabcfakpanpv6wd85e8jq3rbe0xt4bqpzaa2q0wt7a5vjm8zev4y7nb9bcej4vhaf78v5vdrcreaxwm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_clZRQS0ZPqBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgT5AU_QXFNx_IGLkh4fUhIEShC5kCznDulYi6AaLPXPYbXJ7p4bK7NubHtSEyZfp-QspptZ79eWxfCTGtdPSA99_sCQuBt9xGlmCnuWxtHFTu-keldxQN7Q2YkOSxvL9-6erfA1W7yFOlvTvQC0YrhRSP2OkN01BfQ54rnF2R3_waf9Z75tAcnKx5yb5iOmCNRqJm-uoqBBzx3QlCWysSVDAMp1-J67MAPVsyAWI2YG2sJTWoMoy1zN4xPonti64S7c_I9eXpDEBHz3RUhDCoiPay9w2dpnfrTW1WQTzwlVSg7KBM2noVytl_O88_nS4pLiQqMrmIjev04fOOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3v8ZIWRyKOVA_fWR3jk_N-Gw9NwA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.188.208 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-42-188-208.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: b59be8ab2c5d2964b654d7921550811a6bd8dd55d571cf9c69ecf95f0723bdb5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:55 GMT
last-modified: Sun, 16 Jul 2023 14:52:55 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 16 Jul 2023 14:53:55 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame CEBD 2 KB
2 KB 230ms
130ms Script
text/html 13.42.188.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hw1x2zpazpxtfhjpe43kj7zjam2vkwzr8gm6zd6fyact4gx897vmw6p0bhszt1yxmtdj8emsk26feqyw2ps4rp4jc02wdt01b8peaq3p6cvc23z5r3gqq3nhvh777sh5343tpatn47rtmpvde7t7jmqkw4810t3p1b9q8yyb1wm0eeegz6gbmf8by8e3tpj4am8amfzq9ryz7v55bzmqznbmgj1pyxnk66rwp0ydxz3k9afbtstx3vecg2kg50sqmzg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1knmm9ctsctddr8tam2jggd8mxvsdxw8bw6y8brrf6cf5zr8jp397d6edbzk91gwqpjecsetd3zgsa1ekn1mprphajspgew270wp1868dfzf12f07baw3hnkxjbydmmhrd0qtncjkzrqb435rnf1jwa34q8nda7j715geqjeax7t5nrv2kkqtpdf0dyp7kq3vf5g0d1vbybgrrmat2bjxxrw6nb9danrgc347zvza3sgcm9xb98p3kp3g9f48eq3xk760gp1b9ta0xv2qhmrvkm8vr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCfHMIRQS0ZPyBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgSDAk_Qa-hnjUHJGbJX12ZMgxBQ4HtJmV9p0-Hxk5VMrarXT5bHQ9kjCrpf8a2PBPd0b_ouL5TuJLSoTDtb0V4izkSJJ254iHdjrTBRkJP7btyBVeDzvhmzPAUlpdMpewEy57oHtcb83VcbEY9Lbz6X3VjwgJ6P0QD-wN3sv1N8cZGwNBpb2HP4Eyo0oXcvbMki73F-_170dQL8peUFpCsRFMr-HD4SHMhEiXD2G_IQifqpGJXq47dbrZeDdIVG7AfPaC3iZ4ce8DHQfAUxzA2JfDb0CtIPi0MXXNhON65y7iY8dukQ2iGoomQvIXCDJr9wHTXgr6DdYr4PGMfefZwx90AOIcPgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0Y_Ao4I4Lh0sQrYEcsGakhGqMZvA%252526client%25253Dca-pub-5144389657785565%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=1594f18d3f544ea7a429e1fbc406df5f%2F3076366945171163883&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689519175490&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knmm9ctsctddr8tam2jggd8mxvsdxw8bw6y8brrf6cf5zr8jp397d6edbzk91gwqpjecsetd3zgsa1ekn1mprphajspgew270wp1868dfzf12f07baw3hnkxjbydmmhrd0qtncjkzrqb435rnf1jwa34q8nda7j715geqjeax7t5nrv2kkqtpdf0dyp7kq3vf5g0d1vbybgrrmat2bjxxrw6nb9danrgc347zvza3sgcm9xb98p3kp3g9f48eq3xk760gp1b9ta0xv2qhmrvkm8vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfHMIRQS0ZPyBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgSDAk_Qa-hnjUHJGbJX12ZMgxBQ4HtJmV9p0-Hxk5VMrarXT5bHQ9kjCrpf8a2PBPd0b_ouL5TuJLSoTDtb0V4izkSJJ254iHdjrTBRkJP7btyBVeDzvhmzPAUlpdMpewEy57oHtcb83VcbEY9Lbz6X3VjwgJ6P0QD-wN3sv1N8cZGwNBpb2HP4Eyo0oXcvbMki73F-_170dQL8peUFpCsRFMr-HD4SHMhEiXD2G_IQifqpGJXq47dbrZeDdIVG7AfPaC3iZ4ce8DHQfAUxzA2JfDb0CtIPi0MXXNhON65y7iY8dukQ2iGoomQvIXCDJr9wHTXgr6DdYr4PGMfefZwx90AOIcPgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Y_Ao4I4Lh0sQrYEcsGakhGqMZvA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.188.208 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-42-188-208.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 286548fd32e7d18832362af81a615f2ba62044370d17aafcbbd03d87e518e959

