paletton.com Open in urlscan Pro
67.20.76.187 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://paletton.com/#uid=1000u0kllllaFw0g0qFqFg0w0aF
Effective URL:
http://paletton.com/
Submission: On August 17 via manual (August 17th 2020, 12:59:19 am UTC) from US

Summary HTTP 166 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 50 IPs in 10 countries across 36 domains to perform 166 HTTP transactions. The main IP is 67.20.76.187, located in Provo, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is paletton.com.

This is the only time paletton.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	67.20.76.187 67.20.76.187	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
2	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::681c:1be7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
3 8	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2606:4700:20:... 2606:4700:20::681a:81b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:815::2008	15169 (GOOGLE) (GOOGLE)
11	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE)
4	13.226.146.86 13.226.146.86	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:81d::2014	15169 (GOOGLE) (GOOGLE)
1	172.217.21.230 172.217.21.230	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	37.252.161.190 37.252.161.190	29990 (ASN-APPNEX) (ASN-APPNEX)
4	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
2	34.242.228.34 34.242.228.34	16509 (AMAZON-02) (AMAZON-02)
2	213.19.147.210 213.19.147.210	26120 (RHYTHMONE) (RHYTHMONE)
3	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
8	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT)
8	52.44.109.214 52.44.109.214	14618 (AMAZON-AES) (AMAZON-AES)
7 11	2606:2800:233... 2606:2800:233:97b6:26be:138a:cba8:bb01	15133 (EDGECAST) (EDGECAST)
6	35.158.189.107 35.158.189.107	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
2	129.146.196.240 129.146.196.240	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 2	52.95.124.170 52.95.124.170	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81f::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:819::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
4	67.202.110.24 67.202.110.24	32748 (STEADFAST) (STEADFAST)
1	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.57.10.248 52.57.10.248	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1	52.17.253.7 52.17.253.7	16509 (AMAZON-02) (AMAZON-02)
1	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-) (VCLK-EU-)
166	50

27 67.20.76.187 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: host2027.hostmonster.com

paletton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::681c:1be7 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adapex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.228.123 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.210.248.44 (Netherlands) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:81b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mrb.upapi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.226.146.86 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-146-86.dus51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajaxhttpheaders.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f230.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.161.190 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.241 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.242.228.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-228-34.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.210 (United Kingdom)

ASN26120 (RHYTHMONE, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.44.109.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-109-214.compute-1.amazonaws.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:2800:233:97b6:26be:138a:cba8:bb01 (United States) 7 redirects

ASN15133 (EDGECAST, US)

adserver-us.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.158.189.107 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-189-107.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

backend.upapi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 129.146.196.240 (United States)

ASN31898 (ORACLE-BMC-31898, US)

api-public-oci-origin.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.124.170 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5d03b48982630f9f1bfcf5487d9befe8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 67.202.110.24 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-110.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.130 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.10.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-10-248.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.253.7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-253-7.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (Sweden)

ASN41041 (VCLK-EU-, SE)

aol-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	paletton.com paletton.com	407 KB
21	googlesyndication.com pagead2.googlesyndication.com 5d03b48982630f9f1bfcf5487d9befe8.safeframe.googlesyndication.com tpc.googlesyndication.com	518 KB
16	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net ad.doubleclick.net stats.g.doubleclick.net	121 KB
13	advertising.com 7 redirects adserver-us.adtech.advertising.com pixel.advertising.com	8 KB
12	33across.com ssc.33across.com ssc-cms.33across.com	5 KB
9	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com	16 KB
9	adnxs.com prebid.adnxs.com ib.adnxs.com acdn.adnxs.com	8 KB
9	addthis.com 3 redirects s7.addthis.com m.addthis.com api-public.addthis.com api-public-oci-origin.addthis.com	192 KB
8	ampproject.org cdn.ampproject.org	342 KB
6	sharethrough.com btlr.sharethrough.com	660 B
6	amazon-adsystem.com 1 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com	32 KB
5	google.com adservice.google.com www.google.com	168 B
3	districtm.io dmx.districtm.io cdn.districtm.io	613 B
3	upapi.net 1 redirects mrb.upapi.net backend.upapi.net	226 KB
2	facebook.com graph.facebook.com	2 KB
2	casalemedia.com as-sec.casalemedia.com	2 KB
2	1rx.io tag.1rx.io	536 B
2	yieldmo.com ads.yieldmo.com	702 B
2	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	paypalobjects.com www.paypalobjects.com	1 KB
2	googleapis.com ajax.googleapis.com	59 KB
2	cookielaw.org cdn.cookielaw.org	20 KB
1	dotomi.com aol-match.dotomi.com	104 B
1	adform.net c1.adform.net	188 B
1	adsrvr.org match.adsrvr.org	264 B
1	quantserve.com 1 redirects pixel.quantserve.com	505 B
1	googletagservices.com www.googletagservices.com	26 KB
1	ad-delivery.net ad-delivery.net	627 B
1	appspot.com ajaxhttpheaders.appspot.com
1	addthisedge.com v1.addthisedge.com	674 B
1	moatads.com z.moatads.com	1 KB
1	google.de adservice.google.de	168 B
1	googletagmanager.com www.googletagmanager.com	26 KB
1	adapex.io cdn.adapex.io	98 KB
0	jquery.com Failed code.jquery.com Failed
166	36

	Domain	Requested by
27	paletton.com	paletton.com ajax.googleapis.com
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net paletton.com cdn.ampproject.org pagead2.googlesyndication.com tpc.googlesyndication.com
11	adserver-us.adtech.advertising.com	7 redirects paletton.com
11	securepubads.g.doubleclick.net	cdn.adapex.io securepubads.g.doubleclick.net paletton.com
9	pagead2.googlesyndication.com	paletton.com pagead2.googlesyndication.com
8	cdn.ampproject.org	securepubads.g.doubleclick.net
8	ssc.33across.com	cdn.adapex.io
8	fastlane.rubiconproject.com	cdn.adapex.io
6	btlr.sharethrough.com	cdn.adapex.io
4	ssc-cms.33across.com	cdn.adapex.io
4	www.google.com	paletton.com
4	ib.adnxs.com	cdn.adapex.io
4	c.amazon-adsystem.com	cdn.adapex.io c.amazon-adsystem.com
4	s7.addthis.com	1 redirects paletton.com s7.addthis.com
3	prebid.adnxs.com	cdn.adapex.io
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	pixel.advertising.com	paletton.com
2	acdn.adnxs.com	cdn.adapex.io
2	aax-eu.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	api-public-oci-origin.addthis.com	paletton.com
2	api-public.addthis.com	2 redirects
2	graph.facebook.com	s7.addthis.com
2	as-sec.casalemedia.com	cdn.adapex.io
2	dmx.districtm.io	cdn.adapex.io
2	tag.1rx.io	cdn.adapex.io
2	ads.yieldmo.com	cdn.adapex.io
2	www.google-analytics.com	paletton.com
2	mrb.upapi.net	1 redirects paletton.com
2	www.paypalobjects.com	paletton.com
2	ajax.googleapis.com	paletton.com
2	cdn.cookielaw.org	paletton.com cdn.cookielaw.org
1	aol-match.dotomi.com	paletton.com
1	c1.adform.net	paletton.com
1	match.adsrvr.org	paletton.com
1	pixel.quantserve.com	1 redirects
1	cdn.districtm.io	cdn.adapex.io
1	eus.rubiconproject.com	cdn.adapex.io
1	5d03b48982630f9f1bfcf5487d9befe8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	backend.upapi.net	mrb.upapi.net
1	stats.g.doubleclick.net	paletton.com
1	mug.criteo.com	paletton.com
1	gum.criteo.com	1 redirects
1	www.googletagservices.com	pagead2.googlesyndication.com
1	ad-delivery.net	paletton.com
1	ad.doubleclick.net	paletton.com
1	ajaxhttpheaders.appspot.com	ajax.googleapis.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	www.googletagmanager.com	paletton.com
1	cdn.adapex.io	paletton.com
0	code.jquery.com Failed	cdn.cookielaw.org
166	54

This site contains links to these domains. Also see Links.

Domain
pixy.cz

Subject Issuer	Validity	Valid
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-01-09` - `2022-01-12`	2 years	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-06-22` - `2020-09-20`	3 months	crt.sh
prebid.adnxs.com GeoTrust TLS RSA CA G1	`2020-03-29` - `2022-03-29`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.yieldmo.com Amazon	`2020-06-23` - `2021-07-23`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
*.adtech.advertising.com DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
*.sharethrough.com Amazon	`2019-10-07` - `2020-11-07`	a year	crt.sh
*.upapi.net Let's Encrypt Authority X3	`2020-07-17` - `2020-10-15`	3 months	crt.sh
*.addthis.com DigiCert SHA2 Secure Server CA	`2019-02-04` - `2021-02-03`	2 years	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2020-06-15` - `2021-06-15`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2020-08-08` - `2020-11-03`	3 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh

This page contains 21 frames:

Primary Page: http://paletton.com/
Frame ID: 406F59E9840D066DF82DE7A8A9515FE0
Requests: 113 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200810/r20190131/zrt_lookup.html
Frame ID: 84C1EE2A53CF76045BEEB61B449027C2
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 3D9393EF3166CE712668A5B14915C76E
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: A70AEA67A6815E1F0E4EB5A7B65E77DA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3730271461974795&output=html&h=15&slotname=3692792068&adk=945085698&adf=2671766170&w=728&lmt=1596098076&psa=0&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&flash=0&wgl=1&adsid=NT&dt=1597625922411&bpp=15&bdt=889&idt=152&shv=r20200810&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3400906340283&frm=20&pv=2&ga_vid=173610426.1597625923&ga_sid=1597625923&ga_hid=1391014161&ga_fc=0&iag=0&icsg=584182647328&dssz=32&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=391&ady=245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066124%2C21066435%2C21066897%2C21066706&oid=3&pvsid=4261934358425384&pem=446&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=5A8ApjxXru&p=http%3A//paletton.com&dtd=173
Frame ID: 0253A6463EFB48C667F036464D2F0AAF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3730271461974795&output=html&adk=1812271804&adf=3025194257&lmt=1596098076&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1597625922466&bpp=6&bdt=945&idt=132&shv=r20200810&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=3692792068&nras=1&correlator=3400906340283&frm=20&pv=1&ga_vid=173610426.1597625923&ga_sid=1597625923&ga_hid=1391014161&ga_fc=0&iag=0&icsg=563534136068640&dssz=33&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066124%2C21066435%2C21066897%2C21066706&oid=3&pvsid=4261934358425384&pem=446&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=138
Frame ID: EBA09A207C51FCFFF6565DF3B53AE0FB
Requests: 1 HTTP requests in this frame

Frame: http://paletton.com/preview/default.html
Frame ID: 18408EA08598E2DD7EA5D27C56D1E928
Requests: 6 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_r1u_cnv&dcc=t
Frame ID: EA9169CEBC3F90E66A7CCDD8A71CBAB3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js
Frame ID: BD895B3BAB5A1892AC3E1A35D55F2C82
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js
Frame ID: 6DC40200740EA3B9F81501FA6FFC6F18
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js
Frame ID: 813D7F50AB5AC7D7A45CDAF0A8975718
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js
Frame ID: 11E34350A32C5DCAD699699596CDC4BE
Requests: 9 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=a-jbSKipCr6QqaaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 287A9E621FD6FD79BE3C36C2EA2091B9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 96F5B566D6CF8B281ABD396514F48F19
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 3E5CD735C0450424EA9BCB105C0251BA
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bhKz3KipCr6QqaaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: BD04FEF738346CA57047EB023B4E81C7
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=a1qoh-ipCr6QqaaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: FE38CE9CC6A48786CFEA8581F6A1584A
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=a5OAvyipCr6QqaaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 6299C7C0114BEF6B124E0BBFBFC96ABB
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F47405DECF67D2BF896774E6ADB56D7F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A246729FD13FA5BCC86DD9332807679E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: B64A29E4A628BED8533B011C9D8E0DFC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

166
Requests

73 %
HTTPS

49 %
IPv6

36
Domains

54
Subdomains

50
IPs

10
Countries

2129 kB
Transfer

5421 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://pixy.cz/index-en.html
Title: Petr Stan�cek

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
https://s7.addthis.com/js/300/addthis_widget.js

Request Chain 14

http://mrb.upapi.net/code?w=5684516622434304&uponit=true HTTP 301
https://mrb.upapi.net/code?w=5684516622434304&uponit=true

Request Chain 29

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 44

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fpaletton.com%2F&domain=paletton.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=p5xKFHxOazV6RHh2UG00T1Q5R05VMW9VQzlUUEpIZWIvbEM4M0NvSk1WM1dNcmFYQmNrMVd5aW9VUENqaFNteG4xNWNHZFVXK3lHMXZZVkNoT0dPSml6ZjhZakIyTGh2WFVhTlJoUThWa1JYSkJMbjFvbTh4T09kSDNzQzgzUWNmN0ovNTFkWEZhRFY5Q3RvNnZ5bjNLY0YyemJNN0pNMm1CVFNCSkFvYWFLUWhmREljL1A3Vk9YV2NocFZLNmdNcFk2azN2SnZqYzhtVUNMcG41akhRTTBRNlVBYk5HeGtGZVljMHdLci9XL3NZTnV3PXw&cppv=2

Request Chain 60

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=7535fcfbc446928;misc=1597625922723;bidfloor=0.01; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;cfp=1;rndc=1597625922;v=2;cmd=bid;cors=yes;alias=7535fcfbc446928;misc=1597625922723;bidfloor=0.01

Request Chain 61

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=76a333e101ca245;misc=1597625922724;bidfloor=0.01; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;cfp=1;rndc=1597625922;v=2;cmd=bid;cors=yes;alias=76a333e101ca245;misc=1597625922724;bidfloor=0.01 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;apid=1Acbb30602-e024-11ea-a472-12a779b12fd4;cfp=1;rndc=1597625922;v=2;cmd=bid;cors=yes;alias=76a333e101ca245;misc=1597625922724;bidfloor=0.01

Request Chain 75

http://www.google-analytics.com/collect?v=1&_v=j83&a=1391014161&t=pageview&_s=1&dl=http%3A%2F%2Fpaletton.com%2F&dp=%2Fview%2Fdefault&ul=en-us&de=UTF-8&dt=App%20(default)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KChAgAAB~&jid=745361690&gjid=2044219109&cid=173610426.1597625923&tid=UA-51179325-1&_gid=583099613.1597625923&cd1=en&cd2=mono&cd3=&z=116963196 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j83&a=1391014161&t=pageview&_s=1&dl=http%3A%2F%2Fpaletton.com%2F&dp=%2Fview%2Fdefault&ul=en-us&de=UTF-8&dt=App%20(default)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KChAgAAB~&jid=745361690&gjid=2044219109&cid=173610426.1597625923&tid=UA-51179325-1&_gid=583099613.1597625923&cd1=en&cd2=mono&cd3=&z=116963196

Request Chain 81

http://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&callback=_ate.cbs.rcb_3g6h0 HTTP 308
https://api-public-oci-origin.addthis.com/url/shares.json?url=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&callback=_ate.cbs.rcb_3g6h0

Request Chain 83

http://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&callback=_ate.cbs.rcb_8wz60 HTTP 308
https://api-public-oci-origin.addthis.com/url/shares.json?url=https%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&callback=_ate.cbs.rcb_8wz60

Request Chain 84

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_r1u_cnv HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_r1u_cnv&dcc=t

Request Chain 139

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=G2JlHUoyY0cDMGBCGzZ7Qk81ZEADYDdGS2elaMN4

Request Chain 162

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=160592fbe42833ed;misc=1597625953724;bidfloor=0.01; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;cfp=1;rndc=1597625953;v=2;cmd=bid;cors=yes;alias=160592fbe42833ed;misc=1597625953724;bidfloor=0.01 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;apid=1Ade26006e-e024-11ea-926d-126f1f1ee25e;cfp=1;rndc=1597625953;v=2;cmd=bid;cors=yes;alias=160592fbe42833ed;misc=1597625953724;bidfloor=0.01

Request Chain 163

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=161ff554758d0df4;misc=1597625953724;bidfloor=0.01; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;cfp=1;rndc=1597625953;v=2;cmd=bid;cors=yes;alias=161ff554758d0df4;misc=1597625953724;bidfloor=0.01 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;apid=1Ade274c76-e024-11ea-a01a-12121b825df6;cfp=1;rndc=1597625953;v=2;cmd=bid;cors=yes;alias=161ff554758d0df4;misc=1597625953724;bidfloor=0.01

166 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
paletton.com/ 16 KB
7 KB 435ms
391ms Document
text/html 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://paletton.com/
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 8cd8b4160067bbd2cb67c6c7cba5901e4d31f67b17675cb66eecaa0efce1653c

Request headers

Host: paletton.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:41 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 30 Jul 2020 08:34:36 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6501
Keep-Alive: timeout=5, max=75
Content-Type: text/html

GET
H/1.1 200
OK jquery-ui-1.10.4.custom.css
paletton.com/css/jqui/ 31 KB
8 KB 210ms
208ms Stylesheet
text/css 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://paletton.com/css/jqui/jquery-ui-1.10.4.custom.css
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 9275fc6aca0d205550d5dac655167f97ab867ac8d9daf3d809168a0cb1367e95

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jun 2020 13:12:03 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 7455

GET
H/1.1 200
OK default2.css
paletton.com/css/css/ 40 KB
10 KB 398ms
371ms Stylesheet
text/css 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://paletton.com/css/css/default2.css?v=20180422-2
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: c32ccacaeb3ee7154cef4c903713481b2b857d2405fa81fdc9c3db63fe8cad0c

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jun 2020 13:11:58 GMT
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Cache-Control: max-age=3600, public, must-revalidate
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=75
Content-Length: 9435

GET
H2 200 0bd03cd2-b6e9-46b6-8759-aa6e795985d6.js Show response
cdn.cookielaw.org/consent/ 58 KB
14 KB 31ms
15ms Script
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/0bd03cd2-b6e9-46b6-8759-aa6e795985d6.js

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73d7ea3d0a15f6d653a23bc31e35d81c6d75cb99cf2cc77ec3eeaa6907066044

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Aug 2020 00:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: aRcU9MjsWVJzLd4DRoTEXg==
age: 419
x-cache: HIT
status: 200
vary: Accept-Encoding
content-length: 13918
cf-request-id: 049b860807000005dcd1806200000001
x-ms-lease-status: unlocked
last-modified: Wed, 15 May 2019 16:25:11 GMT
server: cloudflare
etag: 0x8D6D951E74E7626
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4decb9d0-901e-017e-2b80-67017c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5c3f72b9a8b905dc-FRA
expires: Sat, 01 Aug 2020 03:23:59 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.0/ 82 KB
29 KB 14ms
6ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 11 Aug 2020 01:37:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Age: 516081
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 29478
X-XSS-Protection: 0
Expires: Wed, 11 Aug 2021 01:37:20 GMT

GET
H/1.1 200
OK jquery-ui-1.10.4.custom.min.js Show response
paletton.com/js/lib/ 223 KB
80 KB 394ms
368ms Script
application/javascript 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://paletton.com/js/lib/jquery-ui-1.10.4.custom.min.js
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 9a21963af0fc87d11e1deac7b030915e75fddf4378d2fa2eb55b8d6f6f453b44

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jun 2020 13:12:28 GMT
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Cache-Control: max-age=3600, public, must-revalidate
Transfer-Encoding: chunked
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=75

GET
H/1.1 200
OK jquery.observehashchange.js Show response
paletton.com/js/lib/ 3 KB
2 KB 397ms
370ms Script
application/javascript 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://paletton.com/js/lib/jquery.observehashchange.js
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: a7fb846925485c1510f4e2aabb7d00e0e61cac8da30d5026ad73fcfec7a62351

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jun 2020 13:12:28 GMT
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Cache-Control: max-age=3600, public, must-revalidate
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=75
Content-Length: 1190

GET
H/1.1 200
OK jquery.cookie.js Show response
paletton.com/js/lib/ 3 KB
2 KB 373ms
347ms Script
application/javascript 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://paletton.com/js/lib/jquery.cookie.js
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jun 2020 13:12:28 GMT
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Cache-Control: max-age=3600, public, must-revalidate
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=75
Content-Length: 1425

GET
H/1.1 200
OK en.js Show response
paletton.com/js/lang/ 12 KB
4 KB 403ms
377ms Script
application/javascript 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://paletton.com/js/lang/en.js
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 39b8196df8565826ec39b8d848e26405d874f03ffe238ccfa8f253594f3393dc

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jun 2020 13:12:27 GMT
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Cache-Control: max-age=3600, public, must-revalidate
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=75
Content-Length: 3867

GET
H/1.1 200
OK require.js Show response
paletton.com/js/lib/ 13 KB
7 KB 431ms
222ms Script
application/javascript 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://paletton.com/js/lib/require.js
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: dcdcd0277e3c5f2c9c4e7109b03ca071a9778bf73d147cbaac01af65d494fb3c

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jun 2020 13:12:29 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 6723

GET
H/1.1 200
OK aaw.plt-2.js Show response
cdn.adapex.io/hb/ 330 KB
98 KB 46ms
16ms Script
application/javascript 2606:4700:3036::681c:1be7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::681c:1be7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c31bd367f92010873c7c3a3bf486017a905c8985c74f3a90073f35e0fda77f58

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:42 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 61594
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 049b860a7b0000dfbbedbc0200000001
Last-Modified: Fri, 07 Aug 2020 06:50:48 GMT
Server: cloudflare
ETag: W/"5f2cf9c8-5291c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
CF-RAY: 5c3f72bd9b88dfbb-FRA
Expires: Mon, 17 Aug 2020 07:42:23 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 124 KB
44 KB 25ms
19ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3ec2cd8be237a81965e17c0bbc842514d45b0b491cc22316bf60904e93d82e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Mon, 17 Aug 2020 00:58:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 5282756978700322978
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 44552
X-XSS-Protection: 0
Expires: Mon, 17 Aug 2020 00:58:42 GMT

GET
H2 200 btn_donate_SM.gif
www.paypalobjects.com/en_US/i/btn/ 578 B
780 B 191ms
57ms Image
image/webp 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/btn/btn_donate_SM.gif

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

ee2af3678bf56d72d7f5aabb08dbe7284d1531b1f8c4578b6e899a65d0dc900c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 17 Aug 2020 00:58:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 14 Jun 2020 05:34:53 GMT
server: Akamai Image Manager
strict-transport-security: max-age=31536000
content-type: image/webp
status: 200
cache-control: private, max-age=1744582
content-length: 578
expires: Sun, 06 Sep 2020 05:35:04 GMT

GET
H2 200 pixel.gif
www.paypalobjects.com/en_US/i/scr/ 43 B
250 B 168ms
56ms Image
image/gif 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 17 Aug 2020 00:58:42 GMT
x-content-type-options: nosniff
last-modified: Fri, 08 May 2020 01:21:33 GMT
server: Akamai Image Manager
strict-transport-security: max-age=31536000
content-type: image/gif
status: 200
cache-control: private, no-transform, max-age=43200
content-length: 43
expires: Mon, 17 Aug 2020 12:58:42 GMT

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/300/
Redirect Chain

http://s7.addthis.com/js/300/addthis_widget.js
https://s7.addthis.com/js/300/addthis_widget.js

353 KB
114 KB

50ms
50ms

Script
application/javascript

23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
date: Mon, 17 Aug 2020 00:58:42 GMT
x-host: s7.addthis.com
content-length: 116324

Redirect headers

Date: Mon, 17 Aug 2020 00:58:42 GMT
Server: nginx/1.15.8
X-Distribution: 99
Content-Type: text/html
Location: https://s7.addthis.com/js/300/addthis_widget.js
X-Host: s7.addthis.com
Connection: keep-alive
Content-Length: 171

GET
H2

200

code Show response
mrb.upapi.net/
Redirect Chain

http://mrb.upapi.net/code?w=5684516622434304&uponit=true
https://mrb.upapi.net/code?w=5684516622434304&uponit=true

698 KB
225 KB

58ms
43ms

Script
application/javascript

2606:4700:20::681a:81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrb.upapi.net/code?w=5684516622434304&uponit=true
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e35a94e34ceef5b27ac32ce4eb7bc9caeb8880368c5763cccc324964ca6244a

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 17 Aug 2020 00:58:42 GMT
via: 1.1 google
cf-cache-status: HIT
age: 75
status: 200
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 049b860b6a00001f395a1b7200000001
server: cloudflare
etag: W/"f4b0a03e693df231fa4c4a4f94587adf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800, must-revalidate
cf-ray: 5c3f72bf198c1f39-FRA

Redirect headers

Date: Mon, 17 Aug 2020 00:58:42 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://mrb.upapi.net/code?w=5684516622434304&uponit=true
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5c3f72be4ec83244-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 049b860aeb000032441598b200000001
Expires: Mon, 17 Aug 2020 01:58:42 GMT

GET
H2 200 optanon.css
cdn.cookielaw.org/skins/4.9.0/default_flat_bottom_two_button_black/v2/css/ 23 KB
6 KB 19ms
18ms Stylesheet
text/css 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/skins/4.9.0/default_flat_bottom_two_button_black/v2/css/optanon.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/0bd03cd2-b6e9-46b6-8759-aa6e795985d6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bd0bc4edd5e4b256b9c40ce082680ad16a78ac5faf4d3337d39cf9605518bfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Aug 2020 00:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jzLE25vmrDR3ZmMxTSa8+w==
age: 5312
x-cache: HIT
status: 200
vary: Accept-Encoding
content-length: 5556
cf-request-id: 049b86098c000005dcd181b200000001
x-ms-lease-status: unlocked
last-modified: Thu, 19 Sep 2019 20:24:30 GMT
server: cloudflare
etag: 0x8D73D3F60459E1C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: af0d855c-901e-00bd-2d7e-67ce6a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5c3f72bc1c2b05dc-FRA
expires: Sat, 01 Aug 2020 03:24:00 GMT

GET jquery-3.3.1.min.js
code.jquery.com/ 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 67 KB
26 KB 51ms
50ms Script
application/javascript 2a00:1450:4001:815::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TQW4RL7

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9dff1eaf6ad348461c9cf6c69d849ff0ceff7de5d250ba3df07f7a7e601c3c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 17 Aug 2020 00:58:42 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26750
x-xss-protection: 0
last-modified: Mon, 17 Aug 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 Aug 2020 00:58:42 GMT

GET
H/1.1 200
OK app.compiled.js Show response
paletton.com/js/ 120 KB
43 KB 205ms
204ms Script
application/javascript 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://paletton.com/js/app.compiled.js
Requested by: Host: paletton.com
URL: http://paletton.com/js/lib/require.js
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 3177a76aadf4fe5c7ee7fba5823116009ca3bfd09a18671788aceb2d8ce46395

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:42 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jun 2020 13:12:24 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600, public, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74

GET
H/1.1 200
OK noise.png
paletton.com/img/ 40 KB
41 KB 223ms
222ms Image
image/png 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://paletton.com/img/noise.png
Requested by: Host: paletton.com
URL: http://paletton.com/css/css/default2.css?v=20180422-2
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: c138155605cc246182faa0e74f267845732eff694ba80165b50e2a8f8e8cd8a3

Request headers

Referer: http://paletton.com/css/css/default2.css?v=20180422-2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:42 GMT
Last-Modified: Wed, 17 Jun 2020 13:12:15 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 41339

GET
H/1.1 200
OK bg-header.png
paletton.com/img/ 262 B
557 B 208ms
207ms Image
image/png 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://paletton.com/img/bg-header.png
Requested by: Host: paletton.com
URL: http://paletton.com/css/css/default2.css?v=20180422-2
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: c2b27caef0bf2dfca09290ec03af3d78a112724a6884d34c7b4a7350dc843f3e

Request headers

Referer: http://paletton.com/css/css/default2.css?v=20180422-2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:42 GMT
Last-Modified: Wed, 17 Jun 2020 13:12:13 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 262

GET
H/1.1 200
OK sprites.png
paletton.com/img/ 21 KB
21 KB 203ms
202ms Image
image/png 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://paletton.com/img/sprites.png
Requested by: Host: paletton.com
URL: http://paletton.com/css/css/default2.css?v=20180422-2
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 9e4e025c7f5a11e3c38a0a628d90e86f5abe8bedd33474cc56eecbbd531d41ad

Request headers

Referer: http://paletton.com/css/css/default2.css?v=20180422-2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:42 GMT
Last-Modified: Wed, 17 Jun 2020 13:12:18 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 21448

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 55 KB
19 KB 142ms
50ms Script
text/javascript 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

8cbcb968ea965e08c041941e1d70761e77f555e3b6c2ba707f3cb84067301ef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 17 Aug 2020 00:58:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "604 / 877 of 1000 / last-modified: 1597443003"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18807
x-xss-protection: 0
expires: Mon, 17 Aug 2020 00:58:42 GMT

GET
H/1.1 200
OK apstag.js Show response
c.amazon-adsystem.com/aax2/ 104 KB
27 KB 119ms
93ms Script
application/javascript 13.226.146.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: HTTP/1.1
Server: 13.226.146.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-146-86.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 66cfd93f20fe1bb1545202b2138ec00c34d51f2cf915409404f4615560dcf7cb

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:52:10 GMT
Content-Encoding: gzip
Connection: keep-alive
Server: Server
Age: 393
ETag: 455f576a29240d2cfe83996aefcdb576
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
Cache-Control: public, max-age=900
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: ibK0G1OgSXNYPhfyB4rWVr8GUBvroKnRQb5K1hRIb7hf-8zxI1bv6Q==

GET
H/1.1 200
OK loader.gif
paletton.com/img/ 7 KB
8 KB 200ms
200ms Image
image/gif 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://paletton.com/img/loader.gif
Requested by: Host: paletton.com
URL: http://paletton.com/css/css/default2.css?v=20180422-2
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 5f527ad94f536aea3fd9f50b3401e7e5a677f4cf4bc7fc40d3cd01d5e73e3d0a

Request headers

Referer: http://paletton.com/css/css/default2.css?v=20180422-2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:42 GMT
Last-Modified: Wed, 17 Jun 2020 13:12:15 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 7389

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 16ms
15ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=paletton.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 Aug 2020 00:58:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 14ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=paletton.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 Aug 2020 00:58:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200810/r20190131/ 224 KB
84 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200810/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2157177c0f88c0ed5fd3b39d2ea42b21e73bf6e32b597704cb4d46ecf7e8c828

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 17 Aug 2020 00:58:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 85957
x-xss-protection: 0
server: cafe
etag: 1127264767404182965
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Aug 2020 00:58:42 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200810/r20190131/ Frame 84C1 0
0 6ms
5ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200810/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200810/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://paletton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://paletton.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Mon, 10 Aug 2020 23:54:36 GMT
expires: Mon, 24 Aug 2020 23:54:36 GMT
content-type: text/html; charset=UTF-8
etag: 1003971328536524430
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4617
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 522246
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

45 KB
18 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 6182
date: Sun, 16 Aug 2020 23:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Mon, 17 Aug 2020 01:15:40 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 52ms
49ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 17 Aug 2020 00:58:42 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=7823
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-4fcbb0414b3d9e9d/ 1 KB
674 B 231ms
230ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-4fcbb0414b3d9e9d/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3451f26a836acb1af177f2cbebba4570190e41943f59fbdc5d360f3d33628286

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 17 Aug 2020 00:58:42 GMT
content-encoding: gzip
etag: 1756799755--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 498