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:52:55 GMT
last-modified: Sun, 16 Jul 2023 14:52:55 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 16 Jul 2023 14:53:55 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3891 42 B
175 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLylT0r5Zz8hojSd48mF1HGlW3Hj0uEWTAwStMCg5pSrYZirjKGUdeKhH30Z_t01ZG6t0I39-4_ZHf6jVTeD_j2GGX&sig=Cg0ArKJSzCgHq_qzAlIlEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230712&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2912191614&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689519174619&rpt=220&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6866 42 B
64 B 61ms
60ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssfsKjG2ED-WQiRsafb9DLOfVWSx9wKLdH_yCnacDE6sTfwVId71YKZvZePoC_kDsUeqLhlljqlNBzrOAsfGTtz6jHN78NgDXC2Dh6mZaC-6CQW8pYaye-9jtsIobK5RnyxQVYOIprhSgGJ&sai=AMfl-YQkpDrB9KvIUHw00fLuFs_0F-T5dAmm7hMviFkuVfNdsKDi0DPj0GEg2qfogZ__-bLr80wV6oSi5eXQ_A3PcpwQU3hPsPKO3bRZUnGEvtoXJfcfQsWf63JiZLQ&sig=Cg0ArKJSzJ5FKMknzm-KEAE&cid=CAQSOwBpAlJWWHGOU8yVVvXIjfBUMzYS-uO3QStz5ID4-WCVRl5OdqfIs9SpXEwh1BDl0IuO0rYwkBW2VPSSGAE&id=ampim&o=315,341&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=298&tls=1298&g=100&h=100&tt=1298&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.paleohacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jul 2023 14:52:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame C72C 85 KB
31 KB 95ms
26ms Script
text/javascript 108.138.36.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jpfqqzd8yrjh4xq9yg2yp0v81380en1nxbb1dpm06n7dy2tnhsmg98ce7wtpjc2v0cpdsqxp5jaq8z47b7v95cfwydjteq8ha90cpv22abmsg9wyhw0ac3c7s7e0bbxnzmx5rwmj3nbnfxw8shbmcvx2kb1bx2ywd9q9ca4pwtyqyx1xqjvn9n0znvk6s4fg3tgaw16rrm545vy450vbpjxrw83sdq2xq7m0sm12ffbdgj75ca5rsq064ycwtp10hag%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hz4wsrvm2mt72bjrc8b311cq9ekae8ym9sjwxxe78ezw3n7g34xzhk2p0gqyk77vf7gwt5wn2jbgy4zns2n86tavrpe7n5e5fxzbb70cktqf08a6pnw4etez2kzkttebw4catatjw5nbvejaphvmk48zh6yjfcdm5d09k6xgny4sgyg2gz7qh7z787kvyzk22b136a3zapxabcfakpanpv6wd85e8jq3rbe0xt4bqpzaa2q0wt7a5vjm8zev4y7nb9bcej4vhaf78v5vdrcreaxwm%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_clZRQS0ZPqBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgT5AU_QXFNx_IGLkh4fUhIEShC5kCznDulYi6AaLPXPYbXJ7p4bK7NubHtSEyZfp-QspptZ79eWxfCTGtdPSA99_sCQuBt9xGlmCnuWxtHFTu-keldxQN7Q2YkOSxvL9-6erfA1W7yFOlvTvQC0YrhRSP2OkN01BfQ54rnF2R3_waf9Z75tAcnKx5yb5iOmCNRqJm-uoqBBzx3QlCWysSVDAMp1-J67MAPVsyAWI2YG2sJTWoMoy1zN4xPonti64S7c_I9eXpDEBHz3RUhDCoiPay9w2dpnfrTW1WQTzwlVSg7KBM2noVytl_O88_nS4pLiQqMrmIjev04fOOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3v8ZIWRyKOVA_fWR3jk_N-Gw9NwA%252526client%25253Dca-pub-5144389657785565%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-48.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 11:11:27 GMT
content-encoding: gzip
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 13290
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: eVpoQkKARSioxh8LHhVNX4R6BHSH4RwcSRbdGJjIz0_EsvbLJ40Ozg==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame C72C 15 KB
15 KB 94ms
28ms Image
image/png 108.138.36.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1689519475&Signature=jp0-0JXw4W882fJ4A6yszjKk7AyKxEzoUJBWeV9EIXuY7kl4MPceqg8-2sqYHNnh9--xmMQg3k5fOA8YKOoxTrigjqizQgSnHUjNm5lR28knMppEijeniEoOqGNtnN8czVMx5zGnaFvNZUxlxGtCntQzss~6d24SbBnJTjOqcDf5qNpOd8Bh52o6XqZaUknI7rC~02Yp4uzO3ryuDaZAbz54j9gxFyqYn1Ut4deGxiKQsJwGF893VXabpmZXiGnDe6iW8kzjIR9UQi0y5TmiGFUyOt19yDgBKy9vu4yIBeoSmNXpq9uX~WKjAuXVGAqPUceCSYZXjX4i6jVDjR4UwQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=9b5bf41d330787b8662d012918033612%2F7385498229648963024&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689519175487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz4wsrvm2mt72bjrc8b311cq9ekae8ym9sjwxxe78ezw3n7g34xzhk2p0gqyk77vf7gwt5wn2jbgy4zns2n86tavrpe7n5e5fxzbb70cktqf08a6pnw4etez2kzkttebw4catatjw5nbvejaphvmk48zh6yjfcdm5d09k6xgny4sgyg2gz7qh7z787kvyzk22b136a3zapxabcfakpanpv6wd85e8jq3rbe0xt4bqpzaa2q0wt7a5vjm8zev4y7nb9bcej4vhaf78v5vdrcreaxwm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_clZRQS0ZPqBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgT5AU_QXFNx_IGLkh4fUhIEShC5kCznDulYi6AaLPXPYbXJ7p4bK7NubHtSEyZfp-QspptZ79eWxfCTGtdPSA99_sCQuBt9xGlmCnuWxtHFTu-keldxQN7Q2YkOSxvL9-6erfA1W7yFOlvTvQC0YrhRSP2OkN01BfQ54rnF2R3_waf9Z75tAcnKx5yb5iOmCNRqJm-uoqBBzx3QlCWysSVDAMp1-J67MAPVsyAWI2YG2sJTWoMoy1zN4xPonti64S7c_I9eXpDEBHz3RUhDCoiPay9w2dpnfrTW1WQTzwlVSg7KBM2noVytl_O88_nS4pLiQqMrmIjev04fOOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3v8ZIWRyKOVA_fWR3jk_N-Gw9NwA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-69.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 16 Jul 2023 10:37:57 GMT
via: 1.1 7f6fdb9a0ec439bac9ac6cc0db13237e.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 44672
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: m7BNq9T2A0orfAGUOGDG0JmO6GudH6pO903_u6Zm_F_kDMcrI6jXqA==