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 222ms
222ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5f39d642aa1ee610&bkl=0&bl=1&pdt=980&sid=5f39d642aa1ee610&pub=ra-4fcbb0414b3d9e9d&rev=v8.28.7-wp&ln=en&pc=men&cb=0&ab=-&dp=paletton.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=color%2Cscheme%2Cwheel%2Ccolor%20wheel%2Ctheory%2Ccolor%20theory%2Ccolorwheel%2Cdesign%2Cdesigner%2Cpalette%2Ccolorize%2Ccolorset%2CRYB%2CRGB%2Cweb%2Ccolors%2Cwebcolors%2Csafecolors%2Cblind%2Cblindness%2Csimulation%2Cprotanopy%2Cprotanopia&colc=1597625922482&jsl=1&uvs=5f39d6424e73ab25000&skipb=1&callback=addthis.cbs.jsonp__67307544149335620
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cdbb7f56bfd584fb0a664ed9a895521e4c1746ee61fae1f6fd642408b36514e1

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Mon, 17 Aug 2020 00:58:42 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 3D93 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame A70A 0
0 69ms
69ms Document
text/html 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://paletton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://paletton.com/

Response headers

status: 200
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 09 Sep 2019 15:34:57 GMT
etag: W/"5d767121-1115f"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 25412
date: Mon, 17 Aug 2020 00:58:42 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H/1.1 503
Service Unavailable /
ajaxhttpheaders.appspot.com/ 0
0 121ms
115ms Script
text/html 2a00:1450:4001:81d::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://ajaxhttpheaders.appspot.com/?callback=jQuery21006759336627275863_1597625921939&_=1597625921940
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js
Protocol: HTTP/1.1
Server: 2a00:1450:4001:81d::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:42 GMT
Server: Google Frontend
Content-Length: 91
Content-Type: text/html

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
470 B 149ms
49ms Image
image/x-icon 172.217.21.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f230.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 16 Aug 2020 16:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31304
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 17 Aug 2020 16:16:58 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
627 B 32ms
17ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.007763845397825708
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 17 Aug 2020 00:58:42 GMT
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 2785
x-cache: Hit from cloudfront
status: 200
content-type: image/gif
content-length: 43
cf-request-id: 049b860bf300001f295e0da200000001
last-modified: Thu, 27 Jul 2017 18:59:05 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 5c3f72bfe9b91f29-FRA
x-amz-cf-id: zx5or2QQz0UItFDMtwaIOBc4eiC9w6ElSPb05w8jTHIHaP1qWucf7A==

GET
H/2+Q/46 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0253 0
0 143ms
129ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3730271461974795&output=html&h=15&slotname=3692792068&adk=945085698&adf=2671766170&w=728&lmt=1596098076&psa=0&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&flash=0&wgl=1&adsid=NT&dt=1597625922411&bpp=15&bdt=889&idt=152&shv=r20200810&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3400906340283&frm=20&pv=2&ga_vid=173610426.1597625923&ga_sid=1597625923&ga_hid=1391014161&ga_fc=0&iag=0&icsg=584182647328&dssz=32&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=391&ady=245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066124%2C21066435%2C21066897%2C21066706&oid=3&pvsid=4261934358425384&pem=446&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=5A8ApjxXru&p=http%3A//paletton.com&dtd=173

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200810/r20190131/show_ads_impl_fy2019.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3730271461974795&output=html&h=15&slotname=3692792068&adk=945085698&adf=2671766170&w=728&lmt=1596098076&psa=0&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&flash=0&wgl=1&adsid=NT&dt=1597625922411&bpp=15&bdt=889&idt=152&shv=r20200810&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3400906340283&frm=20&pv=2&ga_vid=173610426.1597625923&ga_sid=1597625923&ga_hid=1391014161&ga_fc=0&iag=0&icsg=584182647328&dssz=32&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=391&ady=245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066124%2C21066435%2C21066897%2C21066706&oid=3&pvsid=4261934358425384&pem=446&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=5A8ApjxXru&p=http%3A//paletton.com&dtd=173
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://paletton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://paletton.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 17 Aug 2020 00:58:42 GMT
server: cafe
content-length: 5657
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 17-Aug-2020 01:13:42 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Mon, 17 Aug 2020 00:58:42 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 71 KB
26 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200810/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c2e8cc6bb34d90c88a96d20554236a69f0e8f82fd2c3d311eca6e604615a363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 17 Aug 2020 00:58:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1597280563698695"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27037
x-xss-protection: 0
expires: Mon, 17 Aug 2020 00:58:42 GMT

GET
H/2+Q/46 200 ads
googleads.g.doubleclick.net/pagead/ Frame EBA0 0
0 58ms
58ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3730271461974795&output=html&adk=1812271804&adf=3025194257&lmt=1596098076&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1597625922466&bpp=6&bdt=945&idt=132&shv=r20200810&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=3692792068&nras=1&correlator=3400906340283&frm=20&pv=1&ga_vid=173610426.1597625923&ga_sid=1597625923&ga_hid=1391014161&ga_fc=0&iag=0&icsg=563534136068640&dssz=33&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066124%2C21066435%2C21066897%2C21066706&oid=3&pvsid=4261934358425384&pem=446&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=138

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200810/r20190131/show_ads_impl_fy2019.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3730271461974795&output=html&adk=1812271804&adf=3025194257&lmt=1596098076&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1597625922466&bpp=6&bdt=945&idt=132&shv=r20200810&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=3692792068&nras=1&correlator=3400906340283&frm=20&pv=1&ga_vid=173610426.1597625923&ga_sid=1597625923&ga_hid=1391014161&ga_fc=0&iag=0&icsg=563534136068640&dssz=33&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559%2C21066124%2C21066435%2C21066897%2C21066706&oid=3&pvsid=4261934358425384&pem=446&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=138
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://paletton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://paletton.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 17 Aug 2020 00:58:42 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 17-Aug-2020 01:13:42 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Mon, 17 Aug 2020 00:58:42 GMT
cache-control: private

GET
H/1.1 200
OK aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 113ms
88ms XHR
application/javascript 13.226.146.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Server: 13.226.146.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-146-86.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 16 Aug 2020 07:32:28 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
Age: 62775
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Tue, 23 Jun 2020 10:10:39 GMT
Server: AmazonS3
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Via: 1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: q4opBTXdsQw8_wYc9nMdhg9QZvShURY3bdYuA3DRatOCLfbPruyTiA==

GET
H/2+Q/46 200 pubads_impl_2020080501.js Show response
securepubads.g.doubleclick.net/gpt/ 262 KB
92 KB 115ms
61ms Script
text/javascript 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

2a7a5100d1b04b40f49ec3661a2ce57d3af5acbd35497cd946e87912a6c9e021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 17 Aug 2020 00:58:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 05 Aug 2020 08:42:44 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94052
x-xss-protection: 0
expires: Mon, 17 Aug 2020 00:58:42 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 113 B
498 B 335ms
217ms XHR
text/javascript 13.226.146.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&pid=5B6mlOyG5884Q&cb=0&ws=1600x1200&v=7.53.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F21794835430%2FPALET_1_970v%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F21794835430%2FPALET_2_120X654_Left%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21794835430%2FPALET_1_300v%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F21794835430%2FPALET_2_970v%22%7D%5D&pubid=aae5fce7-148c-42d1-b4a2-3be1a1ffbd25&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.146.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-146-86.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 7933729e0deac5e5ecfecd8696e52e4fad1af99a23df047644d8bd54ad53daf2

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 17 Aug 2020 00:58:42 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: DUS51-C1
status: 200
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://paletton.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 124
via: 1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront)
x-amz-cf-id: Fmj46k5X4PL4p-L0g574QLNxG102iz9oHkaRTU8cKONw3rPjJ-SwGg==

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fpaletton.com%2F&domain=paletton.com&cw=1
https://mug.criteo.com/sid?cpp=p5xKFHxOazV6RHh2UG00T1Q5R05VMW9VQzlUUEpIZWIvbEM4M0NvSk1WM1dNcmFYQmNrMVd5aW9VUENqaFNteG4xNWNHZFVXK3lHMXZZVkNoT0dPSml6ZjhZakIyTGh2WFVhTlJoUThWa1JYSkJMbjFvbTh4T09kSDNzQz...

372 B
665 B

183ms
61ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=p5xKFHxOazV6RHh2UG00T1Q5R05VMW9VQzlUUEpIZWIvbEM4M0NvSk1WM1dNcmFYQmNrMVd5aW9VUENqaFNteG4xNWNHZFVXK3lHMXZZVkNoT0dPSml6ZjhZakIyTGh2WFVhTlJoUThWa1JYSkJMbjFvbTh4T09kSDNzQzgzUWNmN0ovNTFkWEZhRFY5Q3RvNnZ5bjNLY0YyemJNN0pNMm1CVFNCSkFvYWFLUWhmREljL1A3Vk9YV2NocFZLNmdNcFk2azN2SnZqYzhtVUNMcG41akhRTTBRNlVBYk5HeGtGZVljMHdLci9XL3NZTnV3PXw&cppv=2

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f04ce93c5edb2e0cb2d8419225e4d2e1fc76ac6195f9c6958f8f44811b1eb1f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 17 Aug 2020 00:58:42 GMT
status: 200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1564
content-length: 372
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
status: 302
date: Mon, 17 Aug 2020 00:58:42 GMT
location: https://mug.criteo.com/sid?cpp=p5xKFHxOazV6RHh2UG00T1Q5R05VMW9VQzlUUEpIZWIvbEM4M0NvSk1WM1dNcmFYQmNrMVd5aW9VUENqaFNteG4xNWNHZFVXK3lHMXZZVkNoT0dPSml6ZjhZakIyTGh2WFVhTlJoUThWa1JYSkJMbjFvbTh4T09kSDNzQzgzUWNmN0ovNTFkWEZhRFY5Q3RvNnZ5bjNLY0YyemJNN0pNMm1CVFNCSkFvYWFLUWhmREljL1A3Vk9YV2NocFZLNmdNcFk2azN2SnZqYzhtVUNMcG41akhRTTBRNlVBYk5HeGtGZVljMHdLci9XL3NZTnV3PXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: http://paletton.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1699
content-length: 482
expires: 0

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 296 B
652 B 250ms
139ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.13.10 /
Resource Hash: 838e8849e28c2ad9a08816be6d9d284f9f585bbb62b75c1f74c3b4954d5a474e

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Aug 2020 00:58:42 GMT
Content-Encoding: gzip
Server: nginx/1.13.10
Vary: Accept-Encoding, Origin
Content-Type: application/json
Access-Control-Allow-Origin: http://paletton.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 464 B
1 KB 156ms
60ms XHR
application/json 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

20a2fef6535c671d61a50aae613094bbc16a0e0261d3e9ae33262798be1457da

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Aug 2020 00:58:42 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.41:80
AN-X-Request-Uuid: 01ffe394-c8c7-4d06-b18a-8a963b5fb9cd
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://paletton.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 464
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
351 B 201ms
70ms XHR
text/plain 34.242.228.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?p=%5B%7B%22placement_id%22%3A%2212008366-45b3-4d74-9eed-985d7d8c3a99%22%2C%22callback_id%22%3A%22325a723f4e3e157%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%222353779532734866045%22%2C%22bidFloor%22%3A0.01%7D%2C%7B%22placement_id%22%3A%22f8a0bd64-5e33-4e58-85e1-4ae1619879fd%22%2C%22callback_id%22%3A%22335516f9f90c087%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222353779532835529342%22%2C%22bidFloor%22%3A0.01%7D%2C%7B%22placement_id%22%3A%22f7526483-1b04-4a3d-90ef-dd8ab5d145e9%22%2C%22callback_id%22%3A%223459cf94ad56ab7%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222353779532642591356%22%2C%22bidFloor%22%3A0.01%7D%2C%7B%22placement_id%22%3A%22ddc51020-a7dd-4cea-bb59-d4bc650a2eb6%22%2C%22callback_id%22%3A%2235c0a84398e2516%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%222353779533003301504%22%2C%22bidFloor%22%3A0.01%7D%5D&page_url=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&bust=1597625922703&pr=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&scrd=1&dnt=false&e=0&description=In%20love%20with%20colors%2C%20since%202002.%20A%20designer%20tool%20for%20creating%20color%20combinations%20that%20work%20together%20well.%20Formerly%20known%20as%20Color%20Scheme%20Designer.%20Use%20the%20color%20wheel%20to%20create%20great%20color%20palettes.&title=Paletton%20-%20The%20Color%20Scheme%20Designer&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=2d4fb90c-0ad3-43de-8890-f097396cbdb4&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s79%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.228.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-228-34.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Aug 2020 00:58:42 GMT
status: 204
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://paletton.com
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-request-headers: Cache-Control, Pragma

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/78930/0/ 0
268 B 207ms
56ms XHR
text/plain 213.19.147.210
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/78930/0/mvo?z=1r&hbv=3.26,2.1
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://paletton.com
Pragma: no-cache
Date: Mon, 17 Aug 2020 00:58:42 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: Tengine
Connection: keep-alive

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
423 B 172ms
57ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Aug 2020 00:58:42 GMT
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: http://paletton.com
access-control-allow-credentials: true
cf-ray: 5c3f72c1ddcf9c09-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 049b860d2900009c09be138200000001

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 496 B
1 KB 162ms
67ms XHR
application/json 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

27ff7ba3bedcc63bea7c0da0b709cbbd73fb356696ca294ada4045182be52c8b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Aug 2020 00:58:42 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.80:80
AN-X-Request-Uuid: 026a94a0-8a8e-449e-871e-dfb012d81b66
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://paletton.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 496
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
985 B 243ms
135ms XHR
application/json 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=337263&v=7.2&r=%7B%22id%22%3A%2251ca612f4417e9e%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22529a598d279924f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337263%22%2C%22sid%22%3A%22728x90%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2253c3210b263302f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337263%22%2C%22sid%22%3A%22970x90%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22548a0cbba6e8225%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337265%22%2C%22sid%22%3A%22160x600%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%225551105e307b94%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337267%22%2C%22sid%22%3A%22300x250%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22563bbd5bc143a79%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337264%22%2C%22sid%22%3A%22728x90%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22574f64684b92b1c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337264%22%2C%22sid%22%3A%22970x90%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s79%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 920f93ffa03bf6bc02da499e4698fd28b97acf38b63ef57429de6a6cff873ffa

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Aug 2020 00:58:42 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: http://paletton.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Mon, 17 Aug 2020 00:58:42 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 262 B
2 KB 256ms
114ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=209282&zone_id=1029704&size_id=55&alt_size_ids=117&rp_schain=1.0,1!adapex.io,s79,1,,,&rf=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&tk_flint=pbjs_lite_v3.26.0&x_source.tid=f6aa42cc-8f7f-4ef2-9cd7-8d2352b643d0&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.640483986969631
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: ce132944e0795471833105b78b52ad891c5b239ce74cda31be232fbdfbbb30e6

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Aug 2020 00:58:42 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://paletton.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 262
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
2 KB 251ms
109ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=209282&zone_id=1029708&size_id=9&rp_schain=1.0,1!adapex.io,s79,1,,,&rf=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&tk_flint=pbjs_lite_v3.26.0&x_source.tid=6949a5ad-40ed-49df-9ffc-3cbf3be9472b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3225192304145732
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: dc422a7171f398a453cfe1de84003ee589fe0e7371db41e8c95b954db5b4c20a

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Aug 2020 00:58:42 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://paletton.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 3 KB
3 KB 257ms
116ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=209282&zone_id=1113722&size_id=15&rp_schain=1.0,1!adapex.io,s79,1,,,&rf=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&tk_flint=pbjs_lite_v3.26.0&x_source.tid=7d082a4b-352f-459f-a086-bc7ebc4490e9&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7576561200328642
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 0231264c406dd6161cd30ce55291449962a191eefd1069e8ab65a09bfea56d71

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Aug 2020 00:58:42 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://paletton.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 1457
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 262 B
2 KB 258ms
117ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=209282&zone_id=1029706&size_id=55&alt_size_ids=117&rp_schain=1.0,1!adapex.io,s79,1,,,&rf=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&tk_flint=pbjs_lite_v3.26.0&x_source.tid=7f682db3-b72c-47b8-a177-c5f80a7daf32&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.08657986172885135
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 899fd48b4c04a77b990189c421b5c6bade73123ba480a31d0aadcce4a5e8fa43

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Aug 2020 00:58:42 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://paletton.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 262
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
627 B 406ms
136ms XHR
application/json 52.44.109.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.109.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-109-214.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 08a87c858f232bb558f8aff50b81b5bb85ad50e7a5ffa70dff0ca72a08760221

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Aug 2020 00:58:43 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://paletton.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
636 B 407ms
137ms XHR
application/json 52.44.109.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.109.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-109-214.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 945eb280e0ea53f496c8f44e5d8ff9e6b89caf045846d31dbc9d103188a4c829

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Aug 2020 00:58:43 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://paletton.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
629 B 406ms
137ms XHR
application/json 52.44.109.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.109.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-109-214.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: b9f9a63dce6e1978e51a4d8ca4d27330228ada97fbfd686a1749f00078898bb4

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Aug 2020 00:58:43 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://paletton.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
636 B 407ms
138ms XHR
application/json 52.44.109.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.109.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-109-214.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 582266676eeeb9fa8fa159c085cc3e96b9ee2674f2c6b51abfd31118794e823b

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Aug 2020 00:58:43 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://paletton.com
access-control-allow-credentials: true

GET
H2

200

ADTECH;cfp=1;rndc=1597625922;v=2;cmd=bid;cors=yes;alias=7535fcfbc446928;misc=1597625922723;bidfloor=0.01 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=7535fcfbc446928;misc=1597625922723;bidfloor=0.01;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;cfp=1;rndc=1597625922;v=2;cmd=bid;cors=yes;alias=7535fcfbc446928;misc=1597625922723;bidfloor=0.01

1 KB
2 KB

137ms
137ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;cfp=1;rndc=1597625922;v=2;cmd=bid;cors=yes;alias=7535fcfbc446928;misc=1597625922723;bidfloor=0.01
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 00937aa0673a32309e417179ca32ac012b38e33ee27d37377a8984e98353bdae

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Aug 2020 00:58:43 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 1468
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Aug 2020 00:58:43 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;cfp=1;rndc=1597625922;v=2;cmd=bid;cors=yes;alias=7535fcfbc446928;misc=1597625922723;bidfloor=0.01
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

200

ADTECH;apid=1Acbb30602-e024-11ea-a472-12a779b12fd4;cfp=1;rndc=1597625922;v=2;cmd=bid;cors=yes;alias=76a333e101ca245;misc=1597625922724;bidfloor=0.01 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=76a333e101ca245;misc=1597625922724;bidfloor=0.01;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;cfp=1;rndc=1597625922;v=2;cmd=bid;cors=yes;alias=76a333e101ca245;misc=1597625922724;bidfloor=0.01
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;apid=1Acbb30602-e024-11ea-a472-12a779b12fd4;cfp=1;rndc=1597625922;v=2;cmd=bid;cors=yes;alias=76a333e101ca245;misc=15...

1 KB
2 KB

146ms
146ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;apid=1Acbb30602-e024-11ea-a472-12a779b12fd4;cfp=1;rndc=1597625922;v=2;cmd=bid;cors=yes;alias=76a333e101ca245;misc=1597625922724;bidfloor=0.01
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: c2aed5bf8194c37ebd1a16c093e0a301596aa978e9f43716baaaa519dd539c19

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Aug 2020 00:58:43 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 1468
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Aug 2020 00:58:42 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;apid=1Acbb30602-e024-11ea-a472-12a779b12fd4;cfp=1;rndc=1597625922;v=2;cmd=bid;cors=yes;alias=76a333e101ca245;misc=1597625922724;bidfloor=0.01
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
110 B 171ms
56ms XHR
text/plain 35.158.189.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=tN4Arb9GkMNhhgit8KqovNUg&bidId=7205deeeb8b07df&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.26.0&strVersion=3.2.1&secure=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s79%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.189.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-189-107.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 17 Aug 2020 00:58:42 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://paletton.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
110 B 172ms
57ms XHR
text/plain 35.158.189.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=mhQWFcHAvF3LzUEVgPqfJEio&bidId=732f39787d3cc4a&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.26.0&strVersion=3.2.1&secure=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s79%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.189.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-189-107.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 17 Aug 2020 00:58:42 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://paletton.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
110 B 170ms
57ms XHR
text/plain 35.158.189.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=gCdAjVCTGnETBTUUg7Eztsya&bidId=74941d5f7df5b98&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.26.0&strVersion=3.2.1&secure=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s79%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.189.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-189-107.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 17 Aug 2020 00:58:42 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://paletton.com
vary: Origin

GET
H/1.1 200
OK bg-pane.png
paletton.com/img/ 351 B
646 B 206ms
206ms Image
image/png 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://paletton.com/img/bg-pane.png
Requested by: Host: paletton.com
URL: http://paletton.com/css/css/default2.css?v=20180422-2
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 03a81e8d1eb1ade2a13d541d80ef1919d56b30e7839773c26f6ab84928ba06be

Request headers

Referer: http://paletton.com/css/css/default2.css?v=20180422-2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:42 GMT
Last-Modified: Wed, 17 Jun 2020 13:12:13 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71
Content-Length: 351

GET
H/1.1 200
OK ui-bg_flat_0_282828_40x100.png
paletton.com/css/jqui/images/ 230 B
525 B 197ms
197ms Image
image/png 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://paletton.com/css/jqui/images/ui-bg_flat_0_282828_40x100.png
Requested by: Host: paletton.com
URL: http://paletton.com/css/jqui/jquery-ui-1.10.4.custom.css
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 2a11c3cacfbded7041489b3c0e3656c809c54ea434ba85f0b5b1c3a814238632

Request headers

Referer: http://paletton.com/css/jqui/jquery-ui-1.10.4.custom.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:42 GMT
Last-Modified: Wed, 17 Jun 2020 13:12:00 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 230

GET
H/1.1 200
OK ui-bg_glass_0_303030_1x400.png
paletton.com/css/jqui/images/ 207 B
502 B 200ms
199ms Image
image/png 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://paletton.com/css/jqui/images/ui-bg_glass_0_303030_1x400.png
Requested by: Host: paletton.com
URL: http://paletton.com/css/jqui/jquery-ui-1.10.4.custom.css
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 39067599e3398209915689830a0ae6562c493905b2ba52e4e4f51e62d7f69f13

Request headers

Referer: http://paletton.com/css/jqui/jquery-ui-1.10.4.custom.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:42 GMT
Last-Modified: Wed, 17 Jun 2020 13:12:01 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 207

GET
H/1.1 200
OK wheel_1.png
paletton.com/img/ 19 KB
20 KB 196ms
195ms Image
image/png 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://paletton.com/img/wheel_1.png
Requested by: Host: paletton.com
URL: http://paletton.com/css/css/default2.css?v=20180422-2
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: f0450e0d9069c0dc6ca8ae95f039f5e804fd7677abb488539a501c75a2937452

Request headers

Referer: http://paletton.com/css/css/default2.css?v=20180422-2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:42 GMT
Last-Modified: Wed, 17 Jun 2020 13:12:19 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 19680

GET
H/1.1 200
OK wheel_2.png
paletton.com/img/ 18 KB
18 KB 210ms
209ms Image
image/png 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://paletton.com/img/wheel_2.png
Requested by: Host: paletton.com
URL: http://paletton.com/css/css/default2.css?v=20180422-2
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 6679c20efcce098f1228e4cedf3021692f0b284115b040dda592bd0173ff8739

Request headers

Referer: http://paletton.com/css/css/default2.css?v=20180422-2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:42 GMT
Last-Modified: Wed, 17 Jun 2020 13:12:19 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 18313

GET
H/1.1 200
OK wheel_3.png
paletton.com/img/ 20 KB
20 KB 198ms
197ms Image
image/png 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://paletton.com/img/wheel_3.png
Requested by: Host: paletton.com
URL: http://paletton.com/css/css/default2.css?v=20180422-2
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 3e83640841db25203191361f884ae3396f0ca41611d61c83e7b7f8ecbbff59ba

Request headers

Referer: http://paletton.com/css/css/default2.css?v=20180422-2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:42 GMT
Last-Modified: Wed, 17 Jun 2020 13:12:20 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 20045

GET
H/1.1 200
OK wheel_4.png
paletton.com/img/ 18 KB
18 KB 427ms
241ms Image
image/png 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://paletton.com/img/wheel_4.png
Requested by: Host: paletton.com
URL: http://paletton.com/css/css/default2.css?v=20180422-2
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: cadb948cbbfeee8fce2ae36727c6fabc3fdd55ff4fc10998553a1b8e2e72a963

Request headers

Referer: http://paletton.com/css/css/default2.css?v=20180422-2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:43 GMT
Last-Modified: Wed, 17 Jun 2020 13:12:20 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 18489

GET
H/1.1 200
OK wheel-over.png
paletton.com/img/ 7 KB
7 KB 395ms
201ms Image
image/png 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://paletton.com/img/wheel-over.png
Requested by: Host: paletton.com
URL: http://paletton.com/css/css/default2.css?v=20180422-2
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: c5dc61f3b52dd55dd71e5e57efbf5e2d9273654abc821aa419043f054d9e6b66

Request headers

Referer: http://paletton.com/css/css/default2.css?v=20180422-2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:43 GMT
Last-Modified: Wed, 17 Jun 2020 13:12:19 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 7324

GET
H/1.1 200
OK default.html Show response
paletton.com/preview/ Frame 1840 3 KB
1 KB 368ms
209ms Document
text/html 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://paletton.com/preview/default.html
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: ce339d9a4b54d3059f621cfe4e76235aa61312b6e28895a02b409ce2493b7f03

Request headers

Host: paletton.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://paletton.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: OptanonConsent=landingPath=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&datestamp=Mon+Aug+17+2020+02%3A58%3A41+GMT%2B0200+(Central+European+Summer+Time)&version=4.9.0; _uc_referrer=direct; _aaw_sesdepth=1; __atuvc=1%7C34; __atuvs=5f39d6424e73ab25000; testcookie=1; _ga=GA1.2.173610426.1597625923; _gid=GA1.2.583099613.1597625923; _pubcid=2d4fb90c-0ad3-43de-8890-f097396cbdb4; Paletton=%7B%22LNG%22%3A%22en%22%2C%22PRV%22%3A%22def%22%7D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://paletton.com/

Response headers

Date: Mon, 17 Aug 2020 00:58:43 GMT
Server: Apache
Last-Modified: Wed, 17 Jun 2020 13:12:31 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 776
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK eye.png
paletton.com/img/ 373 B
668 B 225ms
225ms Image
image/png 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://paletton.com/img/eye.png
Requested by: Host: paletton.com
URL: http://paletton.com/css/css/default2.css?v=20180422-2
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: b591532ea43780c27ee2f59079c4ad5f0389197b204c6ce269c8591db9681cdd

Request headers

Referer: http://paletton.com/css/css/default2.css?v=20180422-2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:43 GMT
Last-Modified: Wed, 17 Jun 2020 13:12:14 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 373

GET
H/2+Q/46

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j83&a=1391014161&t=pageview&_s=1&dl=http%3A%2F%2Fpaletton.com%2F&dp=%2Fview%2Fdefault&ul=en-us&de=UTF-8&dt=App%20(default)&sd=24-bit&sr=1600x1200&vp=1...
https://www.google-analytics.com/collect?v=1&_v=j83&a=1391014161&t=pageview&_s=1&dl=http%3A%2F%2Fpaletton.com%2F&dp=%2Fview%2Fdefault&ul=en-us&de=UTF-8&dt=App%20(default)&sd=24-bit&sr=1600x1200&vp=...

35 B
372 B

35ms
22ms

Image
image/gif

2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j83&a=1391014161&t=pageview&_s=1&dl=http%3A%2F%2Fpaletton.com%2F&dp=%2Fview%2Fdefault&ul=en-us&de=UTF-8&dt=App%20(default)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KChAgAAB~&jid=745361690&gjid=2044219109&cid=173610426.1597625923&tid=UA-51179325-1&_gid=583099613.1597625923&cd1=en&cd2=mono&cd3=&z=116963196

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Aug 2020 16:34:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 462277
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j83&a=1391014161&t=pageview&_s=1&dl=http%3A%2F%2Fpaletton.com%2F&dp=%2Fview%2Fdefault&ul=en-us&de=UTF-8&dt=App%20(default)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KChAgAAB~&jid=745361690&gjid=2044219109&cid=173610426.1597625923&tid=UA-51179325-1&_gid=583099613.1597625923&cd1=en&cd2=mono&cd3=&z=116963196
Non-Authoritative-Reason: HSTS

GET
H2 200 collect
stats.g.doubleclick.net/r/ 35 B
99 B 15ms
15ms Image
image/gif 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-51179325-1&cid=173610426.1597625923&jid=745361690&gjid=2044219109&_gid=583099613.1597625923&_u=KChAgAAB~&z=2056926301

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 17 Aug 2020 00:58:42 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pv Show response
backend.upapi.net/ 0
105 B 307ms
215ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://backend.upapi.net/pv?pid=ETZmHGSY&br=chrome&sid=Xyyp6ngW&w=5684516622434304&cv=9942206c-v2&r=false&upapi=true
Requested by: Host: mrb.upapi.net
URL: http://mrb.upapi.net/code?w=5684516622434304&uponit=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 17 Aug 2020 00:58:43 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: http://paletton.com
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2 200 layers.33f5b85045a5f2308467.js Show response
s7.addthis.com/static/ 263 KB
76 KB 54ms
54ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.33f5b85045a5f2308467.js

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

137e41c449677deb7c8da3afde63fc781b095bb028f78b789be44192e8e3f4be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-41b9f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Mon, 17 Aug 2020 00:58:42 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77540

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
415 B 38ms
38ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=ovlp&adf=2671766170&client=ca-pub-3730271461974795&eid=42530557%2C42530559%2C21066124%2C21066435%2C21066897%2C21066706&et=2&io=0&saldr=aa&oa=0.00&qid=COml6KyEoesCFaiCgwcdsnYHKg&roa=0&slot=3692792068&sp=0%2C0&tgt=ins%2Faswift_0_expand.0&tr=391%2C245%2C1119%2C260&url=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&vp=1600x1200

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Aug 2020 00:58:42 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
graph.facebook.com/ 255 B
869 B 107ms
101ms Script
text/javascript 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: http://graph.facebook.com/?id=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_2sim0
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: HTTP/1.1
Server: 2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: bd8a930a5868e8b086559bfe13457258962d2d5b05401c934e0a935b2b2f2e09

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:43 GMT
Content-Encoding: gzip
x-fb-rev: 1002522797
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
Content-Length: 198
Pragma: no-cache
X-FB-Debug: VChi+RveYDC0UMOw1NPAZ1MiKvpl6jYqAFePTBd/5dpBtz3WLTdUuGuP/LlD6Ot92CMEQ+ETKb6wDyog7OP+iA==
x-fb-trace-id: GWPjF04COo5
ETag: "7df802e0c05716ffe6537a4e9c718633e7c277f1"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
x-fb-request-id: ABOZl-kQtWRzQSOeQPJaw-U
Cache-Control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.1
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

shares.json Show response
api-public-oci-origin.addthis.com/url/
Redirect Chain

http://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&callback=_ate.cbs.rcb_3g6h0
https://api-public-oci-origin.addthis.com/url/shares.json?url=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&callback=_ate.cbs.rcb_3g6h0

35 B
311 B

570ms
189ms

Script
application/json

129.146.196.240
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public-oci-origin.addthis.com/url/shares.json?url=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&callback=_ate.cbs.rcb_3g6h0

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.146.196.240 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

nginx/1.15.8 /

Resource Hash

bf1e7c6855f974e3ada0142d5d936635e1fcd36489ab33337502a435dfcf4b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 17 Aug 2020 00:58:43 GMT
surrogate-key: paletton.com/#uid=1000u0kllllafw0g0qfqfg0w0af
last-modified: Mon, 17 Aug 2020 00:58:43 GMT
server: nginx/1.15.8
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 35