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame CEBD 85 KB
31 KB 114ms
47ms Script
text/javascript 108.138.36.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hw1x2zpazpxtfhjpe43kj7zjam2vkwzr8gm6zd6fyact4gx897vmw6p0bhszt1yxmtdj8emsk26feqyw2ps4rp4jc02wdt01b8peaq3p6cvc23z5r3gqq3nhvh777sh5343tpatn47rtmpvde7t7jmqkw4810t3p1b9q8yyb1wm0eeegz6gbmf8by8e3tpj4am8amfzq9ryz7v55bzmqznbmgj1pyxnk66rwp0ydxz3k9afbtstx3vecg2kg50sqmzg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1knmm9ctsctddr8tam2jggd8mxvsdxw8bw6y8brrf6cf5zr8jp397d6edbzk91gwqpjecsetd3zgsa1ekn1mprphajspgew270wp1868dfzf12f07baw3hnkxjbydmmhrd0qtncjkzrqb435rnf1jwa34q8nda7j715geqjeax7t5nrv2kkqtpdf0dyp7kq3vf5g0d1vbybgrrmat2bjxxrw6nb9danrgc347zvza3sgcm9xb98p3kp3g9f48eq3xk760gp1b9ta0xv2qhmrvkm8vr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCfHMIRQS0ZPyBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgSDAk_Qa-hnjUHJGbJX12ZMgxBQ4HtJmV9p0-Hxk5VMrarXT5bHQ9kjCrpf8a2PBPd0b_ouL5TuJLSoTDtb0V4izkSJJ254iHdjrTBRkJP7btyBVeDzvhmzPAUlpdMpewEy57oHtcb83VcbEY9Lbz6X3VjwgJ6P0QD-wN3sv1N8cZGwNBpb2HP4Eyo0oXcvbMki73F-_170dQL8peUFpCsRFMr-HD4SHMhEiXD2G_IQifqpGJXq47dbrZeDdIVG7AfPaC3iZ4ce8DHQfAUxzA2JfDb0CtIPi0MXXNhON65y7iY8dukQ2iGoomQvIXCDJr9wHTXgr6DdYr4PGMfefZwx90AOIcPgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0Y_Ao4I4Lh0sQrYEcsGakhGqMZvA%252526client%25253Dca-pub-5144389657785565%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-48.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 11:11:27 GMT
content-encoding: gzip
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 13290
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 0fVRuuaWRc_Im2Mfdmc6n1RYzw7t9LfxDUfBM1MsihaD7uAJ7nlfUQ==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame CEBD 15 KB
15 KB 95ms
31ms Image
image/png 108.138.36.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1689519475&Signature=jp0-0JXw4W882fJ4A6yszjKk7AyKxEzoUJBWeV9EIXuY7kl4MPceqg8-2sqYHNnh9--xmMQg3k5fOA8YKOoxTrigjqizQgSnHUjNm5lR28knMppEijeniEoOqGNtnN8czVMx5zGnaFvNZUxlxGtCntQzss~6d24SbBnJTjOqcDf5qNpOd8Bh52o6XqZaUknI7rC~02Yp4uzO3ryuDaZAbz54j9gxFyqYn1Ut4deGxiKQsJwGF893VXabpmZXiGnDe6iW8kzjIR9UQi0y5TmiGFUyOt19yDgBKy9vu4yIBeoSmNXpq9uX~WKjAuXVGAqPUceCSYZXjX4i6jVDjR4UwQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hw1x2zpazpxtfhjpe43kj7zjam2vkwzr8gm6zd6fyact4gx897vmw6p0bhszt1yxmtdj8emsk26feqyw2ps4rp4jc02wdt01b8peaq3p6cvc23z5r3gqq3nhvh777sh5343tpatn47rtmpvde7t7jmqkw4810t3p1b9q8yyb1wm0eeegz6gbmf8by8e3tpj4am8amfzq9ryz7v55bzmqznbmgj1pyxnk66rwp0ydxz3k9afbtstx3vecg2kg50sqmzg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1knmm9ctsctddr8tam2jggd8mxvsdxw8bw6y8brrf6cf5zr8jp397d6edbzk91gwqpjecsetd3zgsa1ekn1mprphajspgew270wp1868dfzf12f07baw3hnkxjbydmmhrd0qtncjkzrqb435rnf1jwa34q8nda7j715geqjeax7t5nrv2kkqtpdf0dyp7kq3vf5g0d1vbybgrrmat2bjxxrw6nb9danrgc347zvza3sgcm9xb98p3kp3g9f48eq3xk760gp1b9ta0xv2qhmrvkm8vr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCfHMIRQS0ZPyBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgSDAk_Qa-hnjUHJGbJX12ZMgxBQ4HtJmV9p0-Hxk5VMrarXT5bHQ9kjCrpf8a2PBPd0b_ouL5TuJLSoTDtb0V4izkSJJ254iHdjrTBRkJP7btyBVeDzvhmzPAUlpdMpewEy57oHtcb83VcbEY9Lbz6X3VjwgJ6P0QD-wN3sv1N8cZGwNBpb2HP4Eyo0oXcvbMki73F-_170dQL8peUFpCsRFMr-HD4SHMhEiXD2G_IQifqpGJXq47dbrZeDdIVG7AfPaC3iZ4ce8DHQfAUxzA2JfDb0CtIPi0MXXNhON65y7iY8dukQ2iGoomQvIXCDJr9wHTXgr6DdYr4PGMfefZwx90AOIcPgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0Y_Ao4I4Lh0sQrYEcsGakhGqMZvA%252526client%25253Dca-pub-5144389657785565%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-69.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 16 Jul 2023 10:37:57 GMT
via: 1.1 7f6fdb9a0ec439bac9ac6cc0db13237e.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 44672
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: v3fm4mFeAXGL2S2VzjwQZxWzqGr4a88OG2iwzWhFjdaOXLxFT4J-6g==