Redirect headers

Location: https://api-public-oci-origin.addthis.com/url/shares.json?url=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&callback=_ate.cbs.rcb_3g6h0
Date: Mon, 17 Aug 2020 00:58:43 GMT
Server: nginx/1.15.8
Connection: keep-alive
Content-Length: 171
Content-Type: text/html

GET
H/1.1 200
OK / Show response
graph.facebook.com/ 255 B
869 B 105ms
99ms Script
text/javascript 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: http://graph.facebook.com/?id=https%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_75xv0
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: HTTP/1.1
Server: 2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: cfcca9088357c8e1dd7736e665bb6dbe5ddcfa56dc2f80351566688ee0d7e8bf

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:43 GMT
Content-Encoding: gzip
x-fb-rev: 1002522797
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
Content-Length: 198
Pragma: no-cache
X-FB-Debug: 2CPLxEU6ofTLyf52D/LQ9PsC+Tg92MIRkYFS1JRSXxmmhTaNPF7PXn4YxyUL2MIKE3WFM8lucd5F0ZQzdNTbNw==
x-fb-trace-id: CEk4u4gHxdA
ETag: "01792d311a8db37b00381ea5eb118735f09f5e95"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
x-fb-request-id: AaCXG1pDS75HG-VU9x_9tAn
Cache-Control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.1
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

shares.json Show response
api-public-oci-origin.addthis.com/url/
Redirect Chain

http://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&callback=_ate.cbs.rcb_8wz60
https://api-public-oci-origin.addthis.com/url/shares.json?url=https%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&callback=_ate.cbs.rcb_8wz60

35 B
312 B

563ms
189ms

Script
application/json

129.146.196.240
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public-oci-origin.addthis.com/url/shares.json?url=https%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&callback=_ate.cbs.rcb_8wz60

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.146.196.240 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

nginx/1.15.8 /

Resource Hash

2b165d80858704d9fdc67f2b05fa5ab701c254203c9f9b8bd4f1fd695cf0c47a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 17 Aug 2020 00:58:43 GMT
surrogate-key: paletton.com/#uid=1000u0kllllafw0g0qfqfg0w0af
last-modified: Mon, 17 Aug 2020 00:58:43 GMT
server: nginx/1.15.8
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 35

Redirect headers

Location: https://api-public-oci-origin.addthis.com/url/shares.json?url=https%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&callback=_ate.cbs.rcb_8wz60
Date: Mon, 17 Aug 2020 00:58:43 GMT
Server: nginx/1.15.8
Connection: keep-alive
Content-Length: 171
Content-Type: text/html

GET
H/1.1

200
OK

Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame EA91
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_r1u_cnv
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_r1u_cnv&dcc=t

0
0

215ms
215ms

Document
text/html

52.95.124.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_r1u_cnv&dcc=t
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://paletton.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=AwAfFPDppU4YjBqiznBrHcY|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://paletton.com/

Response headers

Server: Server
Date: Mon, 17 Aug 2020 00:58:43 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 189
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=AwAfFPDppU4YjBqiznBrHcY; Domain=.amazon-adsystem.com; Expires=Thu, 01-Apr-2021 00:58:43 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Oct-2025 00:58:43 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Mon, 17 Aug 2020 00:58:43 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_r1u_cnv&dcc=t
Set-Cookie: ad-id=AwAfFPDppU4YjBqiznBrHcY|t; Domain=.amazon-adsystem.com; Expires=Thu, 01-Apr-2021 00:58:43 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

GET
H/1.1 200
OK jquery-ui-1.10.4.custom.css
paletton.com/css/jqui/ Frame 1840 31 KB
8 KB 213ms
211ms Stylesheet
text/css 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://paletton.com/css/jqui/jquery-ui-1.10.4.custom.css
Requested by: Host: paletton.com
URL: http://paletton.com/preview/default.html
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 9275fc6aca0d205550d5dac655167f97ab867ac8d9daf3d809168a0cb1367e95

Request headers

Referer: http://paletton.com/preview/default.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jun 2020 13:12:03 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=69
Content-Length: 7455

GET
H/1.1 200
OK common.css
paletton.com/preview/ Frame 1840 183 B
476 B 211ms
210ms Stylesheet
text/css 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://paletton.com/preview/common.css
Requested by: Host: paletton.com
URL: http://paletton.com/preview/default.html
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 0044309d787293331cf7c18367115d0126a51f6a4107ea8479fcef7c4c091f58

Request headers

Referer: http://paletton.com/preview/default.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jun 2020 13:12:31 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 135

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.0/ Frame 1840 82 KB
29 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js

Requested by

Host: paletton.com
URL: http://paletton.com/preview/default.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/preview/default.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 11 Aug 2020 01:37:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Age: 516083
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 29478
X-XSS-Protection: 0
Expires: Wed, 11 Aug 2021 01:37:20 GMT

GET
H/1.1 200
OK jquery-ui-1.10.4.custom.min.js Show response
paletton.com/js/lib/ Frame 1840 223 KB
80 KB 213ms
212ms Script
application/javascript 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://paletton.com/js/lib/jquery-ui-1.10.4.custom.min.js
Requested by: Host: paletton.com
URL: http://paletton.com/preview/default.html
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: 9a21963af0fc87d11e1deac7b030915e75fddf4378d2fa2eb55b8d6f6f453b44

Request headers

Referer: http://paletton.com/preview/default.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jun 2020 13:12:28 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600, public, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73

GET
H/1.1 200
OK init.js Show response
paletton.com/preview/ Frame 1840 692 B
736 B 211ms
200ms Script
application/javascript 67.20.76.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://paletton.com/preview/init.js
Requested by: Host: paletton.com
URL: http://paletton.com/preview/default.html
Protocol: HTTP/1.1
Server: 67.20.76.187 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: host2027.hostmonster.com
Software: Apache /
Resource Hash: ee821f0f1edcccad109280a2ae9279957f8373d81b612421c3a263f280de5444

Request headers

Referer: http://paletton.com/preview/default.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 17 Aug 2020 00:58:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jun 2020 13:12:31 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600, public, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71
Content-Length: 381

GET
H/2+Q/46 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 71 KB
9 KB 198ms
197ms XHR
text/plain 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4261934358425384&correlator=3155996305387938&output=ldjh&impl=fifs&adsid=NT&eid=21064368%2C21066904%2C21066942%2C21066706&vrg=2020080501&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200817&iu_parts=21794835430%2CPALET_1_970v%2CPALET_2_120X654_Left%2CPALET_1_300v%2CPALET_2_970v&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%7C970x90%2C160x600%7C120x600%7C120x240%7C120x654%2C320x50%7C300x250%7C336x280%2C728x90%7C970x90&fluid=0%2C0%2Cheight%2C0&prev_scp=refreshIteration%3D0%26refresh_count%3D0%26amznbid%3D2%26amznp%3D2%7CrefreshIteration%3D0%26refresh_count%3D0%26amznbid%3D2%26amznp%3D2%7CrefreshIteration%3D0%26refresh_count%3D0%26amznbid%3D2%26amznp%3D2%7CrefreshIteration%3D0%26refresh_count%3D0%26amznbid%3D2%26amznp%3D2&cust_params=wrapversion%3D3%26browserLangCode%3DEN-US%26sesDepth%3D1%26referrer%3D_none&cookie_enabled=1&bc=23&abxe=1&lmt=1596098076&dt=1597625923265&dlt=1597625921522&idt=1339&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C1295%2C-31%2C325&adys=10%2C125%2C125%2C825&adks=2114342894%2C350028081%2C1258262368%2C197962113&ucis=1%7C2%7C3%7C4&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&dssz=37&icsg=2254136544274976&std=0&vis=1&scr_x=0&scr_y=0&psz=1600x25%7C160x600%7C300x250%7C950x25&msz=1600x90%7C160x600%7C300x250%7C950x90&ga_vid=173610426.1597625923&ga_sid=1597625923&ga_hid=1391014161&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ca2d0c4d487935644c340668acaef4b71796c8f0eee76ff10c9018210a591130

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 17 Aug 2020 00:58:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8941
x-xss-protection: 0
google-lineitem-id: 5384431172,5384431172,5384431172,5384431172
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138312805781,138312821814,138316219596,138312821268
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://paletton.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
5d03b48982630f9f1bfcf5487d9befe8.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 75ms
40ms Other
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://5d03b48982630f9f1bfcf5487d9befe8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/2+Q/46 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 26ms
12ms Other
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js
Protocol: HTTP/2+QUIC/46
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012007302351000/ Frame BD89 206 KB
57 KB 70ms
40ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68ff86e6a3bc683739e7190e4efaff20bbafe0d89c99c42c1b17163ef5203968

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 72645
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57393
x-xss-protection: 0
server: sffe
date: Sun, 16 Aug 2020 04:47:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6c9ea7f49fde3b6d"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Aug 2021 04:47:58 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012007302351000/v0/ Frame BD89 96 KB
29 KB 178ms
148ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41f07eced66e12809bec654b0a18677a78a7814525dcb6b99934d0b4bcecfc4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 72666
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29738
x-xss-protection: 0
server: sffe
date: Sun, 16 Aug 2020 04:47:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c56a9dc6dcfd844b"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Aug 2021 04:47:37 GMT

GET
DATA 200
OK truncated
/ Frame BD89 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c034c5449892b757578f47372b8ad2abe92493e887ba51bc95c109a7f7c596d8

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012007302351000/ Frame 6DC4 206 KB
56 KB 294ms
268ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68ff86e6a3bc683739e7190e4efaff20bbafe0d89c99c42c1b17163ef5203968

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 72645
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57393
x-xss-protection: 0
server: sffe
date: Sun, 16 Aug 2020 04:47:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6c9ea7f49fde3b6d"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Aug 2021 04:47:58 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012007302351000/v0/ Frame 6DC4 96 KB
29 KB 141ms
116ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41f07eced66e12809bec654b0a18677a78a7814525dcb6b99934d0b4bcecfc4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 72666
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29738
x-xss-protection: 0
server: sffe
date: Sun, 16 Aug 2020 04:47:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c56a9dc6dcfd844b"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Aug 2021 04:47:37 GMT

GET
DATA 200
OK truncated
/ Frame 6DC4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e40983eaca84dd50a52b671ac07b067ac7db19050d974f5fc1ca4a9f6c83b5cd

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012007302351000/ Frame 813D 206 KB
56 KB 251ms
230ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68ff86e6a3bc683739e7190e4efaff20bbafe0d89c99c42c1b17163ef5203968

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 72645
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57393
x-xss-protection: 0
server: sffe
date: Sun, 16 Aug 2020 04:47:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6c9ea7f49fde3b6d"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Aug 2021 04:47:58 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012007302351000/v0/ Frame 813D 96 KB
29 KB 120ms
98ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41f07eced66e12809bec654b0a18677a78a7814525dcb6b99934d0b4bcecfc4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 72666
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29738
x-xss-protection: 0
server: sffe
date: Sun, 16 Aug 2020 04:47:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c56a9dc6dcfd844b"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Aug 2021 04:47:37 GMT

GET
DATA 200
OK truncated
/ Frame 813D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1f1815258088d6bc670cc7a918b8674537233fd3e191f99a526f8b932ed63cf

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/2+Q/46 200 4140793793443590375
tpc.googlesyndication.com/simgad/ Frame BD89 45 KB
45 KB 9ms
6ms Image
image/png 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4140793793443590375

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1824bab1e2782d1b99ade3f9635c5aa4a06fd6aa15c77614cfd57ae19234494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 18:35:47 GMT
x-content-type-options: nosniff
age: 541376
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46204
x-xss-protection: 0
last-modified: Fri, 29 May 2020 08:13:38 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Aug 2021 18:35:47 GMT

GET
H/2+Q/46 200 view
securepubads.g.doubleclick.net/pcs/ Frame BD89 0
21 B 85ms
82ms Image
image/gif 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoGottwaCk6nj5F6x7JRuTz_uUWcWrN2qfe8wh13vwIIYbKqNWa3ePrtQYEk3vSa1lhO4uVRDS5GfPmwd0XLrMf79J_gEOGeYmhTBBCimk--lUR_-ZXqY9j_X9IZ-qZgS-qsXu_mBnqjsiCXxQ01oxLsK5vyRxEAxkkNZYpA_TL71lj-idOy_R1eo12oOVfTY_WwuD25YG7iqaPxkfwChvnpfwQeVFsZqibBq9lnYC5pJ-zC0JuKz49Kd9MH9pl-2LO1YqEWhnuSyjLOLXplCWM89e_4Cwww&sig=Cg0ArKJSzF2do7tbBDgbEAE&adurl=

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 Aug 2020 00:58:43 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame BD89 0
0 16ms
13ms Image
text/html 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaS_YGiUqYDKxrIuXnMZ63M9P2NtqUYDTG-Dt5BlahNqcruVrsGgjGc-OsHXiTNxvvA28309WKuBmdtWYjqk0n6x95rzmw
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/2+Q/46 200 4422985656148067554
tpc.googlesyndication.com/simgad/ Frame 6DC4 91 KB
91 KB 18ms
15ms Image
image/png 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4422985656148067554

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35b38352f5082cc78e337213fee6fae8be605e96720891d92a7fc945a80ae8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 08 Aug 2020 07:30:56 GMT
x-content-type-options: nosniff
age: 754067
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93154
x-xss-protection: 0
last-modified: Fri, 29 May 2020 08:14:30 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Aug 2021 07:30:56 GMT

GET
H/2+Q/46 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6DC4 0
39 B 84ms
82ms Image
image/gif 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFTLIaUeWwWQ6123FyL9iLGKUG10ukb9ZWh1-aj_FBIZsI17otl-2uGQ5ycJYoOYTz8a1or7pK970XXejaULyM949qKvTiGKOf0aiOQNo7J53EORN6TdRPASja9Mh8EjPzYunQE_FiDW6aqiBjQFKssesIWk5Xwf4kzlkSAFz342a3sKEKkcKDLJLZxuv8mfD3A-O2y8N5i3BzxNzLAmzBs3HGC71wSEj8a1xLbnUqUi0v8_aaZ5k2-W2F_ZvgX1JtUFUNVXwmaMEYXqY9sRWFRHY0OkJ9bl3H_jmX7IXJ&sig=Cg0ArKJSzLthnVKMhpBtEAE&adurl=

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 Aug 2020 00:58:43 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame 6DC4 0
0 17ms
15ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaTkcsuI0jPmIDYMHmN_hi5VVdeFOs9fHTc8sHnLIBR08WB9ytsnehkul0xNs37eY8DCoEn4fviSmJiZx_pHbgLH8X67UQ
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/2+Q/46 200 698081795534456702
tpc.googlesyndication.com/simgad/ Frame 813D 43 KB
43 KB 14ms
12ms Image
image/png 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/698081795534456702

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3831b90fed7a4961de033fb9be5611461c92b8ff7127a49c800b96e0b3f9f07c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 07:01:48 GMT
x-content-type-options: nosniff
age: 410215
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43743
x-xss-protection: 0
last-modified: Sun, 05 Jul 2020 13:43:02 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 07:01:48 GMT

GET
H/2+Q/46 200 view
securepubads.g.doubleclick.net/pcs/ Frame 813D 0
21 B 85ms
82ms Image
image/gif 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLiVfIWlPZUYuOg74bJbWxmDDPZNtowMBUHRH70mH7KsTwoXvQRsZVS5E67BzubBRv12fZ-lPhqbrrkrsnI3BXU-UypLY3wfmgWlnU5TQdUxavv27U02fPS7uWHNU5rmFSUird5QBNy8HAjewYSjh02g0-_jtC5Na-bZVPhloU7MCp5eZDdMIaTso4WllUAaIdckoyOUksnEFhuo0op4Tet9YjBcCEHwVcmb2gtMjZVy5Cn3k7hHKp8TbHed7D2qmFH4w6dM4UxdEFAnAmxpWYERv7d4DqpQ&sig=Cg0ArKJSzP3Yx7CVTQpaEAE&adurl=

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 Aug 2020 00:58:43 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame 813D 0
0 20ms
13ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaRsNb311_MXEgUjfvtik_eGkKx6qRDnRCVZ6iWuPTiLvCikARsuzg-4KJsdVeROPBB1ld37KtOXCEOE6jQiIUSRzZsfTQ
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012007302351000/ Frame 11E3 206 KB
56 KB 190ms
183ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68ff86e6a3bc683739e7190e4efaff20bbafe0d89c99c42c1b17163ef5203968

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 72645
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57393
x-xss-protection: 0
server: sffe
date: Sun, 16 Aug 2020 04:47:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6c9ea7f49fde3b6d"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Aug 2021 04:47:58 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012007302351000/v0/ Frame 11E3 96 KB
29 KB 159ms
152ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41f07eced66e12809bec654b0a18677a78a7814525dcb6b99934d0b4bcecfc4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 72666
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29738
x-xss-protection: 0
server: sffe
date: Sun, 16 Aug 2020 04:47:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c56a9dc6dcfd844b"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Aug 2021 04:47:37 GMT

GET
DATA 200
OK truncated
/ Frame 11E3 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6351eef98afd28e4147aa4e87a197c4dc29dcf7fe364b17e88a38aeb8ea2fcbc

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/2+Q/46 200 1079765698728896456
tpc.googlesyndication.com/simgad/ Frame 11E3 10 KB
10 KB 11ms
6ms Image
image/png 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1079765698728896456

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58e30add046061837a870a7948d3bf5846887d7044218aab5296bcf610cabf2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 07:01:48 GMT
x-content-type-options: nosniff
age: 410215
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9841
x-xss-protection: 0
last-modified: Fri, 29 May 2020 08:12:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 07:01:48 GMT

GET
H/2+Q/46 200 view
securepubads.g.doubleclick.net/pcs/ Frame 11E3 0
21 B 86ms
81ms Image
image/gif 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvuq2WtBSLVNSaU5vucKqQZAfCcnprL4L9fG-0jjTvlmv3hcU--KMsnMRCb7g20UqVpWeWtTy76iGe7N-7pr57H_eovhpgFZe2ucJiJ-_OAf8cFT6L-yU4q0z-2SlYrftY93lRVIiHk2I13mdDQTMEH2LGLMjngUl8WRZ4zqxRX3TCP2PPwg0NSrjHH-6NNGZOzbt5gRmhBQPz5EDaJ91js72T-wKJM_kROEeI1uztR0i76AIj1Q8q8LKAf26kDCffTtiR7wtfr0l6L0VxAOSPpxpmJOmGoLQ&sig=Cg0ArKJSzL7upWMimSirEAE&adurl=

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 Aug 2020 00:58:43 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame 11E3 0
0 18ms
13ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaRVxg6y3NX7VfdoTI2vR6Q1do2Mx5deb1gs9Jv1pPh41neR3H6qy_sm-832f0mMlRbK1gZvheOKEbyNM02IhT7e2OqYKA
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/2+Q/46 200 4140793793443590375
tpc.googlesyndication.com/simgad/ Frame BD89 45 KB
45 KB 6ms
6ms Image
image/png 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4140793793443590375

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1824bab1e2782d1b99ade3f9635c5aa4a06fd6aa15c77614cfd57ae19234494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 18:35:47 GMT
x-content-type-options: nosniff
age: 541376
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46204
x-xss-protection: 0
last-modified: Fri, 29 May 2020 08:13:38 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Aug 2021 18:35:47 GMT

GET
H/2+Q/46 200 view
securepubads.g.doubleclick.net/pcs/ Frame BD89 0
21 B 82ms
82ms Image
image/gif 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMylyVg57RHR40nhKVwhCq0T2CiZ6VBkZK_KSBt9SkUIZWmvF0_wQqyTcP2Fm6d0GOqdrewWNyhAqMykmE1AsDAbrZq-HowWB9VGbnpHcB2m32RzFTit5ieSYzGuIgC7PCSOlAOFsIp-3xiF3vTNYB7GW9BYSaVuw4-uqnU9KlWiP-cNajQWySa2mbFNT30Fexk_huFp6PT2zDvCApOH-dJU4CDf8eZ5mdXI5uKvUiSr2taSLDYJBHjtRzCUOBt4SQYeazxypccoT7Mg&sig=Cg0ArKJSzAaTB8144usREAE&adurl=

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 Aug 2020 00:58:43 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/2+Q/46 200 1079765698728896456
tpc.googlesyndication.com/simgad/ Frame 11E3 10 KB
10 KB 6ms
5ms Image
image/png 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1079765698728896456

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58e30add046061837a870a7948d3bf5846887d7044218aab5296bcf610cabf2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 07:01:48 GMT
x-content-type-options: nosniff
age: 410215
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9841
x-xss-protection: 0
last-modified: Fri, 29 May 2020 08:12:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 07:01:48 GMT

GET
H/2+Q/46 200 view
securepubads.g.doubleclick.net/pcs/ Frame 11E3 0
21 B 82ms
82ms Image
image/gif 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHiTeGNchd9iM9CsLXZVoehd0wBbVbGwTrx25pLu4HTcvcfd63wa7SRweUhM9qQqBPtpuMn97y3eUd5D3VVqg8fvCtzociVaSQEscxm6mu4wHlmQvuFCLb12ZyeVWtAlbFOJF6sYXTKudOQJU-q7YRah7fFZuyMmpGstvtbLAoX64Gmz80ZVj0unfIg3mEpSbqgcceUTddNMZBv6hKFqQtnjw7Xy6q2Iyh3PpV0ZJL8vXPYBDDVODFTGdQ_-PdN6NzVDq5xO5D_Wd69g&sig=Cg0ArKJSzP7GNQoZtmwqEAE&adurl=

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 Aug 2020 00:58:43 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/2+Q/46 200 698081795534456702
tpc.googlesyndication.com/simgad/ Frame 813D 43 KB
43 KB 6ms
5ms Image
image/png 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/698081795534456702

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3831b90fed7a4961de033fb9be5611461c92b8ff7127a49c800b96e0b3f9f07c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 07:01:48 GMT
x-content-type-options: nosniff
age: 410215
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43743
x-xss-protection: 0
last-modified: Sun, 05 Jul 2020 13:43:02 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 07:01:48 GMT

GET
H/2+Q/46 200 view
securepubads.g.doubleclick.net/pcs/ Frame 813D 0
21 B 81ms
81ms Image
image/gif 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMEnk8-5l4efI-JIB6_nd1IwhnACPb1vkHOXzqtmJauv1HzKbB3oAPLxs1q1zBcnSdRZwYW1j6ybllA5aabH9cEvYJbPySJcq2l3Kmxth3fQH4neC2W03Dy9ksekAWAvz5HlayGx0y4wNh1GBc2VyijJZQehswgwD0G9BYZxXHsrlZ3tI3j1R5SZki3BSq5lUV_5AMebukddZJsY0euGdnKoigxNF3SrnppSKdEqv5towkG8gtus0OfyYw5mb4nJP4YOK3ZztVyb1Zdg&sig=Cg0ArKJSzNY4k-VxEv3EEAE&adurl=

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 Aug 2020 00:58:43 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/2+Q/46 200 4422985656148067554
tpc.googlesyndication.com/simgad/ Frame 6DC4 91 KB
91 KB 6ms
5ms Image
image/png 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4422985656148067554

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35b38352f5082cc78e337213fee6fae8be605e96720891d92a7fc945a80ae8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 08 Aug 2020 07:30:56 GMT
x-content-type-options: nosniff
age: 754067
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93154
x-xss-protection: 0
last-modified: Fri, 29 May 2020 08:14:30 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Aug 2021 07:30:56 GMT

GET
H/2+Q/46 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6DC4 0
21 B 84ms
84ms Image
image/gif 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtXQp1qgKIgl8jKr75v7_9ZvtxLvs52TXl-UhSbfb0Acb6hBkmmrrM0Fs2d-NwqEyVgGDTrdh3fSGJyJeTjWBQECHQ9cC2KcR6DBhg_aCpJSB4-FRUFcU5J2GpPbwLVK-o57WXXmULMeT_Gcw9pG2twfK7-viu1I-8A3GqzsITNKkDykU54z3m-uCrFMgU7rvxyxpT6ZlRcATitH7uwdCr3YTBgiVa29hFlLemz1CA_WLtBUMRgdpNJ6hnfR-igJ0zr4YOxqlkq1KSG_kN2CpziAkV&sig=Cg0ArKJSzM5TVHcjFr8TEAE&adurl=

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 Aug 2020 00:58:43 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame BD89 42 B
107 B 40ms
40ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuBKb-1xwipuINuFasvH8rt2rqlUmAW3mUpbgxBLMT39W6bXuTtHvfCmzmyDri4OVJ-4JceEvH41d_69AxGWW2TABECesgXud4-11bo26A&sig=Cg0ArKJSzNUp8n4XjAjVEAE&id=ampim&o=436,10&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=99&tls=1099&g=100&h=100&tt=1099&r=v&avms=ampa&adk=2114342894

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Aug 2020 00:58:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/2+Q/46 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 11E3 42 B
88 B 39ms
39ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu9pFrEyMAS2FT13M1OhXLaUlq7SaT2JciddWS-UnOaXT7Gk_dC0Y0M5lam8fjHp90ugp5ng8UkQdQlj6noxL2KwUxFEchaO5eIPlXrLbI&sig=Cg0ArKJSzEXZiu86phO3EAE&id=ampim&o=436,825&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=97&tls=1097&g=100&h=100&tt=1097&r=v&avms=ampa&adk=197962113

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Aug 2020 00:58:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/2+Q/46 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 813D 42 B
65 B 39ms
39ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjN9JVzN_tJ9jGxaoJzL1mQNXAxtLJW5dSbqXkLodJdcUmWL-t241IoWlWugftd91VaVQ3tBOPXc5pyrQ5W00mTRMj1rff4pHn5suYcb0&sig=Cg0ArKJSzDkuPSt1oHomEAE&id=ampim&o=-31,125&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=91&tls=1092&g=89.66666460037231&h=89.66666460037231&tt=1092&r=v&avms=ampa&adk=1258262368

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Aug 2020 00:58:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/2+Q/46 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6DC4 42 B
65 B 39ms
38ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxWXFXeWJWIS40faSmigBxiNltHvKtC1eUL_j6F8uADWDnqLDgnpVmvEsF_a_BQ2D5-gc2ULqTJZTUiZR8TJ6xBfeYPTzniTPFsJwm4QY&sig=Cg0ArKJSzIhV_yxq9oQSEAE&id=ampim&o=1295,125&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=93&tls=1093&g=100&h=100&tt=1093&r=v&avms=ampa&adk=350028081

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Aug 2020 00:58:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK cookie_sync Show response
prebid.adnxs.com/pbs/v1/ 42 B
398 B 48ms
48ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.13.10 /
Resource Hash: 57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Aug 2020 00:59:07 GMT
Server: nginx/1.13.10
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://paletton.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 42
Expires: 0

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 287A 0
0 433ms
138ms Document
text/plain 67.202.110.24
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=a-jbSKipCr6QqaaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip24.67-202-110.static.steadfastdns.net
Software: 33XP005 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&ru=deb&id=a-jbSKipCr6QqaaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://paletton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://paletton.com/

Response headers

status: 204
x-33x-status: 2000208
server: 33XP005
date: Mon, 17 Aug 2020 00:59:08 GMT

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 96F5 0
0 57ms
56ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://paletton.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://paletton.com/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 29 Jul 2020 16:40:43 GMT
Content-Encoding: gzip
Content-Length: 9471
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=19829
Expires: Mon, 17 Aug 2020 06:29:37 GMT
Date: Mon, 17 Aug 2020 00:59:08 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 3E5C 0
0 59ms
57ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://paletton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://paletton.com/

Response headers

status: 204
date: Mon, 17 Aug 2020 00:59:08 GMT
set-cookie: __cfduid=d9eff3a2de88f05dc33d0e5a404860e9f1597625948; expires=Wed, 16-Sep-20 00:59:08 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 049b86709200009c09be2b1200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 5c3f7360ec829c09-AMS

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame BD04 0
0 417ms
139ms Document
text/plain 67.202.110.24
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bhKz3KipCr6QqaaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip24.67-202-110.static.steadfastdns.net
Software: 33XP003 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&ru=deb&id=bhKz3KipCr6QqaaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://paletton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://paletton.com/

Response headers

status: 204
x-33x-status: 2000208
server: 33XP003
date: Mon, 17 Aug 2020 00:59:08 GMT

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame FE38 0
0 417ms
139ms Document
text/plain 67.202.110.24
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=a1qoh-ipCr6QqaaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip24.67-202-110.static.steadfastdns.net
Software: 33XP002 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&ru=deb&id=a1qoh-ipCr6QqaaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://paletton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://paletton.com/

Response headers

status: 204
x-33x-status: 2000208
server: 33XP002
date: Mon, 17 Aug 2020 00:59:08 GMT

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 6299 0
0 416ms
139ms Document
text/plain 67.202.110.24
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=a5OAvyipCr6QqaaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip24.67-202-110.static.steadfastdns.net
Software: 33XP001 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&ru=deb&id=a5OAvyipCr6QqaaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://paletton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://paletton.com/

Response headers

status: 204
x-33x-status: 2000208
server: 33XP001
date: Mon, 17 Aug 2020 00:59:08 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame F474 0
0 168ms
58ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://paletton.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://paletton.com/

Response headers

Last-Modified: Tue, 24 Mar 2020 15:52:19 GMT
ETag: "5e7a2cb3-cefd"
Server: nginx/1.13.10
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17037
Cache-Control: max-age=86402
Expires: Tue, 18 Aug 2020 00:59:10 GMT
Date: Mon, 17 Aug 2020 00:59:08 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame A246 0
0 165ms
59ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://paletton.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://paletton.com/

Response headers

Last-Modified: Tue, 24 Mar 2020 15:52:19 GMT
ETag: "5e7a2cb3-cefd"
Server: nginx/1.13.10
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17037
Cache-Control: max-age=86402
Expires: Tue, 18 Aug 2020 00:59:10 GMT
Date: Mon, 17 Aug 2020 00:59:08 GMT
Connection: keep-alive

GET
H2 204 sync
pixel.advertising.com/ups/56465/ 0
124 B 168ms
54ms Image
text/plain 52.57.10.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.10.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-10-248.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Mon, 17 Aug 2020 00:59:08 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

sync
pixel.advertising.com/ups/55965/
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=G2JlHUoyY0cDMGBCGzZ7Qk81ZEADYDdGS2elaMN4

0
124 B

158ms
55ms

Image
text/plain

52.57.10.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=G2JlHUoyY0cDMGBCGzZ7Qk81ZEADYDdGS2elaMN4

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.10.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-10-248.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Mon, 17 Aug 2020 00:59:08 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Mon, 17 Aug 2020 00:59:08 GMT
status: 302
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=G2JlHUoyY0cDMGBCGzZ7Qk81ZEADYDdGS2elaMN4
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
264 B 64ms
62ms Image
image/gif 52.17.253.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=1&gdpr_consent=
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.253.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-253-7.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Aug 2020 00:59:08 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

GET
H2 403 /
c1.adform.net/serving/cookie/match/ 0
188 B 164ms
53ms Image
text/plain 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?CC=1&party=15&gdpr=1&gdpr_consent=&curl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55944%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3d1%26gdpr_consent%3d

Requested by

Host: paletton.com
URL: http://paletton.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Aug 2020 00:59:08 GMT
server: nginx
status: 403
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ 0
104 B 101ms
71ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1Acbb30602-e024-11ea-a472-12a779b12fd4&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: paletton.com
URL: http://paletton.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Mon, 17 Aug 2020 00:59:08 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200810&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200810/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25e334fc80d384e5c2c38f19a43458b2e37602661595b0723578f073fed53b10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 Aug 2020 00:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6098
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200810/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 17 Aug 2020 00:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Mon, 17 Aug 2020 00:59:12 GMT