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
374 B 103ms
41ms XHR
application/json 35.190.25.25
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1689519177010

Requested by

Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.25.25 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

25.25.190.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://blog.paleohacks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Sun, 16 Jul 2023 14:52:57 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://blog.paleohacks.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 10
access-control-allow-headers: X-Requested-With
content-length: 25
alt-svc: clear

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame CEBD 16 B
210 B 80ms
78ms Fetch
application/json 3.10.237.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.10.237.144 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-10-237-144.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 16 Jul 2023 14:52:57 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 127ms
34ms Preflight 3.10.237.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.10.237.144 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-237-144.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 16 Jul 2023 14:52:57 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame C72C 16 B
210 B 77ms
75ms Fetch
application/json 3.10.237.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.10.237.144 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-10-237-144.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 16 Jul 2023 14:52:57 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 119ms
35ms Preflight 3.10.237.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.10.237.144 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-237-144.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 16 Jul 2023 14:52:57 GMT
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.ipify.org
URL: https://api.ipify.org/?format=json

Domain: api.ipify.org
URL: https://api.ipify.org/?format=json

Verdicts & Comments Add Verdict or Comment

150 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
blog.paleohacks.com/banana-flour	1969-12-31 23:59:59	Name: phvid Value: 155497422
links.paleohacks-mailing.com/	1970-01-20 13:19:22	Name: _session_id Value: 71e464df5710f65bca70d33e34e38fa4
blog.paleohacks.com/	1970-01-20 13:18:40	Name: session_depth Value: blog.paleohacks.com%3D1%7C726657258%3D1
.paleohacks.com/	1970-01-20 22:54:39	Name: __attentive_id Value: 45aa8b4c2ad54dfe8c2d934b57481140
.paleohacks.com/	1970-01-20 22:54:39	Name: _attn_ Value: eyJ1Ijoie1wiY29cIjoxNjg5NTE5MTcxOTAxLFwidW9cIjoxNjg5NTE5MTcxOTAxLFwibWFcIjoyMTkwMCxcImluXCI6ZmFsc2UsXCJ2YWxcIjpcIjQ1YWE4YjRjMmFkNTRkZmU4YzJkOTM0YjU3NDgxMTQwXCJ9In0=
blog.paleohacks.com/	1970-01-20 22:54:39	Name: __attentive_cco Value: 1689519171902
.paleohacks.com/	1970-01-20 15:28:15	Name: _fbp Value: fb.1.1689519171930.954213528
.paleohacks.com/	1970-01-20 13:20:05	Name: _gid Value: GA1.2.1668827116.1689519172
.paleohacks.com/	1970-01-20 13:18:39	Name: _gat_UA-42752472-1 Value: 1
.paleohacks.com/	1970-01-20 22:04:15	Name: mp_094f94d6c32bfa82583bca2dbfc9eb1a_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A1895f30a986726-07f3e2ecab6aaa-6a335054-1d4c00-1895f30a986726%22%2C%22%24device_id%22%3A%20%221895f30a986726-07f3e2ecab6aaa-6a335054-1d4c00-1895f30a986726%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.paleohacks.com/	1970-01-20 22:54:39	Name: _ga_QMKQQWEFHC Value: GS1.1.1689519172.1.0.1689519172.60.0.0
.paleohacks.com/	1970-01-20 13:18:39	Name: _dc_gtm_UA-81910700-1 Value: 1
.paleohacks.com/	1970-01-20 22:54:39	Name: _ga Value: GA1.2.330719655.1689519172
.paleohacks.com/	1970-01-20 13:20:05	Name: __attentive_dv Value: 1
.blog.paleohacks.com/	1970-01-20 22:04:15	Name: _pin_unauth Value: dWlkPU1tTTBPV1F3TnpVdFpEVmhaUzAwTmpreExXSmpOamN0TXpBNVpqaGlaalF4TkRJNA
.paleohacks.com/	1970-01-20 13:18:40	Name: __attentive_pv Value: 1
.paleohacks.com/	1970-01-20 13:18:40	Name: __attentive_ss_referrer Value: ORGANIC
blog.paleohacks.com/	1970-01-20 14:01:51	Name: ph-popup Value: shown
blog.paleohacks.com/	1970-01-20 14:01:51	Name: advanced_ads_pro_server_info Value: %7B%22vc_cache_reset%22%3A0%7D
.doubleclick.net/	1970-01-20 13:18:42	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 22:40:15	Name: IDE Value: AHWqTUkhlWkb8MKcB8DlczZEUSAf17_K2piwlhAqGOPiq8Lt5vZsGMp_W-U_p_2obOs
.paleohacks.com/	1970-01-20 22:40:15	Name: __gads Value: ID=7e0e0e869f836227:T=1689519173:RT=1689519173:S=ALNI_MZvAkn7g7oy_eOpM0YYR00GKTDcag
.paleohacks.com/	1970-01-20 22:40:15	Name: __gpi Value: UID=00000c6a32c7b1cb:T=1689519173:RT=1689519173:S=ALNI_MYdDiZDuRmtZva_oX5cmjJ532Qm-g
.blismedia.com/	1970-01-20 22:04:19	Name: b Value: 64B40446ECF09604ED2C1A4EBLIS
.w55c.net/	1970-01-20 22:50:19	Name: wfivefivec Value: 0inUeJMt1Ql37g5
.adfarm1.adition.com/	1970-01-20 15:28:15	Name: UserID1 Value: 7256429598326651026
.adform.net/	1970-01-20 14:03:17	Name: C Value: 1
.ctnsnet.com/	1970-01-20 22:04:15	Name: cid_396a9769790b46eda40ab3e9a5ec4c92 Value: 1
.ctnsnet.com/	1970-01-20 22:04:15	Name: gid_CAESEBt8mZU58KDKlQ-M7F81qOI Value: 1
.turn.com/	1970-01-20 17:37:51	Name: uid Value: 8208392611955373215
.quantserve.com/	1970-01-20 15:28:15	Name: d Value: EAwBCQG9KYEA
.quantserve.com/	1970-01-20 22:48:53	Name: mc Value: 64b40446-e2534-993d6-6a0ac
.w55c.net/	1970-01-20 14:01:51	Name: matchgoogle Value: 5
.de17a.com/	1970-01-20 21:57:03	Name: guid Value: 1.4673154899207674336
.adform.net/	1970-01-20 14:45:03	Name: uid Value: 4667169685547687178
.yahoo.com/	1970-01-20 22:04:36	Name: A3 Value: d=AQABBEcEtGQCEGDePCjvkoAvUTrHoHmGDLsFEgEBAQFVtWS9ZAAAAAAA_eMAAA&S=AQAAAvUd0aR0ajHWR-l3qKMTDGE
.awin1.com/	1970-01-20 13:21:31	Name: awpv20044 Value: 412871\|1689519175\|72b31d71-23e8-11ee-87f6-2265f034cf4c
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 365825:2531885
.awin1.com/	1970-01-20 13:21:31	Name: awpv14702 Value: 412871\|1689519175\|72b20c02-23e8-11ee-b199-223078f3fa88
.tribalfusion.com/	1970-01-20 15:28:15	Name: ANON_ID Value: aonsIHq0I1f9yNy6QwmT4dYBF5NU8wLykurElSjUGBijZbQYGmSktUqwTOsdndCGuxZaZb4HORG6DeGQLTtUTNFYBHL