GET
H/2+Q/46 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame B64A 0
0 6ms
6ms Document
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://paletton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://paletton.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Mon, 17 Aug 2020 00:45:48 GMT
expires: Tue, 17 Aug 2021 00:45:48 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 804
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/2+Q/46 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
47 B 40ms
39ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200810&jk=4261934358425384&bg=!0dKl0spYPUCVhVW526gCAAAAcFIAAAAPmQGiTns8bm9Cw7BF-wyR-TH0VTkk0xvcLuDdiBjdYDjHpa1Nfa75qhkLj_juOqpSa_LXIwqqZWKgXwJGSlhCtME04IYMM1B5T-smn8GWHTEL-FvHgGoQdu49TJ9VDshbIT16lh5cawdIXFTqut2VjyR9BYOAcDjqt4TtxKsUu6HUvFchApIguOSxdDnUym_CeafEnZdpMHIicxNvMO0Dt4dzFgrxzU45i4PpWHnJJbp5N89uF-s1xCkgCnFSSdrXCVP32iFkstbWrPauDXCQlKvp5NVJRIawUken8fdCDohoS83TRnq9L3kuPDbnNX7stTkPG61oAQIfBwmtmnMb_49DFMF8AksNNCfVZ4XIXxbk9dDdKiOUMjPJFnokuvB8Rz2IIF3SRZ0OIIoFh-CaqTU_GznkAJAbzPCpLTukCVTqXa7WH6Fiz_MfeQ6_kMH2HBQVBGUYxdHAP27oOuTgYNd4oDcrIXe3VBIXI7RDH_qTdXLx2DY1Vxj0N8e16ZsTa_xHzM41eFJKsmwy4ieDho9Cf3SQi7WyQfcceNEdyfeM0VLv9Q

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Aug 2020 00:59:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 113 B
498 B 199ms
199ms XHR
text/javascript 13.226.146.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&pid=5B6mlOyG5884Q&cb=1&ws=1600x1200&v=7.53.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F21794835430%2FPALET_1_970v%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F21794835430%2FPALET_2_120X654_Left%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21794835430%2FPALET_1_300v%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F21794835430%2FPALET_2_970v%22%7D%5D&pubid=aae5fce7-148c-42d1-b4a2-3be1a1ffbd25&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.146.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-146-86.dus51.r.cloudfront.net
Software: Server /
Resource Hash: be4f4e455452acf116fe5bcbf792a6017dcc176359400d21cb40ff4bb3ec365b

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 17 Aug 2020 00:59:13 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: DUS51-C1
status: 200
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://paletton.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 123
via: 1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront)
x-amz-cf-id: AX4RMtIlojew5pSkh8IipfoLRwpX3dpzzOuJh3ulPYqKFhUWhwS4Iw==

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 296 B
650 B 136ms
135ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.13.10 /
Resource Hash: fa67e3cbd45a59647c004602de83271a776eb4788179e1b7e93898de2f5a45cf

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Aug 2020 00:59:13 GMT
Content-Encoding: gzip
Server: nginx/1.13.10
Vary: Accept-Encoding, Origin
Content-Type: application/json
Access-Control-Allow-Origin: http://paletton.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
351 B 68ms
68ms XHR
text/plain 34.242.228.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?p=%5B%7B%22placement_id%22%3A%2212008366-45b3-4d74-9eed-985d7d8c3a99%22%2C%22callback_id%22%3A%22112f949bc3f9a2a2%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%222353779532734866045%22%2C%22bidFloor%22%3A0.01%7D%2C%7B%22placement_id%22%3A%22f8a0bd64-5e33-4e58-85e1-4ae1619879fd%22%2C%22callback_id%22%3A%22113a13f89db88327%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222353779532835529342%22%2C%22bidFloor%22%3A0.01%7D%2C%7B%22placement_id%22%3A%22f7526483-1b04-4a3d-90ef-dd8ab5d145e9%22%2C%22callback_id%22%3A%22114c2031934ea018%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222353779532642591356%22%2C%22bidFloor%22%3A0.01%7D%2C%7B%22placement_id%22%3A%22ddc51020-a7dd-4cea-bb59-d4bc650a2eb6%22%2C%22callback_id%22%3A%2211599480bf4e9556%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%222353779533003301504%22%2C%22bidFloor%22%3A0.01%7D%5D&page_url=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&bust=1597625953711&pr=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&scrd=1&dnt=false&e=0&description=In%20love%20with%20colors%2C%20since%202002.%20A%20designer%20tool%20for%20creating%20color%20combinations%20that%20work%20together%20well.%20Formerly%20known%20as%20Color%20Scheme%20Designer.%20Use%20the%20color%20wheel%20to%20create%20great%20color%20palettes.&title=Paletton%20-%20The%20Color%20Scheme%20Designer&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=2d4fb90c-0ad3-43de-8890-f097396cbdb4&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s79%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.228.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-228-34.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Aug 2020 00:59:13 GMT
status: 204
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://paletton.com
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-request-headers: Cache-Control, Pragma

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/78930/0/ 0
268 B 57ms
56ms XHR
text/plain 213.19.147.210
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/78930/0/mvo?z=1r&hbv=3.26,2.1
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://paletton.com
Pragma: no-cache
Date: Mon, 17 Aug 2020 00:59:13 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: Tengine
Connection: keep-alive

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 26 B
986 B 163ms
162ms XHR
application/json 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=337263&v=7.2&r=%7B%22id%22%3A%221210b0b9b7598d4e%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2212247ed3604a505d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337263%22%2C%22sid%22%3A%22728x90%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22123985641a961957%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337263%22%2C%22sid%22%3A%22970x90%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221240e1f4da348abe%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337265%22%2C%22sid%22%3A%22160x600%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22125dcafba95cdfb7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337267%22%2C%22sid%22%3A%22300x250%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221264dc4573ee992c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337264%22%2C%22sid%22%3A%22728x90%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22127bb5dd8546cfab%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337264%22%2C%22sid%22%3A%22970x90%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s79%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0f548df33c3abe0454b08c1ad7ed2bee0f5ce3f4490e558a14f467deef28b693

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Aug 2020 00:59:13 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: http://paletton.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 46
Expires: Mon, 17 Aug 2020 00:59:13 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 500 B
1 KB 69ms
69ms XHR
application/json 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

a35bfc6b577525c0b480859f904144b8dca92a1b8021839dc3907858e710ddd9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Aug 2020 00:59:13 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.38:80
AN-X-Request-Uuid: 79100782-3e2f-4cb1-98db-884d8cbc1c4c
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://paletton.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 500
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 470 B
1 KB 149ms
80ms XHR
application/json 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

f6ca0b7d568a26bbced2c4eb769535ce1b68f22e673b2972ba7bbffce8d5abca

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Aug 2020 00:59:13 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.140:80
AN-X-Request-Uuid: 0242a910-3026-4f32-8526-59d69195d371
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://paletton.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 470
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
190 B 56ms
56ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Aug 2020 00:59:13 GMT
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: http://paletton.com
access-control-allow-credentials: true
cf-ray: 5c3f7382fd919c09-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 049b8685d600009c09be2fb200000001

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 262 B
2 KB 148ms
147ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=209282&zone_id=1029704&size_id=55&alt_size_ids=117&rp_schain=1.0,1!adapex.io,s79,1,,,&rf=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&tk_flint=pbjs_lite_v3.26.0&x_source.tid=cbd2a9f5-4f4a-4771-8183-ab71278c8687&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6264873166860689
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 0f6d8bc7f4984a39cc9bf7476ee6ba55dd590af06ba873cd20c6d3a23d068e8e

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Aug 2020 00:59:13 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://paletton.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 262
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 3 KB
3 KB 105ms
104ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=209282&zone_id=1029708&size_id=9&rp_schain=1.0,1!adapex.io,s79,1,,,&rf=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&tk_flint=pbjs_lite_v3.26.0&x_source.tid=d1579da6-e8e3-4f55-b4b2-b33736e6d736&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.4222666215680624
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 81f5d75c637e8bba3730de87f41978b9a246fffda49778e54ce045d1db353af0

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Aug 2020 00:59:13 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://paletton.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 1452
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
2 KB 113ms
112ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=209282&zone_id=1113722&size_id=15&rp_schain=1.0,1!adapex.io,s79,1,,,&rf=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&tk_flint=pbjs_lite_v3.26.0&x_source.tid=05c5a45b-a249-4fff-83d0-b358deaec3ea&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.44721425528037395
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 645aad782a1d142033c5ab715ed70adb54e5c8d1b6e8a6df289bc144084eabcd

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Aug 2020 00:59:13 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://paletton.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 262 B
2 KB 93ms
93ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=209282&zone_id=1029706&size_id=55&alt_size_ids=117&rp_schain=1.0,1!adapex.io,s79,1,,,&rf=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&tk_flint=pbjs_lite_v3.26.0&x_source.tid=f4ba95c5-a155-49b9-8709-ec0a920bb0f9&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.039348555597316315
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 3c85ecfd6137a03c4e75ac3cbf60944b0fde64c2dfb43fb1d13a4f1ea29400fe

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 17 Aug 2020 00:59:13 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://paletton.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 262
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
110 B 164ms
56ms XHR
text/plain 35.158.189.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=tN4Arb9GkMNhhgit8KqovNUg&bidId=149038cc3f285f56&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.26.0&strVersion=3.2.1&secure=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s79%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.189.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-189-107.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 17 Aug 2020 00:59:13 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://paletton.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
110 B 163ms
55ms XHR
text/plain 35.158.189.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=mhQWFcHAvF3LzUEVgPqfJEio&bidId=15095ddf1c5d9b61&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.26.0&strVersion=3.2.1&secure=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s79%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.189.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-189-107.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 17 Aug 2020 00:59:13 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://paletton.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
110 B 163ms
56ms XHR
text/plain 35.158.189.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=gCdAjVCTGnETBTUUg7Eztsya&bidId=1519982a81fa7a24&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.26.0&strVersion=3.2.1&secure=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s79%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.189.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-189-107.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 17 Aug 2020 00:59:13 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://paletton.com
vary: Origin

GET
H2

200

ADTECH;apid=1Ade26006e-e024-11ea-926d-126f1f1ee25e;cfp=1;rndc=1597625953;v=2;cmd=bid;cors=yes;alias=160592fbe42833ed;misc=1597625953724;bidfloor=0.01 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=160592fbe42833ed;misc=1597625953724;bidfloor=0.01;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;cfp=1;rndc=1597625953;v=2;cmd=bid;cors=yes;alias=160592fbe42833ed;misc=1597625953724;bidfloor=0.01
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;apid=1Ade26006e-e024-11ea-926d-126f1f1ee25e;cfp=1;rndc=1597625953;v=2;cmd=bid;cors=yes;alias=160592fbe42833ed;misc=1...

1 KB
2 KB

150ms
150ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;apid=1Ade26006e-e024-11ea-926d-126f1f1ee25e;cfp=1;rndc=1597625953;v=2;cmd=bid;cors=yes;alias=160592fbe42833ed;misc=1597625953724;bidfloor=0.01
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 0692fcdfaa136572f6aa2e1def840b54a201cbf36f3aef8d6a20a86c4b0e21bc

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Aug 2020 00:59:14 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 1469
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Aug 2020 00:59:13 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082492/0/0/ADTECH;apid=1Ade26006e-e024-11ea-926d-126f1f1ee25e;cfp=1;rndc=1597625953;v=2;cmd=bid;cors=yes;alias=160592fbe42833ed;misc=1597625953724;bidfloor=0.01
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

200

ADTECH;apid=1Ade274c76-e024-11ea-a01a-12121b825df6;cfp=1;rndc=1597625953;v=2;cmd=bid;cors=yes;alias=161ff554758d0df4;misc=1597625953724;bidfloor=0.01 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=161ff554758d0df4;misc=1597625953724;bidfloor=0.01;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;cfp=1;rndc=1597625953;v=2;cmd=bid;cors=yes;alias=161ff554758d0df4;misc=1597625953724;bidfloor=0.01
https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;apid=1Ade274c76-e024-11ea-a01a-12121b825df6;cfp=1;rndc=1597625953;v=2;cmd=bid;cors=yes;alias=161ff554758d0df4;misc=1...

1 KB
2 KB

133ms
133ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;apid=1Ade274c76-e024-11ea-a01a-12121b825df6;cfp=1;rndc=1597625953;v=2;cmd=bid;cors=yes;alias=161ff554758d0df4;misc=1597625953724;bidfloor=0.01
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 48923624baa92d4f4266e8ba36207e4ed73dae6286623c1e3b23dbace5fa4822

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Aug 2020 00:59:14 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 1469
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Aug 2020 00:59:13 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10329.1/5082495/0/0/ADTECH;apid=1Ade274c76-e024-11ea-a01a-12121b825df6;cfp=1;rndc=1597625953;v=2;cmd=bid;cors=yes;alias=161ff554758d0df4;misc=1597625953724;bidfloor=0.01
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://paletton.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 67 B
627 B 137ms
136ms XHR
application/json 52.44.109.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.109.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-109-214.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: e8b5c9d6822dc8ccf3824ecfa33237e1bb273c3dc6fc747a0196a1686be119a7

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Aug 2020 00:59:13 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://paletton.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 67 B
632 B 139ms
138ms XHR
application/json 52.44.109.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.109.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-109-214.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 3fc06e55ac9def277251034bf8eaeae0dba7f4462edd458bdeba3d3c7f229961

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Aug 2020 00:59:13 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://paletton.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 67 B
638 B 138ms
138ms XHR
application/json 52.44.109.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.109.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-109-214.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 28c17f58cd120fbce57a3f077ca6c642ec654014d4e29c27a4cc027ab9fbd47c

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Aug 2020 00:59:13 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://paletton.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 67 B
627 B 139ms
139ms XHR
application/json 52.44.109.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: cdn.adapex.io
URL: http://cdn.adapex.io/hb/aaw.plt-2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.109.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-109-214.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: e28d1a471dd1ad94e530a97915abd1ecca528dbee3f439c29bf32c451b503d6f

Request headers

Referer: http://paletton.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Aug 2020 00:59:13 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://paletton.com
access-control-allow-credentials: true