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.ipify.org/?format=json Message: Failed to load resource: net::ERR_EMPTY_RESPONSE
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
security	error	URL: https://03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html".
security	error	URL: https://as.ad4m.at/ad/dr?ed=1jsjtnrh3yr44vstwccmrnm019r3pt13jw9pjsxzzpn32qsypmf8y1n03w4gg8c9vcv5v5nan4tc0rc1x9n5499z3h0yk3qnf5cgbc59p0acbyzvp5t8xfc0em934ph7p007y61r4r0xx5z9m4q5zk5mwxfgvey4fr9baxavm4mw6ej9m2rb4mvewdc79gnqrx36aeqszn7aeq01sbfap6pdnhvz496g8ekgvcm35jfqh3zm0f3act69kfvcswdwjsd8q5r3h6agm8x5q206qja24v02t9ddywc2ejafrf7h8kcdr15zpkysp1hae1vwphv1nv2nynr6mq2rvvvcsb0mf238eb6q8wxrmfmkdpf4en3chvb21xrs139s3f550n2nv1hyp4575kt84mpzaf2z5b0658rjm24t2thkp0cc2wjaqedrkawrgsr75a1jabx7rfpk6m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfHMIRQS0ZPyBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgSDAk_Qa-hnjUHJGbJX12ZMgxBQ4HtJmV9p0-Hxk5VMrarXT5bHQ9kjCrpf8a2PBPd0b_ouL5TuJLSoTDtb0V4izkSJJ254iHdjrTBRkJP7btyBVeDzvhmzPAUlpdMpewEy57oHtcb83VcbEY9Lbz6X3VjwgJ6P0QD-wN3sv1N8cZGwNBpb2HP4Eyo0oXcvbMki73F-_170dQL8peUFpCsRFMr-HD4SHMhEiXD2G_IQifqpGJXq47dbrZeDdIVG7AfPaC3iZ4ce8DHQfAUxzA2JfDb0CtIPi0MXXNhON65y7iY8dukQ2iGoomQvIXCDJr9wHTXgr6DdYr4PGMfefZwx90AOIcPgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Y_Ao4I4Lh0sQrYEcsGakhGqMZvA%26client%3Dca-pub-5144389657785565%26adurl%3D Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/dr?ed=1jsvx01jmnzzn0y3fymqyf8cjhj3gqngdr2w4nnhehww24qj6sbmn21zmjhtgf0qn99j6s1wfcypgvmj2wsbkypmhtrt9k4waearjp56jdk7256343t5pkza4tectn5wxbfnnf8jhjxwwy31afz1yhkw2k6zc0bj24tq45wxz2geenjnh394gsfrp1f926v7exjmbthjpsm5n94twz39s5ztjjp8qr6hccvgnk9nc65sdvfd8dxt7yd1v4y6wpxrz9k7yss550wp4ch2s8rkvh1v4w6fha1csx8bzap9hrfasz2v2fs6yztb9ywmz9d0dpas6s9ytxq3hhsg044gk95m8tvzhhxnka6xktfe58chctpcqn4202h54rsace5jwvr8ngns26prvqzqw8m198t1qe0bznwd0vzft5f8zn2h29gkqr29g4fdmyfrxyhmepva4q4zwm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_clZRQS0ZPqBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgT5AU_QXFNx_IGLkh4fUhIEShC5kCznDulYi6AaLPXPYbXJ7p4bK7NubHtSEyZfp-QspptZ79eWxfCTGtdPSA99_sCQuBt9xGlmCnuWxtHFTu-keldxQN7Q2YkOSxvL9-6erfA1W7yFOlvTvQC0YrhRSP2OkN01BfQ54rnF2R3_waf9Z75tAcnKx5yb5iOmCNRqJm-uoqBBzx3QlCWysSVDAMp1-J67MAPVsyAWI2YG2sJTWoMoy1zN4xPonti64S7c_I9eXpDEBHz3RUhDCoiPay9w2dpnfrTW1WQTzwlVSg7KBM2noVytl_O88_nS4pLiQqMrmIjev04fOOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3v8ZIWRyKOVA_fWR3jk_N-Gw9NwA%26client%3Dca-pub-5144389657785565%26adurl%3D Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=9b5bf41d330787b8662d012918033612%2F7385498229648963024&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689519175487&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz4wsrvm2mt72bjrc8b311cq9ekae8ym9sjwxxe78ezw3n7g34xzhk2p0gqyk77vf7gwt5wn2jbgy4zns2n86tavrpe7n5e5fxzbb70cktqf08a6pnw4etez2kzkttebw4catatjw5nbvejaphvmk48zh6yjfcdm5d09k6xgny4sgyg2gz7qh7z787kvyzk22b136a3zapxabcfakpanpv6wd85e8jq3rbe0xt4bqpzaa2q0wt7a5vjm8zev4y7nb9bcej4vhaf78v5vdrcreaxwm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_clZRQS0ZPqBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgT5AU_QXFNx_IGLkh4fUhIEShC5kCznDulYi6AaLPXPYbXJ7p4bK7NubHtSEyZfp-QspptZ79eWxfCTGtdPSA99_sCQuBt9xGlmCnuWxtHFTu-keldxQN7Q2YkOSxvL9-6erfA1W7yFOlvTvQC0YrhRSP2OkN01BfQ54rnF2R3_waf9Z75tAcnKx5yb5iOmCNRqJm-uoqBBzx3QlCWysSVDAMp1-J67MAPVsyAWI2YG2sJTWoMoy1zN4xPonti64S7c_I9eXpDEBHz3RUhDCoiPay9w2dpnfrTW1WQTzwlVSg7KBM2noVytl_O88_nS4pLiQqMrmIjev04fOOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3v8ZIWRyKOVA_fWR3jk_N-Gw9NwA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0 Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=1594f18d3f544ea7a429e1fbc406df5f%2F3076366945171163883&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1689519175490&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knmm9ctsctddr8tam2jggd8mxvsdxw8bw6y8brrf6cf5zr8jp397d6edbzk91gwqpjecsetd3zgsa1ekn1mprphajspgew270wp1868dfzf12f07baw3hnkxjbydmmhrd0qtncjkzrqb435rnf1jwa34q8nda7j715geqjeax7t5nrv2kkqtpdf0dyp7kq3vf5g0d1vbybgrrmat2bjxxrw6nb9danrgc347zvza3sgcm9xb98p3kp3g9f48eq3xk760gp1b9ta0xv2qhmrvkm8vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfHMIRQS0ZPyBEtXImwf5jIyYB5DhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTUxNDQzODk2NTc3ODU1NjXIAQmpAnKZAbhI1rI-4AIAqAMByAMCqgSDAk_Qa-hnjUHJGbJX12ZMgxBQ4HtJmV9p0-Hxk5VMrarXT5bHQ9kjCrpf8a2PBPd0b_ouL5TuJLSoTDtb0V4izkSJJ254iHdjrTBRkJP7btyBVeDzvhmzPAUlpdMpewEy57oHtcb83VcbEY9Lbz6X3VjwgJ6P0QD-wN3sv1N8cZGwNBpb2HP4Eyo0oXcvbMki73F-_170dQL8peUFpCsRFMr-HD4SHMhEiXD2G_IQifqpGJXq47dbrZeDdIVG7AfPaC3iZ4ce8DHQfAUxzA2JfDb0CtIPi0MXXNhON65y7iY8dukQ2iGoomQvIXCDJr9wHTXgr6DdYr4PGMfefZwx90AOIcPgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Y_Ao4I4Lh0sQrYEcsGakhGqMZvA%2526client%253Dca-pub-5144389657785565%2526adurl%253D&y=1&s=&z=0 Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

03b66d9e15c2f33ef45412624a16ce4a.safeframe.googlesyndication.com
178194.tracking.hyros.com
a.tribalfusion.com
ad.turn.com
ad4m.at
adservice.google.com
analytics.webgains.io
api-js.mixpanel.com
api.ipify.org
api.webgains.io
as.ad4m.at
assets.ad4m.at
assets.pinterest.com
blog.paleohacks.com
c1.adform.net
cdn.ampproject.org
cdn.attn.tv
cdn.mxpnl.com
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
contextual.media.net
ct.pinterest.com
d5p.de17a.com
dsp.adfarm1.adition.com
events.attentivemobile.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
lg3.media.net
links.paleohacks-mailing.com
log.pinterest.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
paleohacks.attn.tv
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
r.turn.com
region1.analytics.google.com
s.pinimg.com
s.tribalfusion.com
securepubads.g.doubleclick.net
static-de.ad4mat.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tr.blismedia.com
track.mypaleorecipe.com
track.webgains.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
api.ipify.org
104.102.45.165
104.18.43.48
104.237.62.211
108.138.36.48
108.138.36.69
13.42.188.208
142.250.185.66
151.101.128.84
172.64.150.25
18.185.187.94
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
213.155.156.182
23.212.88.20
23.52.120.27
2600:1901:0:76b9::
2600:1901:0:bc29::
2600:9000:211a:9600:1c:9484:cec0:93a1
2606:4700:10::6816:2c
2606:4700:20::681a:ad1
2606:4700:20::ac43:444e
2606:4700::6812:18ad
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:813::200a
2a00:1450:4001:827::2004
2a00:1450:4001:828::2001
2a00:1450:4001:828::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2003
2a00:1450:400c:c07::9a
2a02:26f0:3500:889::1931
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a05:d018:d29:3602:607b:7655:2828:f792
2a06:98c1:3121::3
3.10.237.144
3.33.220.150
34.96.105.8
35.186.193.173
35.190.25.25
35.238.129.105
37.157.4.28
51.89.9.253
54.84.34.30
85.114.159.93
00b2af963104a4dd04e77c1013957d37b0b43c86ba566301e77ab9a3e015280a
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e
0128e563cfdd4beabe1edf1488c57094072f85cec6219dd04a3fb2be5d37cf84
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3
0380b273ec272e5f5235a704cc3fc8e3cb33e851bfeaef149b0f23a1edaec13f
0501644c966efc9655ef4b023f535f79aa241f23553c6f92f100f68dcc46b04a
064d2dc05ac662f9e8ec62726cbba434290af03442eb5cb2d56305bf65424e6b
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b92224b759081225dad586d2f1b1d236697ba3f84e0fff5041ec8068375f91f
0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836
0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5
101365ad0e2eb2eb542c6137bbd44dc947123d1791d9cbcf29e062ffe6001ef4
138ad24c1e4353936a58692dd720c67bc6e1b43f04e07f6b831413e8e6c16212
1414a599611253b31746e91b77f168573dbb42cc13a705fd72104a7eaca15e93
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
150cbe5c514aa70efcd179127476f4f5451db2ed4d033c0608afabdf9d18ec92
159ec23a6b35726aca57348e6615a6db4fa63c8bb12490cca4d260c8e05f9434
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
182d05c838e393157143b9aa48ae92cb00c8b6442e0a865149444e9f420991d9
18dd8449dd7bd05b1b1a8a1640218993802b7e73a218b75c05acf5c9b47d6082
194388578fe16a8f6d0790e1af9f6f935a03b3ecb8d7620f0ebca642761ebc88
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e2bf21ab87ae83d5a2cb0f9ae0373e8eeb2ed0b7fb86ef8b4165a4bd381cf93
1f464ef7c0b366ff00e2f023cb6b48112306212648e451ddf16be40c2b99d639
1fe3e117448916f85d44b5f9c9ea1a94db345ffcd5d562243937c8dfcc9d168b
2006a4e95a892724a3a9d4d55e723d4e802b281e23229cf421a237f9c745464f
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
21f25f7bc7b9666cbf2a6dff9d5e82c5f8ca9b60afda6726fa78e8f80ab32f56
23bdea452f4ec5b686ace95399e60903426e9fa7352600c25b040f07c1eef325
2681704b7a1a7233c8030f22511b5598fa4b03ba2c3a19e8689b4c4ec75a080e
2691ff5c69e5cd519b9d3791a0b06f1a4fe885282918b40c07fd346ad99340d7
2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1
286548fd32e7d18832362af81a615f2ba62044370d17aafcbbd03d87e518e959
2b47e2b5d041b401f4d6dc04b120f9ada18fdd87dc40f2c764879a7c7c5a2f93
2d1a754922199186d43c7e76757eddaeb26e350387294e0f69ac574bc54914f9
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
315c4601aeb913aecb4f659c9a9748bd163bb881867c5f6211578667bcc43cb7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