GET ads
securepubads.g.doubleclick.net/gampad/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4261934358425384&correlator=4191914382592997&output=ldjh&impl=fifs&adsid=NT&eid=21064368%2C21066904%2C21066942%2C44718034%2C21066706&vrg=2020080501&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200817&iu_parts=21794835430%2CPALET_1_970v%2CPALET_2_120X654_Left%2CPALET_1_300v%2CPALET_2_970v&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%7C970x90%2C160x600%7C120x600%7C120x240%7C120x654%2C320x50%7C300x250%7C336x280%2C728x90%7C970x90&fluid=0%2C0%2Cheight%2C0&rcs=1%2C1%2C1%2C1&prev_scp=refreshIteration%3D1%26refresh_count%3D1%26amznbid%3D2%26amznp%3D2%26dah%3D4878065881%26lad%3D4878065881%7CrefreshIteration%3D1%26refresh_count%3D1%26amznbid%3D2%26amznp%3D2%26dah%3D4878065881%26lad%3D4878065881%7CrefreshIteration%3D1%26refresh_count%3D1%26amznbid%3D2%26amznp%3D2%26dah%3D4878065881%26lad%3D4878065881%7CrefreshIteration%3D1%26refresh_count%3D1%26amznbid%3D2%26amznp%3D2%26dah%3D4878065881%26lad%3D4878065881&eri=1&cust_params=wrapversion%3D3%26browserLangCode%3DEN-US%26sesDepth%3D1%26referrer%3D_none&cookie_enabled=1&bc=23&abxe=1&lmt=1596098076&dt=1597625954073&dlt=1597625921522&idt=1339&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C1295%2C-31%2C325&adys=10%2C125%2C125%2C825&adks=2114342894%2C350028081%2C1258262368%2C197962113&ucis=5%7C6%7C7%7C8&ifi=6&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fpaletton.com%2F%23uid%3D1000u0kllllaFw0g0qFqFg0w0aF&dssz=37&icsg=2254136544274976&std=0&vis=1&scr_x=0&scr_y=0&psz=1600x25%7C160x600%7C300x250%7C950x25&msz=1600x90%7C160x600%7C300x250%7C950x90&ga_vid=173610426.1597625923&ga_sid=1597625923&ga_hid=1391014161&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js(Line 422) Message: Powered by AMP ⚡ HTML – Version 2007302351000 http://paletton.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js(Line 422) Message: Powered by AMP ⚡ HTML – Version 2007302351000 http://paletton.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js(Line 422) Message: Powered by AMP ⚡ HTML – Version 2007302351000 http://paletton.com/
console-api	warning	URL: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js(Line 21) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMylyVg57RHR40nhKVwhCq0T2CiZ6VBkZK_KSBt9SkUIZWmvF0_wQqyTcP2Fm6d0GOqdrewWNyhAqMykmE1AsDAbrZq-HowWB9VGbnpHcB2m32RzFTit5ieSYzGuIgC7PCSOlAOFsIp-3xiF3vTNYB7GW9BYSaVuw4-uqnU9KlWiP-cNajQWySa2mbFNT30Fexk_huFp6PT2zDvCApOH-dJU4CDf8eZ5mdXI5uKvUiSr2taSLDYJBHjtRzCUOBt4SQYeazxypccoT7Mg&sig=Cg0ArKJSzAaTB8144usREAE&adurl=
console-api	info	URL: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js(Line 422) Message: Powered by AMP ⚡ HTML – Version 2007302351000 http://paletton.com/
console-api	warning	URL: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js(Line 21) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHiTeGNchd9iM9CsLXZVoehd0wBbVbGwTrx25pLu4HTcvcfd63wa7SRweUhM9qQqBPtpuMn97y3eUd5D3VVqg8fvCtzociVaSQEscxm6mu4wHlmQvuFCLb12ZyeVWtAlbFOJF6sYXTKudOQJU-q7YRah7fFZuyMmpGstvtbLAoX64Gmz80ZVj0unfIg3mEpSbqgcceUTddNMZBv6hKFqQtnjw7Xy6q2Iyh3PpV0ZJL8vXPYBDDVODFTGdQ_-PdN6NzVDq5xO5D_Wd69g&sig=Cg0ArKJSzP7GNQoZtmwqEAE&adurl=
console-api	warning	URL: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js(Line 21) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMEnk8-5l4efI-JIB6_nd1IwhnACPb1vkHOXzqtmJauv1HzKbB3oAPLxs1q1zBcnSdRZwYW1j6ybllA5aabH9cEvYJbPySJcq2l3Kmxth3fQH4neC2W03Dy9ksekAWAvz5HlayGx0y4wNh1GBc2VyijJZQehswgwD0G9BYZxXHsrlZ3tI3j1R5SZki3BSq5lUV_5AMebukddZJsY0euGdnKoigxNF3SrnppSKdEqv5towkG8gtus0OfyYw5mb4nJP4YOK3ZztVyb1Zdg&sig=Cg0ArKJSzNY4k-VxEv3EEAE&adurl=
console-api	warning	URL: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js(Line 21) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtXQp1qgKIgl8jKr75v7_9ZvtxLvs52TXl-UhSbfb0Acb6hBkmmrrM0Fs2d-NwqEyVgGDTrdh3fSGJyJeTjWBQECHQ9cC2KcR6DBhg_aCpJSB4-FRUFcU5J2GpPbwLVK-o57WXXmULMeT_Gcw9pG2twfK7-viu1I-8A3GqzsITNKkDykU54z3m-uCrFMgU7rvxyxpT6ZlRcATitH7uwdCr3YTBgiVa29hFlLemz1CA_WLtBUMRgdpNJ6hnfR-igJ0zr4YOxqlkq1KSG_kN2CpziAkV&sig=Cg0ArKJSzM5TVHcjFr8TEAE&adurl=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5d03b48982630f9f1bfcf5487d9befe8.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ads.yieldmo.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ajaxhttpheaders.appspot.com
aol-match.dotomi.com
api-public-oci-origin.addthis.com
api-public.addthis.com
as-sec.casalemedia.com
backend.upapi.net
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
cdn.adapex.io
cdn.ampproject.org
cdn.cookielaw.org
cdn.districtm.io
code.jquery.com
dmx.districtm.io
eus.rubiconproject.com
fastlane.rubiconproject.com
googleads.g.doubleclick.net
graph.facebook.com
gum.criteo.com
ib.adnxs.com
m.addthis.com
match.adsrvr.org
mrb.upapi.net
mug.criteo.com
pagead2.googlesyndication.com
paletton.com
pixel.advertising.com
pixel.quantserve.com
prebid.adnxs.com
s7.addthis.com
securepubads.g.doubleclick.net
ssc-cms.33across.com
ssc.33across.com
stats.g.doubleclick.net
tag.1rx.io
tpc.googlesyndication.com
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.paypalobjects.com
z.moatads.com
code.jquery.com
s7.addthis.com
securepubads.g.doubleclick.net
104.111.228.123
104.111.230.142
104.16.68.69
129.146.196.240
13.226.146.86
130.211.23.194
172.217.21.230
178.250.0.157
185.33.220.241
2.18.232.130
2.18.234.21
2.18.235.40
213.19.147.210
216.58.210.2
23.210.248.44
2606:2800:233:97b6:26be:138a:cba8:bb01
2606:4700:20::681a:346
2606:4700:20::681a:81b
2606:4700:3036::681c:1be7
2606:4700::6810:9540
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:800::2002
2a00:1450:4001:800::2004
2a00:1450:4001:801::2002
2a00:1450:4001:802::2001
2a00:1450:4001:806::200a
2a00:1450:4001:815::2008
2a00:1450:4001:815::200e
2a00:1450:4001:816::200e
2a00:1450:4001:819::2001
2a00:1450:4001:81b::2002
2a00:1450:4001:81d::2004
2a00:1450:4001:81d::2014
2a00:1450:4001:81f::2001
2a00:1450:4001:81f::2002
2a00:1450:4001:820::2002
2a00:1450:400c:c0c::9a
2a02:2638:1::13
2a02:fa8:8806:16::1400
2a03:2880:f02d:e:face:b00c:0:2
34.242.228.34
35.158.189.107
37.157.4.24
37.252.161.190
52.17.253.7
52.44.109.214
52.57.10.248
52.95.124.170
67.20.76.187
67.202.110.24
69.173.144.141
0044309d787293331cf7c18367115d0126a51f6a4107ea8479fcef7c4c091f58
00937aa0673a32309e417179ca32ac012b38e33ee27d37377a8984e98353bdae
0231264c406dd6161cd30ce55291449962a191eefd1069e8ab65a09bfea56d71
03a81e8d1eb1ade2a13d541d80ef1919d56b30e7839773c26f6ab84928ba06be
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0692fcdfaa136572f6aa2e1def840b54a201cbf36f3aef8d6a20a86c4b0e21bc
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08a87c858f232bb558f8aff50b81b5bb85ad50e7a5ffa70dff0ca72a08760221
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0bd0bc4edd5e4b256b9c40ce082680ad16a78ac5faf4d3337d39cf9605518bfe
0f548df33c3abe0454b08c1ad7ed2bee0f5ce3f4490e558a14f467deef28b693
0f6d8bc7f4984a39cc9bf7476ee6ba55dd590af06ba873cd20c6d3a23d068e8e
137e41c449677deb7c8da3afde63fc781b095bb028f78b789be44192e8e3f4be
20a2fef6535c671d61a50aae613094bbc16a0e0261d3e9ae33262798be1457da
2157177c0f88c0ed5fd3b39d2ea42b21e73bf6e32b597704cb4d46ecf7e8c828
25e334fc80d384e5c2c38f19a43458b2e37602661595b0723578f073fed53b10
27ff7ba3bedcc63bea7c0da0b709cbbd73fb356696ca294ada4045182be52c8b
28c17f58cd120fbce57a3f077ca6c642ec654014d4e29c27a4cc027ab9fbd47c
2a11c3cacfbded7041489b3c0e3656c809c54ea434ba85f0b5b1c3a814238632
2a7a5100d1b04b40f49ec3661a2ce57d3af5acbd35497cd946e87912a6c9e021
2b165d80858704d9fdc67f2b05fa5ab701c254203c9f9b8bd4f1fd695cf0c47a
3177a76aadf4fe5c7ee7fba5823116009ca3bfd09a18671788aceb2d8ce46395
3451f26a836acb1af177f2cbebba4570190e41943f59fbdc5d360f3d33628286
35b38352f5082cc78e337213fee6fae8be605e96720891d92a7fc945a80ae8de
3831b90fed7a4961de033fb9be5611461c92b8ff7127a49c800b96e0b3f9f07c
39067599e3398209915689830a0ae6562c493905b2ba52e4e4f51e62d7f69f13
39b8196df8565826ec39b8d848e26405d874f03ffe238ccfa8f253594f3393dc
3c85ecfd6137a03c4e75ac3cbf60944b0fde64c2dfb43fb1d13a4f1ea29400fe
3e83640841db25203191361f884ae3396f0ca41611d61c83e7b7f8ecbbff59ba
3fc06e55ac9def277251034bf8eaeae0dba7f4462edd458bdeba3d3c7f229961
48923624baa92d4f4266e8ba36207e4ed73dae6286623c1e3b23dbace5fa4822
57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf
582266676eeeb9fa8fa159c085cc3e96b9ee2674f2c6b51abfd31118794e823b
58e30add046061837a870a7948d3bf5846887d7044218aab5296bcf610cabf2a
5f527ad94f536aea3fd9f50b3401e7e5a677f4cf4bc7fc40d3cd01d5e73e3d0a
6351eef98afd28e4147aa4e87a197c4dc29dcf7fe364b17e88a38aeb8ea2fcbc
645aad782a1d142033c5ab715ed70adb54e5c8d1b6e8a6df289bc144084eabcd
6679c20efcce098f1228e4cedf3021692f0b284115b040dda592bd0173ff8739
66cfd93f20fe1bb1545202b2138ec00c34d51f2cf915409404f4615560dcf7cb
68ff86e6a3bc683739e7190e4efaff20bbafe0d89c99c42c1b17163ef5203968
6c2e8cc6bb34d90c88a96d20554236a69f0e8f82fd2c3d311eca6e604615a363
73d7ea3d0a15f6d653a23bc31e35d81c6d75cb99cf2cc77ec3eeaa6907066044
7933729e0deac5e5ecfecd8696e52e4fad1af99a23df047644d8bd54ad53daf2
81f5d75c637e8bba3730de87f41978b9a246fffda49778e54ce045d1db353af0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838e8849e28c2ad9a08816be6d9d284f9f585bbb62b75c1f74c3b4954d5a474e
899fd48b4c04a77b990189c421b5c6bade73123ba480a31d0aadcce4a5e8fa43
8cbcb968ea965e08c041941e1d70761e77f555e3b6c2ba707f3cb84067301ef5
8cd8b4160067bbd2cb67c6c7cba5901e4d31f67b17675cb66eecaa0efce1653c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e35a94e34ceef5b27ac32ce4eb7bc9caeb8880368c5763cccc324964ca6244a
920f93ffa03bf6bc02da499e4698fd28b97acf38b63ef57429de6a6cff873ffa
9275fc6aca0d205550d5dac655167f97ab867ac8d9daf3d809168a0cb1367e95
945eb280e0ea53f496c8f44e5d8ff9e6b89caf045846d31dbc9d103188a4c829
9a21963af0fc87d11e1deac7b030915e75fddf4378d2fa2eb55b8d6f6f453b44
9e4e025c7f5a11e3c38a0a628d90e86f5abe8bedd33474cc56eecbbd531d41ad
a1f1815258088d6bc670cc7a918b8674537233fd3e191f99a526f8b932ed63cf
a35bfc6b577525c0b480859f904144b8dca92a1b8021839dc3907858e710ddd9
a7fb846925485c1510f4e2aabb7d00e0e61cac8da30d5026ad73fcfec7a62351
b591532ea43780c27ee2f59079c4ad5f0389197b204c6ce269c8591db9681cdd
b9f9a63dce6e1978e51a4d8ca4d27330228ada97fbfd686a1749f00078898bb4
bd8a930a5868e8b086559bfe13457258962d2d5b05401c934e0a935b2b2f2e09
be4f4e455452acf116fe5bcbf792a6017dcc176359400d21cb40ff4bb3ec365b
bf1e7c6855f974e3ada0142d5d936635e1fcd36489ab33337502a435dfcf4b39
c034c5449892b757578f47372b8ad2abe92493e887ba51bc95c109a7f7c596d8
c138155605cc246182faa0e74f267845732eff694ba80165b50e2a8f8e8cd8a3
c1824bab1e2782d1b99ade3f9635c5aa4a06fd6aa15c77614cfd57ae19234494
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2aed5bf8194c37ebd1a16c093e0a301596aa978e9f43716baaaa519dd539c19
c2b27caef0bf2dfca09290ec03af3d78a112724a6884d34c7b4a7350dc843f3e
c31bd367f92010873c7c3a3bf486017a905c8985c74f3a90073f35e0fda77f58
c32ccacaeb3ee7154cef4c903713481b2b857d2405fa81fdc9c3db63fe8cad0c
c3ec2cd8be237a81965e17c0bbc842514d45b0b491cc22316bf60904e93d82e6
c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96
c5dc61f3b52dd55dd71e5e57efbf5e2d9273654abc821aa419043f054d9e6b66
c9dff1eaf6ad348461c9cf6c69d849ff0ceff7de5d250ba3df07f7a7e601c3c1
ca2d0c4d487935644c340668acaef4b71796c8f0eee76ff10c9018210a591130
cadb948cbbfeee8fce2ae36727c6fabc3fdd55ff4fc10998553a1b8e2e72a963
cdbb7f56bfd584fb0a664ed9a895521e4c1746ee61fae1f6fd642408b36514e1
ce132944e0795471833105b78b52ad891c5b239ce74cda31be232fbdfbbb30e6
ce339d9a4b54d3059f621cfe4e76235aa61312b6e28895a02b409ce2493b7f03
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfcca9088357c8e1dd7736e665bb6dbe5ddcfa56dc2f80351566688ee0d7e8bf
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dc422a7171f398a453cfe1de84003ee589fe0e7371db41e8c95b954db5b4c20a
dcdcd0277e3c5f2c9c4e7109b03ca071a9778bf73d147cbaac01af65d494fb3c
e28d1a471dd1ad94e530a97915abd1ecca528dbee3f439c29bf32c451b503d6f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40983eaca84dd50a52b671ac07b067ac7db19050d974f5fc1ca4a9f6c83b5cd
e41f07eced66e12809bec654b0a18677a78a7814525dcb6b99934d0b4bcecfc4
e8b5c9d6822dc8ccf3824ecfa33237e1bb273c3dc6fc747a0196a1686be119a7
eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746
ee2af3678bf56d72d7f5aabb08dbe7284d1531b1f8c4578b6e899a65d0dc900c
ee821f0f1edcccad109280a2ae9279957f8373d81b612421c3a263f280de5444
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0450e0d9069c0dc6ca8ae95f039f5e804fd7677abb488539a501c75a2937452
f04ce93c5edb2e0cb2d8419225e4d2e1fc76ac6195f9c6958f8f44811b1eb1f3
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
f6ca0b7d568a26bbced2c4eb769535ce1b68f22e673b2972ba7bbffce8d5abca
fa67e3cbd45a59647c004602de83271a776eb4788179e1b7e93898de2f5a45cf
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

paletton.com Open in urlscan Pro 67.20.76.187 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

166 Requests

73 %HTTPS

49 %IPv6

36 Domains

54 Subdomains

50 IPs

10 Countries

2129 kBTransfer

5421 kBSize

0 Cookies

1 Outgoing links

Redirected requests

166 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

paletton.com Open in urlscan Pro
67.20.76.187 Public Scan

Screenshot
Live screenshot

Full Image

166
Requests

73 %
HTTPS

49 %
IPv6

36
Domains

54
Subdomains

50
IPs

10
Countries

2129 kB
Transfer

5421 kB
Size

0
Cookies

166 HTTP transactions
4 data transactions