339a321657ecb6479c45f7cec906302d7674934d0d2c7ae10053c395d866eca1
344d96950041cacaaa662fd937221ead75dbc7d565d7e0ed7bd62e6a65d85c04
3537aca32fd9019a921a280a6cb8ee3ee9e7443dc14dd04ed24486a04704203d
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb
371031ea3ba9b3f77be315ed4f9ff0eb671ee31a81a208fdd736663d5e3e406e
3778db145d554b020756d03a8192589071f572fdcb8519ecd5e6121c4abb7807
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
399f3dcaffcd9d5ec6973174a225db858e58fad0ce3509a9380ecb21353d98e2
3af50e45830b03f9df25e4a5eb082b420f750b5ad4711f802ec44a0bfd21ddd6
3e39939fe91bd41a65718a11a214fa9deac666a27742ed1d93847adb8708d571
4461979c309e565bf106090df3dc85cd682a3a1cda3ef04668164902adb32afb
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47e2c3ddb6529e1cf873a9811267ccf290f8614ab847ba2ff25c83dd6a11b8ed
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49416531519583e597dccc3856da2fa093b5e739baf9fda442b7047309e7f51c
495d2f8c8b7f1bbd664c2c10c086a644e63e4934b9734813b27956a34709eea4
4c62d51aaf287fa88754ecf89dbca0cd85f151d2562a6f931afd060480b3adc6
508c6c8665bb4da4b211a97cdc3b2e791109204f82265d6af2eb79c51b61e014
52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba
556517aedb84a402c3ef3d8e7a985fd75c7d8ed4885d89b5eb4e0ff54fc9a2d0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
568c36edcccc8be7e3219f747d479ae3dd688c4c165ec5c102aaf768cbbd811e
5785929e6ad36f1b35ea4d96892e6d58864a733446f5ce6d6dfd16c9c82d6212
5aaa8ae246e2f8fa0ceb5bc3a610b33ce3d5bcfefb7b34e774647d6a585b2743
5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54
5b51d8339e2e6ed036a3564bb0a3a4043b8ef5f772763ff4f4f4b92f54d2ddfb
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d684e9743f8b875b82ced945c978e8c1d9f6fa1ac6f92791b0b4991b5ae4029
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
5fcc89ee1dcff30a72b389ba5afdc255829e83db910b0b1f3351af881f83c5ec
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6ae0b0e74edee33dd3e9d91c15b595508fc05e1ced11a15dbe787d0f9862dfc2
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
71eacb00b1b1bf9b89ed907376dbc072a9b31f88cf9b3a0dc3c16b40d42b1a35
72ee83d94662d5c74646c88116b893ed59e98d9ec960433ab0e66f3481517289
735b305aadf14dd683363407e953b1eec091e541f8d6172d459454e40d7074c4
73b749b1f5bc98174ea385921e3f5b1ad518875088115f30c90807560cc202f3
755313ac3cb953d818fd8f3344a3ebf9fd2101223dffa2278b5499e927f9a574
75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e
77abf03c0a5a320d7084b12a197eae47c79668686f86ee495d47656a6a063e82
79148d3b353f75f4b122ec75e03dd4470a1878599a5f148123f103cfdae350ec
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f
7c2518efba0a997390ac9494a1d92d74a4bb615aec8296f85eb9f2cc0aa940c4
7c4491ff4342be2c096f05e243edd6fb1f26194269a5011adbf8076bf148bf58
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7ecd5f89867c76ac93b8c106fe9ec7740f423decc33f8f3e6b184b894b510519
7ed2cc414480e507b884d3c2faefa876fef943440c9d260933eebaf781ac4d87
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82fb2bfb03e32e45794938d1f65920a5340a725751292245d3de07ee8a8df0a0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83685ec127cc7475c7a3649e73986c90d87d037247409d80423f5caceed4681e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853bca381644d813e309ed7d034c5da6737aec2741dc28f52e5344cd5baf012d
862814ed4e1832a653619dd7e0edbcb8d2313ed56f1e0ba58b9f5cc6dfa4a132
869d3767805b1c7b11b2df755e7cb769ee1b450553d87c374e19cb535a6afd2e
87287076f288a27750d0c3737c4624bd59357c5b638cdf3f27f1763d85cd4a2f
896b044a707a1efded250dc66dee47b0cf24ec64beb0fb3f6a5c9be70c80a539
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e5d5ef6607f115fb2745bb10dbbf0866820e13c3a1b90c87a3eddef3758d232
8ea5b0e4254d923189cbdb6dff2da0626a2664168de9f850e154c7fae2407611
8f1bffd218db26600cfcb2c6177358b4f2d65586e38f3e4dc332344beea01a59
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94e38c493dba66c3e909c9d7dbe7046710d29cf933ebe70fb0b0d986018c66d3
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bad17ddbff16df3f3c548506f07972f662831f2847beb1f31115d19178bbcd9
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9c9fe2628c371c8c54d05fa9dd406fc21a6d25f6d0261092e37243205efc639b
9d02f64ee610b067e74b7a42948c410fbc0e438d53f6d8f4e16afc3594d73745
9d6b310f89eaefa96644416c97e17cdee8c59db98a544c6aebe3f287efc900ac
a0a04db7e330c2885c8856fe413ecf639cf4b96b597c25716557306da964c00c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a108be93e8ddf9fce244196e866adde603fb715eafb8632fc36e733dba6edbb1
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a3c230ff5a72ffe0510f19977e0736c7370056def5536e94085875756675ea84
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a691669853d5987d3c9fd7e491566f7ebc3c05cda7b3514920e766a20b903380
a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec
aa575e81bbad973d7554e7c58ca906b97472bd692566c3e79f27385f08d63ca1
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab25051f14c22e9ac50fa34afd3d1ba5274e45cd6ccdd151a70e8ec696e5d22d
ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb
ae51a9c8736b2eb82927ccdbdf3dc9db08c7a6b9db0fc2ffb4f4ce00d8af5760
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b3e0e5db2674fb727b63871f299ea9f146ce45e3e3ed0c583f4ffdfb6fafb7ab
b59be8ab2c5d2964b654d7921550811a6bd8dd55d571cf9c69ecf95f0723bdb5
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
b7dfd098effc4b854d5fcf8e7d2e39d0cc0e6a103642f97d724c438e515b9b71
b831509c9907934028f980287d38cbee3b89644e7133c2f4b8b7c5dfca476aed
b99d80835f66e8ccd6d6f6efec14101447ae061febd873c06f0bef9ba50786c5
b9e99ee9233e0d5c4b8cb2eceeee7805cc4a85ca0c5edfc3e1f673eaaf781520
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bb2305c3e83d7c86379137d58729c60059847a2dfda83fae01c008582db6a3d5
bc7c89d48f0c4cb341429f9906c10b70c459f6cfe1a8cb965f6607bd0d3805c8
c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08
c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32
c5af66875dcaa4376a37580dec17528f5c1348d104a3a7b949ab7228f942f73c
c6102f07ce192d8f1e61b0a2e449a916e5d4d240dc47ab993fa1b39a5cdbcd84
c6e7fcc13e9fa0b4541bf314c25c54bf91807667df0a57d7cf30a554a7c00cae
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c833f74357d565730d9c30fff3e8fd9a8c3fb0d6ed6a39e0312f42c291977ebd
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cdef9d92aa1c5e9d8e409303f5ee38caceeecf3c1bdbf6e2f7bec8fe273dd596
cfc98d46b8948bdd10ecef95fe6292a8bfabac6782a441f6759b8bf9f5361af4
d0abaeb0eeeaf1c726e8c09d7af34ddfb53bf5810be0ee01a5652e0141bef84a
d51635c7b6e1da07507b989af89fda2b4781981b30c52100149fa5566b59275b
d7104243950b6eff64b0d4d1fa98d354ae07a9605bb31dab31a488c765b32d5c
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d81ee232abceed08a665f6490e99721a8c9c89ddcf2ddfc7c1463e463024e0b8
dba5166ad9db9ba648c1032ebbd34dcd0d085b50023b839ef5c68ca1db93a563
dd37e2cd931803994ea8f76c16d3d81aa0aa6d6488a049df19c78a078043c8bb
dd9b87d55605377b0545c4a642642fb1894f7f0b8b126ebab66ea914f9cca5b7
dde3261ae85ead281a4f3120a5c4cee3bc7a1874c284c4a23874af1ada1f08ec
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0943b32c80a724a40de925f3fa31c502829263cf2ebd090d3606cdbd0b32ed6
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c9181e83a24ce8fd1aedc13a573daded27c8677a50cf879fbee552798158be
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327
ede43b2ddb8f3b09a9062582da8619e3ade3da54e8e20c089848328488f0530a
eec370d7b4f63ff91eb68db608b448a1cd41412b4b1d4d207d2a0230e6000e7b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef332a5930a8a04b7c50da2d4cfaa58cdc3c9b4ce06e1a9de1d2f0fc982e7fc6
f1999206051534c886e13fb23a24980bf7e3cfd83a388f4cf2c81e3e7d7c03ad
f34b136e79d860a61095e1596b6a8a39b38c73d8bf4449daf6968d90386338c2
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f3cd801c9b21fd2833b20ede142f1ce49b6f04f766ad3eb0a9a95073ca291d87
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fb2032a0b90cb58dc7bae39580e26c34a7b44d3aad4fb088f965e32ae8196822
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

blog.paleohacks.com Open in urlscan Pro 2606:4700:10::6816:2c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

261 Requests

95 %HTTPS

56 %IPv6

42 Domains

59 Subdomains

45 IPs

8 Countries

3436 kBTransfer

8161 kBSize

40 Cookies

34 Outgoing links

Page URL History

Redirected requests

261 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 23 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blog.paleohacks.com Open in urlscan Pro
2606:4700:10::6816:2c Public Scan

Screenshot
Live screenshot

Full Image

261
Requests

95 %
HTTPS

56 %
IPv6

42
Domains

59
Subdomains

45
IPs

8
Countries

3436 kB
Transfer

8161 kB
Size

40
Cookies

261 HTTP transactions
23 data transactions